[Owasp-board] Public Statements, Personal Thoughts, The Voice of OWASP

Michael Coates michael.coates at owasp.org
Wed Feb 5 21:46:25 UTC 2014

So, Josh did provide an example, but this thread was not intended to focus
on any one situation. There's actually a few different ones we could look
it (including me) and instead I just wanted to cover the overall idea. Goal
is to be aware of potential situations so we can keep doing awesome things

Michael Coates

On Wed, Feb 5, 2014 at 1:43 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

> I'm not sure I'd necessarily frame it as "crossing the line", but your
> tweets regarding cancelling the RSA training were definitely regarded as
> actions by "OWASP" and not "Eoin" in the media that covered it.  Not that
> you should have to ask for permission to cancel a training, but when you're
> doing it as an OWASP training, then the cancellation should have been an
> OWASP message.  What if we had decided to fill your slot with another
> trainer?  Much of the damage would have already been done.  I think that
> the point that Michael is trying to make here is that we are viewed as the
> OWASP Board and statements by one of us can certainly affect the others and
> the Foundation.  Nobody is asking for you to seek permission, but rather,
> to consider the consequences as they relate to more than just yourself.
> ~josh
> On Wed, Feb 5, 2014 at 3:20 PM, Eoin Keary <eoin.keary at owasp.org> wrote:
>> If someone asks me my opinion as an OWASP leader I am not prepared to ask
>> for permission. I've been with OWASP for 10 years and never crossed the
>> line.
>> Eoin Keary
>> Owasp Global Board
>> +353 87 977 2988
>> On 5 Feb 2014, at 19:14, Michael Coates <michael.coates at owasp.org> wrote:
>> > Board,
>> >
>> > I'd like to bring up a topic for thought. As board members we
>> individually have very little power. Hence the entire process of a vote for
>> decisions and the rule of majority.
>> >
>> > In addition, we also each wear a variety of hats - our professional
>> "day job" our "owasp hat", our own ideas separate from each, etc.
>> >
>> > I mention these items for the following scenarios:
>> > 1. We need to be careful about acting as individuals and issuing
>> statements on behalf of OWASP. I believe an official channel for OWASP
>> statements is much more clear for the community and the world rather then
>> individual statements by board members on blogs, twitter, interviews, etc.
>> >
>> > 2. Currently our owasp blog serves a variety of purposes. Whether or
>> not we intend, any post made here will also be interpreted as an official
>> statement by OWASP. Food for thought - there are multiple people that can
>> post to this blog. If we hastily issue a post here it could be picked up as
>> an official statement by OWASP before we have a chance to fully flush out
>> the wording or message.
>> >
>> > 3. Our mailing lists are all publicly archived. This is great and by
>> design. Keep in mind that your statements will be referenced within
>> stories, future discussions, etc. We should do our best to keep on topic
>> within subject threads, change subject lines when conversation drifts, and
>> be cognizant that emails sent in haste will live on forever.
>> >
>> > I'm interested in others thoughts on this. Building clear official
>> channels for OWASP statements will make our messages more powerful and
>> easier for others to spread.
>> >
>> >
>> > --
>> > Michael Coates
>> > @_mwc
>> >
>> > _______________________________________________
>> > Owasp-board mailing list
>> > Owasp-board at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-board
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140205/6d45a894/attachment-0001.html>

More information about the Owasp-board mailing list