[Owasp-board] OWASP Community Vote - Board Review

Fabio Cerullo fcerullo at owasp.org
Wed Apr 2 16:52:05 UTC 2014

Because it will dilute the responses.

Also, option 3 crosses the line of allowing everyone to spam the mailing
list with commercial offerings without vetting (something we definitely
don't want to do).


On Wednesday, April 2, 2014, Josh Sokol <josh.sokol at owasp.org> wrote:

> I'm not sure why #3 couldn't be a valid option or why a survey couldn't
> support a multiple choice answer?
> On Apr 2, 2014 11:45 AM, "Fabio Cerullo" <fcerullo at owasp.org> wrote:
> Thanks Josh. I believe could use the wording proposed but will remove
> option 3).
> The response has to be either yes/no...otherwise we are creating "grey"
> areas.
> Fabio
> On Wednesday, April 2, 2014, Josh Sokol <josh.sokol at owasp.org> wrote:
> I have no issues with presenting a vote or otherwise to the leaders, but I
> don't think that Fabio's poll presents what I've said above (the current
> rule) appropriately.  Options should be:
> 1) Absolutely under no circumstances should commercial advertising be
> allowed on the mailing lists for any reason.
> 2) Commercial advertising on the mailing lists should be allowed as long
> as the communication has been vetted by chapter leadership in advance for
> value and appropriateness.
> 3) Commercial advertisements should be allowed on mailing lists in order
> to ensure that all vendors have an equal opportunity to promote their
> products and services.
> ~josh
> On Wed, Apr 2, 2014 at 10:16 AM, Josh Sokol <josh.sokol at owasp.org> wrote:
> No offense meant, but this is spoken like a guy who has not run a
> chapter.  Quite frequently our leaders are presented with opportunities.
> Many of these opportunities, while backed by commercial interests, are
> offered for free or at significantly reduced cost to OWASP members.
> Passing those opportunities along to members does not imply support of a
> vendor, merely that an opportunity exists that could provide value.  If you
> want to add a disclaimer at the bottom of messages saying that the OWASP
> Foundation does not endorse product or services, then I have no issue with
> that, other than how you're ever going to actually enforce it.  The only
> issue with being vendor agnostic comes if a leader is excluding one vendor,
> but allowing another in similar circumstances.  Do you have examples where
> this is the case?
> My thought is that if we are going to generate a rule on this, it should
> be that commericial SPAM from any vendor is not allowed on the mailing
> lists, but it can be sent to the chapter leader for review and to pass
> along if it provides value to our membership.  A great example is the
> Innotech Conference that comes to Austin annually.  It's definitely a
> commercial, for-profit, venture, but each year they provide us with a free
> attendance code to provide to our membership.  It definitely provides value
> as they have lots of technology tracks and even a security track there.
> Why would I not want to provide my membership with that opportunity just
> because it is backed by a company that makes money?
> I don't agree with the "let's make exceptions" approach either.  Too much
> red tape for something that should be in our leaders hands anyway.  We
> should trust our leadership to do the right thing, but have a process in
> place to handle when they don't.
> ~josh
> On Wed, Apr 2, 2014 at 4:41 AM, Jim Manico <jim.manico at owasp.org> wrote:
>  I tend to agree with Eoin on this point. We really need to limit any
> appearance of commercial activity.  I would support a rule where "no
> commercial spamming on OWASP lists" is the norm. We would have the make
> exceptions such as ads in the the newsletter and similar...
> Before making this call I think we should talk to the other chapter
> leaders in regards to what they think about this.
> - Jim
> On 4/1/14, 8:57 AM, Eoin Keary wrote:
> We don't want to jeopardise out charity status by promoting commercial
> activities. A rule helps prevent that. A community vote help establish the
> rule.
> Just sayin...
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140402/8f8cfdf4/attachment.html>

More information about the Owasp-board mailing list