[Owasp-board] (OWASP BOARD) comment on RFC: Two proposed next tweaks to the services registry

Eoin eoin.keary at owasp.org
Tue Jun 1 08:53:25 UTC 2010


Dinis and I said we wanted be co leads on the project for obvious reasons
(governance).
He has been dealing with Dinis and I, Jeff and Dave have not really said
much on this matter to memory.

Eoin



On 1 June 2010 00:25, Tom Brennan <tomb at owasp.org> wrote:

> Mike made claim tonight when he called me that he has been working very
> very closely with Dave and Jeff on this project - so either a. that is
> false, b. this is true (hence my suggestion to call them)
>
> Personally as i expressed on the last board call OWASP Commercial Services
> should be OWASP Community Services if a registry/phone book was the goal and
> I liked
> http://www.securityscoreboard.com/reviews/tag/productsoffered/webapplicationsecurity;)
>
> Will try to skype you tomorrow wrapping up the holiday here in the USA
> then headed to OWASP Denver FROC so will talk wit hDavid Campbell and then
> to OWASP Mexico for chats with Juan so by the time we get to OWASP Sweden
> should have lots of points of view on this one.
>
>
>
>
>  On May 31, 2010, at 7:13 PM, dinis cruz wrote:
>
>  Tom, *what we agreed was that we were going to try to figure out the
> model to get this done. *In following threads/developments it was (sort
> of) established that two Board members (me and Eoin) would be directly
> involved in this (since Jeff and Dave didn't had a lot of cycles to be
> involved).
>
> Since I did spoke with Mike before I sent you my last email with the
> proposed plan, the least he should have done is waited for the follow up
> conversation and not have sent that email to the leaders list.
>
> I know Mike is putting a lot of energy into OWASP, but he is also
> generating a LOT of negative energy with his actions, for example I had
> several KEY OWASP Leaders last week talking to me about Mike's behaviour and
> how worried they are about how things were being done. My view is that we
> need to calm him down, or remove him since his current attitude to OWASP is
> not healthy at all
>
> For example, part of the reason for the low voting is most likely directly
> related to how low 'street-cred' Mike has in OWASP (can you find one or more
> OWASP Leaders that can recommend him?). I will not comment (for now) on what
> is happening on the other projects that Mike is involved, but on this case
> (the OWASP Commercial Services) he is way out of line and needs to
> be controlled.
>
> Tom or Jeff, if Mike listen to you guys, you need to talk to him, since he
> is clearly too piss-off with me to realize that I am actually trying to help
> him (both personally and professionally)
>
> And btw, I did try to call Jeff and Tom but couldn't get through (I've
> already spoken to Eoin and Matt  last week and need to follow up on Seba &
> Dave).
>
> I'm happy to talk about this anytime so please either call me or let me
> know when it is a good time to talk.
>
> I will again ask that you read my email with the proposed model for the
> 'OWASP Commercial Services' and chip-in with you comments.
>
> Dinis Cruz
>
>
> On 31 May 2010 23:26, Tom Brennan - OWASP <tomb at owasp.org> wrote:
>
>>  I am a bit confused. This was approved by the board and Jeff agreed to
>> work with Mike on this effort.  Mike has been giving cycles to owasp
>> working with both Dave and Jeff on this effort.
>>
>> The recent email vote was very poor 39 people vote - terrible.  We need to
>> have a paid owasp member list and call that owasp-leaders (topic for another
>> meeting) if we are going to use voting to override ethics and principals.
>>
>>
>> Dinis, have you spoken to either Jeff/Dave on this topic on the phone for
>> clarrification? This is not going to be cleared up during a 60 min board
>> call so would be ideal if you could make that happen.
>>
>> I did get a call from Mike with a WTF - he is giving cycles but feels like
>> he is being kicked in the balls by you.  We could put you and him at
>> blackhat at a bar/gokart/ring and let you to work it out... However it
>> appears that this is not a one-to-one issue.
>>
>>
>> On May 31, 2010, at 4:14 PM, dinis cruz <dinis.cruz at owasp.org> wrote:
>>
>>  Nice, really nice :(
>>
>> Mike is really starting to be a problem guys, I'm sorry to say but this
>> last one (see email below) is very below the belt.
>>
>> I'm trying hard to be fair with this guy, but am really losing my patience
>> here.
>>
>> Please take into account that I DID call him up today, explained him my
>> 'updated' model and mentioned that was going to present the model to the
>> OWASP board.
>>
>> Dinis Cruz
>>
>> ---------- Forwarded message ----------
>> From: Mike Boberski < <mike.boberski at gmail.com>mike.boberski at gmail.com>
>> Date: 31 May 2010 21:02
>> Subject: Re: [Owasp-leaders] RFC: Two proposed next tweaks to the services
>> registry
>> To: <owasp-leaders at lists.owasp.org>owasp-leaders at lists.owasp.org
>>
>>
>> Dear Colleagues,
>>
>> The results of the survey are in! Thank you for taking the time.
>>
>> It was a toss-up on the question of whether to include descriptions of
>> approaches to performing a given service. So, the requirement has been
>> removed for now, we can always revisit this and other items later on.
>>
>> It was not a toss-up on the name change, there was an overwhelming
>> response to leave it named "commercial services". So, the name stays for
>> now, we can always revisit this and other items later on.
>>
>> Please do forward any additional suggestions for improvement. I think this
>> approach worked well, batching them up and creating a survey, to gather
>> community inputs.
>>
>> To be listed in the OWASP Commercial Services Registry, contact Kate
>> Hartmann <http://www.owasp.org/index.php/Contact>.
>>
>> Best,
>>
>> Mike
>>
>>
>>   On Mon, May 24, 2010 at 1:09 PM, Boberski, Michael [USA] <<boberski_michael at bah.com>
>> boberski_michael at bah.com> wrote:
>>
>>>    Dear Colleagues,
>>>
>>>
>>> As you know, I have been working on the OWASP commercial services
>>> registry/commercial services board.
>>>
>>>
>>> We’re basically shooting for a phone book that’s sorted according to some
>>> OWASP artifacts as they are currently categorized, to try to nudge the
>>> planet along in adoption of them, to get consumers of services of those
>>> types to ask for them, by making it easy to find such service providers.
>>>
>>>
>>> Towards the end of continuing its development, there are a next set of
>>> proposed updates that we would like your opinion on. A survey has been setup
>>> here: <http://www.surveymonkey.com/s/9JDN98P>
>>> http://www.surveymonkey.com/s/9JDN98P  If you can spare a few minutes to
>>> provide your input, it would be appreciated. The cutoff date is the end of
>>> the week.
>>>
>>>
>>> Best,
>>>
>>>
>>> Mike B.
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> <OWASP-Leaders at lists.owasp.org>OWASP-Leaders at lists.owasp.org
>>> <https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> <OWASP-Leaders at lists.owasp.org>OWASP-Leaders at lists.owasp.org
>> <https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>  _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>


-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

http://asg.ie/
https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100601/1c8bf8c0/attachment-0002.html>


More information about the Owasp-board mailing list