[Owasp-board] [Owasp-leaders] Public Comment
Josh Sokol
josh.sokol at owasp.org
Mon Dec 15 17:58:51 UTC 2014
At a high level, strategic goals are set by the OWASP Board of Directors:
https://www.owasp.org/index.php/OWASP_Strategic_Goals
The execution of those goals and the metrics/reporting are handled by our
Operations Team with a Board Member Sponsor as oversight.
~josh
On Fri, Dec 12, 2014 at 2:04 PM, Bev Corwin <bev.corwin at owasp.org> wrote:
>
> Thanks Jim,
>
> Who handles organizational strategy?
>
> Best wishes,
> Bev
>
>
> On Fri, Dec 12, 2014 at 2:01 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>
>> Bev,
>>
>> The board does indeed set the vision for the organization. But project
>> oversight responsibility has been passed to the project committee, and
>> overall compliance issues are lead by our ombudsman (compliance officer)
>> Martin Knoblock.
>>
>> Aloha,
>> Jim
>>
>>
>>
>> On 12/11/14 10:28 AM, Bev Corwin wrote:
>>
>> Thanks Josh, Doesn't the board have "oversight" and "compliance"
>> responsibilities to the OWASP Community? Best wishes, Bev
>>
>> On Thu, Dec 11, 2014 at 12:57 PM, Josh Sokol <josh.sokol at owasp.org>
>> wrote:
>>
>>> It's a good point and I've definitely seen examples in the past of
>>> where a project has made significant decisions in a relative bubble before
>>> publishing it as an "open" document. Honestly, I think to some extent that
>>> boils down to the project leadership/management and how they choose to run
>>> things. Not that it makes it right or wrong. I do agree with Simon in
>>> that this is not a Board decision though. If for some reason people felt
>>> like project leaders are incapable of doing this, or that rules need to be
>>> put in place to enforce it, then that's something I would look to the
>>> Project Committee to establish.
>>>
>>> ~josh
>>>
>>> On Thu, Dec 11, 2014 at 11:51 AM, Bev Corwin <bev.corwin at owasp.org>
>>> wrote:
>>>
>>>> PS: Your reference was for "free" not "open". Do you have something
>>>> that would be a good reference for "open"? How about free and open? Thank
>>>> you!
>>>>
>>>> On Thu, Dec 11, 2014 at 12:50 PM, Bev Corwin <bev.corwin at owasp.org>
>>>> wrote:
>>>>
>>>>> Dear Simon,
>>>>>
>>>>> Thank you. Good info, very much appreciate it. Where are you pulling
>>>>> your assumptions from? Is there a definition of "open" somewhere that could
>>>>> be referenced? So many organizations claim to be "open", however, very few
>>>>> actually "manifest" it well. Would be nice to see some kind of guidelines
>>>>> somewhere. That would be a board policy issue to recommend such things,
>>>>> wouldn't it?
>>>>>
>>>>> Best wishes,
>>>>> Bev
>>>>>
>>>>>
>>>>> On Thu, Dec 11, 2014 at 12:36 PM, psiinon <psiinon at gmail.com> wrote:
>>>>>
>>>>>> I'm not sure this is a board matter, although board members should
>>>>>> definitely speak up if they disagree :)
>>>>>> I think this is more a matter of 'good open source
>>>>>> leadership/management' as it applies to all open source projects and not
>>>>>> just OWASP ones.
>>>>>> But its something we can all learn from each other and so I think
>>>>>> this list is a good place to discuss it.
>>>>>>
>>>>>> Can you explain in a bit more detail which project(s) you are
>>>>>> referring to, what stage they are at and what you hope to get out of such
>>>>>> consultations?
>>>>>> I think the approaches for well established projects are likely to
>>>>>> be very different from ones that are just starting out.
>>>>>>
>>>>>> There are online resources like this which might help you:
>>>>>> http://producingoss.com/
>>>>>>
>>>>>> Any others people can recommend?
>>>>>>
>>>>>> Cheers,
>>>>>>
>>>>>> Simon
>>>>>>
>>>>>> On Thu, Dec 11, 2014 at 5:26 PM, Bev Corwin <bev.corwin at owasp.org>
>>>>>> wrote:
>>>>>>
>>>>>>> Thanks Simon, Yes, that is what I thought as well. Has the board
>>>>>>> made official recommendations about these things? Are they documented
>>>>>>> somewhere? As a practice, are there any guidelines for how to best do this
>>>>>>> in the community? Do we have a mailing list of interested public
>>>>>>> contributors that we can submit requests for comments to, etc.? Best
>>>>>>> wishes, Bev
>>>>>>>
>>>>>>> On Thu, Dec 11, 2014 at 12:20 PM, psiinon <psiinon at gmail.com> wrote:
>>>>>>>
>>>>>>>> Hi Bev,
>>>>>>>>
>>>>>>>> I'm confused :/
>>>>>>>> All OWASP projects are open source and should therefore be open
>>>>>>>> for public comment at all times.
>>>>>>>> All projects must have public lists that are clearly discoverable
>>>>>>>> via the project page.
>>>>>>>> You can ask for specific feedback from other leaders / your users
>>>>>>>> / the general public at specific times as well of course.
>>>>>>>>
>>>>>>>> Cheers,
>>>>>>>>
>>>>>>>> Simon
>>>>>>>>
>>>>>>>> On Thu, Dec 11, 2014 at 5:05 PM, Bev Corwin <bev.corwin at owasp.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Dear OWASP Board and Leaders,
>>>>>>>>>
>>>>>>>>> Is it possible for OWASP projects and initiatives to open up for
>>>>>>>>> public comment at various stages in our projects and initiatives
>>>>>>>>> development processes? Do we have any board or leader level
>>>>>>>>> recommendations, policies / best practices for this kind of thing?
>>>>>>>>>
>>>>>>>>> Best wishes,
>>>>>>>>> Bev
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>>>>>>
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>
>>
>>
>> _______________________________________________
>> Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20141215/7e2bfb9f/attachment-0001.html>
More information about the Owasp-board
mailing list