[Owasp-board] Potential Next Generation OWASP Project Guidelines

Jim Manico jim.manico at owasp.org
Tue Apr 16 13:37:23 UTC 2013


I'm totally with you. The devil is in the details. I'll make notes this
week, we certainly need clarification on some of these points.

Aloha and thank you for caring about this.

- Jim

> Just so everyone understands the changes is my point. Thanks 
> 
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> 
> 
> On 16 Apr 2013, at 11:16, Jim Manico <jim.manico at owasp.org> wrote:
> 
>> Michael moved this to Google docs so we can comment line by line. I agree with you Eoin. :)
>>
>> --
>> Jim Manico
>> @Manicode
>> (808) 652-3805
>>
>> On Apr 16, 2013, at 4:28 AM, Eoin Keary <eoinkeary at gmail.com> wrote:
>>
>>> Lets discuss this line by line.
>>> We need to do this properly and not rush.
>>>
>>>
>>> Eoin Keary
>>> Owasp Global Board
>>> +353 87 977 2988
>>>
>>>
>>> On 15 Apr 2013, at 19:42, Michael Coates <michael.coates at owasp.org> wrote:
>>>
>>>> Jim,
>>>>
>>>> Thanks for proposing this. I recently created a shared google doc (editable by board & viewable by world) for us to add proposals for discussion. I think this will be an effective way for us to both discuss and keep track of proposals so they aren't lost in a see of email.
>>>>
>>>> Would you be willing to discuss there in the google doc?
>>>> Direct Link:
>>>> https://docs.google.com/document/d/17h6BrV6an_UtcF6VHZsWNKqfW1JGE5pu_yVIWC2ilI8/edit?usp=sharing
>>>>
>>>> Shared Folder Link:
>>>> https://drive.google.com/folderview?id=0BxSfMVkfLvslVXdvUFV3NkxucWc&usp=sharing
>>>>
>>>> On the wiki page I added a quick mention at the top that this new policy is under discussion and linked to the google doc.
>>>> This policy is in draft and under discussion with the OWASP board - current notes and discussion can be found here
>>>>
>>>>
>>>>
>>>> Thanks,
>>>> Michael
>>>>
>>>>
>>>>
>>>> --
>>>> Michael Coates | OWASP | @_mwc
>>>>
>>>>
>>>>
>>>> On Mon, Apr 15, 2013 at 7:27 AM, Jim Manico <jim.manico at owasp.org> wrote:
>>>>> Please take a look at:
>>>>>
>>>>> https://www.owasp.org/index.php/Projects/Project_Brand_Guidelines
>>>>>
>>>>> This is a work in progress (thank you Samantha for your work on this!)
>>>>>
>>>>> The key section I'd like to focus your attention on is this:
>>>>>
>>>>> Project Sponsors and Acknowledgement
>>>>>
>>>>> As an OWASP Project Leader, it is important that your project, in its entirety, is run independently of commercial influence. Additionally it is important that every project related communication or activity presents the public perception that the project is run independently of commercial influence. There should be no misinterpretation by any user on either the mailing lists, OWASP Wiki, or any other external website that the project is run solely by the project leader, and not by any other organizations.
>>>>>
>>>>> We do actively encourage our project leaders to find sponsorship, partnership, and collaborative opportunities with other members or organizations within the information security community. As a community run organization, we feel these relationships are paramount to the success of our projects. While we do value the contributions of our project sponsors, we do have branding and sponsorship acknowledgement rules that must be adhered to by all OWASP Project Leaders. We feel these rules are necessary to maintain the integrity of our vendor neutrality stance. Here are the rules below:
>>>>>
>>>>> * OWASP Projects can be sponsored in a number of ways: Giving staff time to work on project deliverables, financial donations, working space in your offices, and/or project donation.
>>>>> * OWASP Project sponsors may have their company name listed in the "Project Sponsors" section of the OWASP Project Wiki Page with a link to the sponsor's page on our wiki.
>>>>> * OWASP Project sponsors may have their logo, a short company bio, and their project contributions listed on the sponsor's page. (This is the suggested "global sponsorship page" and is not attached to a project ed: Jim)
>>>>> * OWASP Project sponsors may NOT place their logo on any OWASP Project Wiki Page.
>>>>> * OWASP Project sponsors may NOT place their logo on any OWASP Project deliverable. A company name may be placed under a sponsor's section, but NEVER the company logo.
>>>>> * All contributors must be listed in a neutral way where contributor name, company, and roles are displayed textually in a table if they are to be placed on the OWASP Project wiki page.
>>>>>
>>>>> Six month audits will be conducted based on these rules to make sure all projects are in compliance. It is the responsibility of the individual Project Leader to make sure these rules are followed for their project.
>>>>>
>>>>> For your consideration,
>>>>> Jim
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
> 



More information about the Owasp-board mailing list