[Owasp-board] All set to go with OWASP
Andrew van der Stock
vanderaj at owasp.org
Tue Jun 19 08:09:42 UTC 2007
(minus Janek for now).
This agreement says that we aren¹t publishing any material that :
a) The Work does not contain any libelous or obscene material or
injurious formulas, recipes, or instructions.
In some ways, the testing Guide could be taken to be a compendium of how to
break software. Is this ³injurious² instructions under this definition?
Especially in Germany with its new ridiculous law banning most of what we
do. Effectively, if it isn¹t and if he is sued, we carry the can according
to this contract.
The only works we can easily publish with this contract are the Top 10 2007
and the Testing Guide. The OWASP Guide 2.0 still has a very murky ©
situation and would need assignment from those who contributed (about 40 or
so folks). Let¹s start out with the Top 10 2007 and the Testing Guide 2.0.
The ³publishing² right this term is not defined nor made clear
a) The Foundation has full rights to the Work and is free to assign
the rights to publish the Work to the Publisher under the terms of this
In particular, does he deem this to include:
* Electronic rights i.e. Can we continue to offer the PDF and Word
* Distribution rights i.e. If we buy discounted books to offer to our
members (say) for free or cheaper than Amazon, are we allowed to do that? It
talks about us buying copies at a discount, but not what we can then do with
them. It is usual practice to provide authors with 20-50 copies of their
work at a discount so they can hand out copies from their personal stash to
friends and family. This clause may be related to that.
* Translation rights i.e. If someone translates the book for us, are we
free to offer that to a different publisher?
* Reprint rights some publishers have a lower margin for reprints after
the main print run.
I¹d really like it to be tightened: be specific that it only amounts to the
rights to publish in hard or soft cover form the edition of the work we
submit (not any later versions), and we reserve all the other subsidiary
rights unless specifically assigned. Jeff you¹re a lawyer what do you
Lastly, who would sign the contract? I believe I am not an official office
holder as I¹ve never signed my life away nor have I been formally appointed
beyond a press release. I think you¹re in the same spot, Dinis. Dave, Jeff
should we clear this up now or can one of you two sign it?
On 6/18/07 5:07 AM, "Dinis Cruz" <dinis at ddplus.net> wrote:
> Any comments?
> Dinis Cruz
> Chief OWASP Evangelist
> On 6/18/07, Jacek Artymiak <jacekartymiak at gmail.com> wrote:
>> Please review the contract I'm sending you with this message. Feel
>> free to pass it on to your colleagues for comments and review.
>> On 6/1/07, Dinis Cruz <dinis at ddplus.net> wrote:
>>> > Jacek
>>> > We are all set to go. The only confirmation that the OWASP board wants to
>>> > receive is that there is no copyright assigment to you and that OWASP in
>>> > future is free to publish these materials with other publishers.
>>> > So what are the next steps?
>>> > What do you need from me/OWASP?
>>> > Dinis Cruz
>>> > OWASP
>> Jacek Artymiak
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board