[Owasp-board] Owasp top 10

Josh Sokol josh.sokol at owasp.org
Fri Apr 11 03:11:05 UTC 2014


I respect your opinion, but I'm not sure I agree with you.  The Board has
NO business deciding which projects should or should not be supported by
the organization.  We could provide a high level directive that we
shouldn't take on poor quality projects, projects without a specific
license, projects without frequent updates, etc, but it is up to our
operational staff to apply Board guidelines to projects, etc.  Where no
specific directive exists, actions should be in line with whatever most
closely represents our mission.

If we have a problem with how Aspect is handling the Top 10 because its not
in line with the mission, then we should fork the project, find a new
leader, and encourage Aspect to contribute to the new model.  Seems to me
like the real problem here is finding a leader to step into that role as
its a lot of work.

~josh
On Apr 10, 2014 4:23 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:

> Hi Josh,
>
> It is a legacy issue that nobody has been able to take control of. Aspect
> retains control and will not give it up. I fail to understand how this is a
> staff responsibility. The board should vote to fork it or abandon it. The
> staff are not responsible to make such decisions for the community.
>
> Dennis
>
>
> On Thu, Apr 10, 2014 at 2:17 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>
>> Regardless of whether it is a community contributed project, shouldn't
>> the data be open by nature of being an OWASP project?  OWASP as an
>> organization should never be publishing anything that we can't back up with
>> factual evidence.  As project manager, wouldn't it be Samantha's
>> responsibility to ensure that this standard is met with all of our
>> projects?  Seems to me that Eoin was trying to make a (perhaps less than)
>> subtle point here, but I'm not sure why it's a "nice try".  This should
>> have been a requirement before we ever published the document in my opinion.
>>
>> ~josh
>>
>>
>> On Thu, Apr 10, 2014 at 4:08 PM, Dennis Groves <dennis.groves at owasp.org>wrote:
>>
>>> Nice Try Eoin,
>>>
>>> We all know that this project is not a community project.
>>> This is exactly the kind of issues that the board should be addressing!
>>>
>>> Dennis
>>>
>>>
>>> On Thu, Apr 10, 2014 at 2:04 PM, Eoin Keary <eoin.keary at owasp.org>wrote:
>>>
>>>> Sam,
>>>> I'm asking you respectfully to obtain access for the community  as
>>>> owasp projects manager. I could of emailed jeff and Dave directly myself
>>>> but preferred to go through your good self.
>>>>
>>>> Thanks,
>>>> Eoin.
>>>>
>>>>
>>>> Eoin Keary
>>>> Owasp Global Board
>>>> +353 87 977 2988
>>>>
>>>>
>>>> On 10 Apr 2014, at 21:58, Samantha Groves <samantha.groves at owasp.org>
>>>> wrote:
>>>>
>>>> Hello Dave and Jeff,
>>>>
>>>> Eoin is asking for some project information for the Top 10. Can you
>>>> help him out?
>>>>
>>>> Thank you, Dave and Jeff.
>>>>
>>>> Samantha
>>>>
>>>>
>>>> ---------- Forwarded message ----------
>>>> From: Eoin Keary <eoin.keary at owasp.org>
>>>> Date: Thu, Apr 10, 2014 at 1:55 PM
>>>> Subject: Owasp top 10
>>>> To: Samantha Groves <samantha.groves at owasp.org>, OWASP Foundation
>>>> Board List <owasp-board at lists.owasp.org>, OWASP Leaders <
>>>> owasp-leaders at lists.owasp.org>
>>>>
>>>>
>>>> Hi,
>>>> Can you let me know where all the data and materials are for the owasp
>>>> top 10 2013?
>>>> I'd like to see the metrics which resulted in the top 10 opened up to
>>>> the public.
>>>> Doing this we can develop trend analysis, metrics and chart progress.
>>>> Can this be done?
>>>>
>>>> Regards,
>>>>
>>>> Eoin Keary
>>>> Owasp Global Board
>>>> +353 87 977 2988
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> *Samantha Groves, MBA*
>>>>
>>>> *OWASP Projects Manager*
>>>>
>>>>
>>>> The OWASP Foundation
>>>>
>>>> Phoenix, USA
>>>>
>>>> Email: samantha.groves at owasp.org
>>>>
>>>> Skype: samanthahz
>>>>
>>>>
>>>> OWASP Global Projects<https://www.owasp.org/index.php/Category:OWASP_Project>
>>>>
>>>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>>>
>>>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>>>
>>>> New Project Application Form <http://www.tfaforms.com/263506>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>
>>>
>>> --
>>> Dennis Groves <http://about.me/dennis.groves>, MSc
>>> Email me, <dennis.groves at owasp.org> or schedule a meeting<http://goo.gl/8sPIy>
>>> .
>>> *This email is licensed under a CC BY-ND 3.0
>>> <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license.*
>>> Stand up for your freedom to install free software.<http://www.fsf.org/campaigns/secure-boot/statement>
>>> Please do not send me Microsoft Office/Apple iWork documents.
>>> Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>>>
>>> <http://www.owasp.org/>
>>>
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>
>>>
>>
>
>
> --
> Dennis Groves <http://about.me/dennis.groves>, MSc
> Email me, <dennis.groves at owasp.org> or schedule a meeting<http://goo.gl/8sPIy>
> .
> *This email is licensed under a CC BY-ND 3.0
> <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license.*
> Stand up for your freedom to install free software.<http://www.fsf.org/campaigns/secure-boot/statement>
> Please do not send me Microsoft Office/Apple iWork documents.
> Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>
> <http://www.owasp.org/>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140410/8f9a207a/attachment.html>


More information about the Owasp-board mailing list