[Owasp-board] [Owasp-leaders] Abuse of the OWASP brand: http://www.owasptop10.nl

Jeff Williams jeff.williams at owasp.org
Wed Jun 10 20:02:59 UTC 2009


I think this may not be a good use of our funds.

I'm not an expert in EU trademark law, but I believe it to be relatively similar to US trademark law.  In general, you do not need to *register* your trademark. There are a few benefits to doing so, but it is not required.  You can even enforce it in court without registering.

I believe there is very little doubt that we have established the trademarks "OWASP" and "Open Web Application Security Project" in most countries in the world. Under the ICANN procedures for domain name disputes, we *do not* need a registered trademark to enforce our rights.

The best outcome would be if they will willingly give up the domain. We should make it clear that we are willing to force them to relinquish it if necessary.  That will cost us some money ($1000-$1500 US roughly).  But it would be best if they just handed it over.

--Jeff

Jeff Williams, Chair
The OWASP Foundation
Work: 410-707-1487
Main: 301-604-4882


> -----Original Message-----
> From: sebastien.deleersnyder at gmail.com
> [mailto:sebastien.deleersnyder at gmail.com] On Behalf Of Seba
> Sent: Tuesday, June 09, 2009 1:48 PM
> To: OWASP Foundation Board List; Jeff Williams
> Subject: Fwd: [Owasp-leaders] Abuse of the OWASP brand:
> http://www.owasptop10.nl
> 
> I have applied for EU trademark (see attached) can you review this (I
> have applied for very generic classes to cover OWASP Open Web
> Application Project as word trademark) ?
> 
> Cost to proceed is € 1200 with wire (details see doc)
> 
> ok to proceed?
> 
> regards
> 
> Seba
> 
> 
> 
> ---------- Forwarded message ----------
> From: Blake Cornell <blake at owasp.org>
> Date: Mon, Jun 8, 2009 at 11:17 PM
> Subject: Re: [Owasp-leaders] Abuse of the OWASP brand:
> http://www.owasptop10.nl
> To: owasp-leaders at lists.owasp.org
> 
> 
> Some testicular fortitude ripping web app sec content and putting it on
> a web page.  This gives new meaning to red teaming...
> 
> Jokes aside, a reasonable explination is required from these folks or a
> cease and decist order may be required.
> 
> -Blake
> ________________________________
> From: owasp-leaders-bounces at lists.owasp.org
> [mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Justin
> Clarke
> Sent: Monday, June 08, 2009 5:04 PM
> To: owasp-leaders at lists.owasp.org
> Subject: Re: [Owasp-leaders] Abuse of the OWASP brand:
> http://www.owasptop10.nl
> 
> As far as I’m aware, the US entity should be able to file for an EU
> trademark. This is quite common as, unlike the US, the EU is a “who
> files first” as opposed to “who used it first” regime when it comes to
> trademarks..
> 
> Justin
> 
> On 08/06/2009 21:45, "Martin Knobloch" <martin.knobloch at owasp.org>
> wrote:
> 
> Anyone who has been to the summit in Portugal, if am not mistaken there
> was a discussion about that. Right?
> 
> Justin, What type of legal entity do we need to be? Can the foundation
> board register an EU trademark?
> 
> On Mon, Jun 8, 2009 at 10:34 PM, Justin Clarke
> <justin.clarke at owasp.org> wrote:
> 
> One things which would be useful to consider is filing to register an
> EU trademark over “OWASP” as well as other marks.  >From memory it costs
> around €300 to file a trademark which is valid across the entire EU.
>  US trademarks are not enforceable outside of the US.
> 
> Justin
> London chapter leader
> 
> 
> 
> On 08/06/2009 21:28, "Martin Knobloch" <martin.knobloch at owasp.org
> <http://martin.knobloch@owasp.org> > wrote:
> 
> We where planning this already, before this situation occured.
> 
> 
> On Mon, Jun 8, 2009 at 10:26 PM, Sebastien gioria <seb at gioria.org
> <http://seb@gioria.org> > wrote:
> 
> Hello All,
> 
> I think it's time to have some leaders-discussion about to make a
> "legal" representation in some country.
> 
> In France, we have take the decision to make a French non-profit to
