[Owasp-board] TO-DO: First round of voting for OWASP SoC 08

dinis cruz dinis.cruz at owasp.org
Mon Mar 31 14:17:08 UTC 2008

Ok guys, It is that time of the year again, SoC 08 voting

As you can see here
http://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Applications we
received 38 applications. In order to make the voting process a bit easier
me and Paulo have been working on the model you see below.

Using my (Dinis) subjective criteria (which you are of course more than
welcome to disagree), we broke down the applications into 3 categories:

   1. Proposals for majority vote
   2. Proposals for 'selection criteria' vote
   3. Proposals which require further clarifications.

You can can see the links to all of the above in this WIKI page:
http://www.owasp.org/index.php/OWASP_Summer_0f_Code_2008_:_Selection   (for
your convenience we created separate WIKI pages for each category)

The idea with separating it like this, is due to the fact that some
proposals (due to their quality and candidate's past delivery track record)
should be approved without much discussion (note that one application is
already approved and work had started last Jan ("OWASP Application Security
Desk Reference (ASDR)" (I casted your votes on this one :) ))

So the first thing you need to do is to print out this page
open this googledoc spreadsheet
cast your vote (let us know if you have any further questions on these
applications or if you want to add some 'request for further details on
summited proposal')

Then (once you done the first round of voting), have a look at the comments
I made on
see if you want to add anything to it? (Paulo is going to contact each
one of those candidates and ask them to respond)

Have a look at the projects in
will be voted here
. I haven't added my votes to this list since I prefer to do all at the same
time (and several from the 'Proposals which require further clarifications.'
will be added to this list).

One important area that I would like you to double check, are my mappings to
the budget allocated to each project. I used a mixed criteria to come up
with the list of projects that should receive a 5,000 USD grant and the ones
that should receive 2,500 USD. My criteria was based on the size /complexity
of the project and the candidate's delivery track record on past Seasons of
Code sponsorship. Note that once we select an application, Paulo will
contact each applicant and reconfirm that they are ok with the budget and

As with SpoC we might have an interesting case where we could just about
sponsor ALL applications (Lockpick application has beed dropped). The
current total (using my numbers) is just about 100,000 USD (although this
doesn't include both applications to the Fortify project which I want to
deal separately (will send a follow up email about it). Note that past
experience shows that we have about 20% drop rate (i.e. projects not
completed for which we don't make any payments to) so I would recommend that
we give the benefit of the doubt to the less powerful applications (one area
which there is a clear improvement from the past is on the experience of the
candidates (we also have a couple more universities involved))

The original deadline for results was tomorrow which is not realistic (given
the need that we still have for some responses to our comments), so we will
tell the candidates that we will take at least 1 more week. That said, if
you are OK with it, I would like to let the candidates on the 'majority
vote' list of they have been selected (and btw, note that at the moment all
owasp.org emails holders have read access to those spreadsheets (This is a
great case study for openness and transparency))

Please cast your votes ASAP


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20080331/fc78907a/attachment-0002.html>

More information about the Owasp-board mailing list