[Owasp-board] Public Statements, Personal Thoughts, The Voice of OWASP

Josh Sokol josh.sokol at owasp.org
Wed Feb 5 21:43:37 UTC 2014

I'm not sure I'd necessarily frame it as "crossing the line", but your
tweets regarding cancelling the RSA training were definitely regarded as
actions by "OWASP" and not "Eoin" in the media that covered it.  Not that
you should have to ask for permission to cancel a training, but when you're
doing it as an OWASP training, then the cancellation should have been an
OWASP message.  What if we had decided to fill your slot with another
trainer?  Much of the damage would have already been done.  I think that
the point that Michael is trying to make here is that we are viewed as the
OWASP Board and statements by one of us can certainly affect the others and
the Foundation.  Nobody is asking for you to seek permission, but rather,
to consider the consequences as they relate to more than just yourself.


On Wed, Feb 5, 2014 at 3:20 PM, Eoin Keary <eoin.keary at owasp.org> wrote:

> If someone asks me my opinion as an OWASP leader I am not prepared to ask
> for permission. I've been with OWASP for 10 years and never crossed the
> line.
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> On 5 Feb 2014, at 19:14, Michael Coates <michael.coates at owasp.org> wrote:
> > Board,
> >
> > I'd like to bring up a topic for thought. As board members we
> individually have very little power. Hence the entire process of a vote for
> decisions and the rule of majority.
> >
> > In addition, we also each wear a variety of hats - our professional "day
> job" our "owasp hat", our own ideas separate from each, etc.
> >
> > I mention these items for the following scenarios:
> > 1. We need to be careful about acting as individuals and issuing
> statements on behalf of OWASP. I believe an official channel for OWASP
> statements is much more clear for the community and the world rather then
> individual statements by board members on blogs, twitter, interviews, etc.
> >
> > 2. Currently our owasp blog serves a variety of purposes. Whether or not
> we intend, any post made here will also be interpreted as an official
> statement by OWASP. Food for thought - there are multiple people that can
> post to this blog. If we hastily issue a post here it could be picked up as
> an official statement by OWASP before we have a chance to fully flush out
> the wording or message.
> >
> > 3. Our mailing lists are all publicly archived. This is great and by
> design. Keep in mind that your statements will be referenced within
> stories, future discussions, etc. We should do our best to keep on topic
> within subject threads, change subject lines when conversation drifts, and
> be cognizant that emails sent in haste will live on forever.
> >
> > I'm interested in others thoughts on this. Building clear official
> channels for OWASP statements will make our messages more powerful and
> easier for others to spread.
> >
> >
> > --
> > Michael Coates
> > @_mwc
> >
> > _______________________________________________
> > Owasp-board mailing list
> > Owasp-board at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-board
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140205/4466ae9d/attachment.html>

More information about the Owasp-board mailing list