> keep the OWASP brand under control. We think this is a good idea to all
> country who can do the same.
> 
> 
> Le 8 juin 09 à 22:10, Martin Knobloch a écrit :
> 
> Hi all,
> 
> Thanks for letting us know! We know them and will handle this!
> 
> The content of this site is misleading as it suggest it would be part
> of OWASP. Therefore we could take legal actions. First we will try it
> the nice way and talk to them.
> Generally spoken, the problem is OWASP is not a registred trademark in
> neither Europe nor the Netherlands! There is also a site
> http://www.owasp.nl, but we have no legal justicy to act against them
> becaus of we are not a trademark.
>  ..please correct me if this has changed!
> 
> Regards,
> Martin
> 
> 
> On Mon, Jun 8, 2009 at 2:50 PM, Justin Clarke <justin.clarke at owasp.org
> <http://justin.clarke@owasp.org> > wrote:
> 
> 
>  This would seem to be a violation of OWASP’s brand usage over “name,
> domain, logos, project names, and other trademarks” -
> http://www.owasp.org/index.php/OWASP_brand_usage_rules
> 
>  Of course, the real trick is what to do about it – does anyone know
> these guys?  Can ask them to refrain from using the OWASP brand and
> marks?
> 
>  Justin
>  London chapter leader
> 
> 
> 
>  On 08/06/2009 10:11, "Erwin Geirnaert"
> <erwin.geirnaert at zionsecurity.com
> <http://erwin.geirnaert@zionsecurity.com>
> <http://erwin.geirnaert@zionsecurity.com> > wrote:
> 
> 
> 
> Hi list,
> 
>  Just googled for Owasp Top 10 and I got here: http://www.owasptop10.nl
> 
>  This is a site in Dutch offering OWASP Top 10 scanning services, an
> ‘initiative’ from 2 companies.
> 
>  Is this something that Owasp is aware of? And supports?
>  Any steps that Owasp can take if this is not allowed?
> 
>  Best regards,
> 
>  Erwin
>  OWASP Belgium Board Member
> 
> ________________________________
>  Note:
>  This message is for the named person's use only.  It may contain
> confidential, proprietary or legally privileged information.  No
> confidentiality or privilege is waived or lost by any mistransmission.
>  If you receive this message in error, please immediately delete it and
> all copies of it from your system, destroy any hard copies of it and
> notify the sender.  You must not, directly or indirectly, use,
> disclose, distribute, print, or copy any part of this message if you
> are not the intended recipient. ZION SECURITY and any of its
> subsidiaries each reserve the right to monitor all e-mail
> communications through its networks.
>  Any views expressed in this message are those of the individual
> sender, except where the message states otherwise and the sender is
> authorized to state them to be the views of any such entity.
> 
>  Thank You.
> 
> ________________________________
>  Scanned by MailMarshal - Marshal's comprehensive email content
> security solution. Implemented and supported by ZION SECURITY.
> 
> ________________________________
> 
> ________________________________
> _______________________________________________
>  OWASP-Leaders mailing list
>  OWASP-Leaders at lists.owasp.org <http://OWASP-Leaders@lists.owasp.org>
> <http://OWASP-Leaders@lists.owasp.org>
>  https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> 
> _______________________________________________
>  OWASP-Leaders mailing list
>  OWASP-Leaders at lists.owasp.org <http://OWASP-Leaders@lists.owasp.org>
>  https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
>  _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org <http://OWASP-Leaders@lists.owasp.org>
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org <http://OWASP-Leaders@lists.owasp.org>
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> 
> ________________________________
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org <http://OWASP-Leaders@lists.owasp.org>
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> 
> ________________________________
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders




More information about the Owasp-board mailing list