[Owasp-board] OWASP Top 10

Eoin Keary eoin.keary at owasp.org
Sun Apr 13 21:42:37 UTC 2014


Ok forget it.
I shall not be pursuing this anymore. Let sleeping dogs lie.
Ignorance is bliss.



Eoin Keary
Owasp Global Board
+353 87 977 2988


On 13 Apr 2014, at 22:12, Matt Tesauro <matt.tesauro at owasp.org> wrote:

> >  I also don't think that it's unreasonable to ask that our project manager ensure that this exists before publishing any project to any one of the project categories.
> 
> I fully agree with this going forward.  But you are asking for this retrospectively for the Top 10 2013.  
> 
> If this is a standard that all projects should make according to the board, then the board should create an explicit policy to that effect and let the staff the enforce it going forward.  That would provide Samantha the mechanism she needs to make sure _future_ projects don't violate this policy.  It can also be used to correct any projects that are outside of this policy without being enforced after the project has already created a deliverable, in an ad hoc manner.
> 
> However, I still contend that we've spent more time discussing who should ask when a simple email from Eoin to Dave and/or the Top 10 list would solve this issue.  It is simple, direct and transparent.
> 
> --
> -- Matt Tesauro
> OWASP WTE Project Lead
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> http://AppSecLive.org - Community and Download site
> OWASP OpenStack Security Project Lead
> https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project
> 
> 
> On Sun, Apr 13, 2014 at 3:34 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>> I don't think that it's unreasonable to ask for the "source" (ie. how the document was generated) for a purported open source project.  I also don't think that it's unreasonable to ask that our project manager ensure that this exists before publishing any project to any one of the project categories.
>> 
>> ~josh
>> 
>> 
>> On Sun, Apr 13, 2014 at 3:22 PM, Eoin Keary <eoin.keary at owasp.org> wrote:
>>> Dancing? Asking for information on how a project is made, which is allegedly opensource is a valid request.
>>> Reason I'm asking Samantha is she is paid staff to manage projects for OWASP. 
>>> Simple really.
>>> 
>>> 
>>> Eoin Keary
>>> Owasp Global Board
>>> +353 87 977 2988
>>> 
>>> 
>>> On 13 Apr 2014, at 19:44, Michael Coates <michael.coates at owasp.org> wrote:
>>> 
>>>> Eoin,
>>>> 
>>>> Are we dancing around the elephant in the room? We know there are many calls for the top 10 to be more open. I hope people will join the project and push the top 10 process from it's beginning and create a very open 2015 top 10 with all these ideas  - we just need to get into the process at the beginning, not the end .
>>>> 
>>>> I guess my question is this - why not just ask the project mailing list for this information directly? Or are they not responding or refusing?
>>>> 
>>>> I don't think we have a model or expectation that a request to project X should flow through Samantha to simply relay that same request to the project mailing list. 
>>>> 
>>>> Perhaps I'm missing something - help me understand?
>>>> 
>>>> 
>>>> --
>>>> Michael Coates
>>>> @_mwc
>>>> 
>>>> 
>>>> 
>>>> On Sun, Apr 13, 2014 at 4:41 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>>>>> Hi Samantha,
>>>>> I am formally requesting that as projects manager you obtain the data, work papers and associated statistic model for the owasp top 10. This is a core owasp project and needs to be assessed such that we can leverage it for other endeavours.
>>>>> Thanks in advance.
>>>>> Eoin.
>>>>> 
>>>>> 
>>>>> Eoin Keary
>>>>> Owasp Global Board
>>>>> +353 87 977 2988
>>>>> 
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>> 
>>> _______________________________________________
>>> Owasp-board mailing list
>>> Owasp-board at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>> 
>> 
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140413/4069b3d2/attachment-0001.html>


More information about the Owasp-board mailing list