[Owasp-board] [Owasp-leaders] Public Comment

Bev Corwin bev.corwin at owasp.org
Fri Dec 12 20:07:36 UTC 2014


PS: Legally, also, the board has "oversight" of the Oversight Committee and
Ombudsman's Office, as well, correcct?

On Fri, Dec 12, 2014 at 3:04 PM, Bev Corwin <bev.corwin at owasp.org> wrote:
>
> Thanks Jim,
>
> Who handles organizational strategy?
>
> Best wishes,
> Bev
>
>
> On Fri, Dec 12, 2014 at 2:01 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>
>>  Bev,
>>
>> The board does indeed set the vision for the organization. But project
>> oversight responsibility has been passed to the project committee, and
>> overall compliance issues are lead by our ombudsman (compliance officer)
>> Martin Knoblock.
>>
>> Aloha,
>> Jim
>>
>>
>>
>> On 12/11/14 10:28 AM, Bev Corwin wrote:
>>
>> Thanks Josh, Doesn't the board have "oversight" and "compliance"
>> responsibilities to the OWASP Community? Best wishes, Bev
>>
>> On Thu, Dec 11, 2014 at 12:57 PM, Josh Sokol <josh.sokol at owasp.org>
>> wrote:
>>
>>>  It's a good point and I've definitely seen examples in the past of
>>> where a project has made significant decisions in a relative bubble before
>>> publishing it as an "open" document.  Honestly, I think to some extent that
>>> boils down to the project leadership/management and how they choose to run
>>> things.  Not that it makes it right or wrong.  I do agree with Simon in
>>> that this is not a Board decision though.  If for some reason people felt
>>> like project leaders are incapable of doing this, or that rules need to be
>>> put in place to enforce it, then that's something I would look to the
>>> Project Committee to establish.
>>>
>>>  ~josh
>>>
>>>  On Thu, Dec 11, 2014 at 11:51 AM, Bev Corwin <bev.corwin at owasp.org>
>>> wrote:
>>>
>>>>  PS: Your reference was for "free" not "open". Do you have something
>>>> that would be a good reference for "open"? How about free and open? Thank
>>>> you!
>>>>
>>>> On Thu, Dec 11, 2014 at 12:50 PM, Bev Corwin <bev.corwin at owasp.org>
>>>> wrote:
>>>>
>>>>> Dear Simon,
>>>>>
>>>>>  Thank you. Good info, very much appreciate it. Where are you pulling
>>>>> your assumptions from? Is there a definition of "open" somewhere that could
>>>>> be referenced? So many organizations claim to be "open", however, very few
>>>>> actually "manifest" it well. Would be nice to see some kind of guidelines
>>>>> somewhere. That would be a board policy issue to recommend such things,
>>>>> wouldn't it?
>>>>>
>>>>>  Best wishes,
>>>>> Bev
>>>>>
>>>>>
>>>>> On Thu, Dec 11, 2014 at 12:36 PM, psiinon <psiinon at gmail.com> wrote:
>>>>>
>>>>>>   I'm not sure this is a board matter, although board members should
>>>>>> definitely speak up if they disagree :)
>>>>>>  I think this is more a matter of 'good open source
>>>>>> leadership/management' as it applies to all open source projects and not
>>>>>> just OWASP ones.
>>>>>>  But its something we can all learn from each other and so I think
>>>>>> this list is a good place to discuss it.
>>>>>>
>>>>>>  Can you explain in a bit more detail which project(s) you are
>>>>>> referring to, what stage they are at and what you hope to get out of such
>>>>>> consultations?
>>>>>>  I think the approaches for well established projects are likely to
>>>>>> be very different from ones that are just starting out.
>>>>>>
>>>>>> There are online resources like this which might help you:
>>>>>> http://producingoss.com/
>>>>>>
>>>>>>  Any others people can recommend?
>>>>>>
>>>>>> Cheers,
>>>>>>
>>>>>> Simon
>>>>>>
>>>>>> On Thu, Dec 11, 2014 at 5:26 PM, Bev Corwin <bev.corwin at owasp.org>
>>>>>> wrote:
>>>>>>
>>>>>>> Thanks Simon, Yes, that is what I thought as well. Has the board
>>>>>>> made official recommendations about these things? Are they documented
>>>>>>> somewhere? As a practice, are there any guidelines for how to best do this
>>>>>>> in the community? Do we have a mailing list of interested public
>>>>>>> contributors that we can submit requests for comments to, etc.? Best
>>>>>>> wishes, Bev
>>>>>>>
>>>>>>> On Thu, Dec 11, 2014 at 12:20 PM, psiinon <psiinon at gmail.com> wrote:
>>>>>>>
>>>>>>>>    Hi Bev,
>>>>>>>>
>>>>>>>>  I'm confused :/
>>>>>>>>  All OWASP projects are open source and should therefore be open
>>>>>>>> for public comment at all times.
>>>>>>>>  All projects must have public lists that are clearly discoverable
>>>>>>>> via the project page.
>>>>>>>>  You can ask for specific feedback from other leaders / your users
>>>>>>>> / the general public at specific times as well of course.
>>>>>>>>
>>>>>>>>  Cheers,
>>>>>>>>
>>>>>>>> Simon
>>>>>>>>
>>>>>>>>  On Thu, Dec 11, 2014 at 5:05 PM, Bev Corwin <bev.corwin at owasp.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>>  Dear OWASP Board and Leaders,
>>>>>>>>>
>>>>>>>>>  Is it possible for OWASP projects and initiatives to open up for
>>>>>>>>> public comment at various stages in our projects and initiatives
>>>>>>>>> development processes? Do we have any board or leader level
>>>>>>>>> recommendations, policies / best practices for this kind of thing?
>>>>>>>>>
>>>>>>>>>  Best wishes,
>>>>>>>>> Bev
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>  _______________________________________________
>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>>>
>>>>>
>>>>>
>>>>
>>>>  _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>
>>
>>
>> _______________________________________________
>> Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20141212/72e2c4b0/attachment-0001.html>


More information about the Owasp-board mailing list