[Owasp-board] Public Statements, Personal Thoughts, The Voice of OWASP

Tobias tobias.gondrom at owasp.org
Wed Feb 5 23:41:15 UTC 2014


Legally speaking:
1. the board has the power to speak on behalf of OWASP (in it's function
as a group not the individuals)
2. the board has the power to delegate to individuals, e.g. our ED
(Sarah) to speak on behalf of the organisation (and we delegated to our
ED decision powers for operational questions, yet not for strategic
questions).
Best regards, Tobias

Tobias Gondrom
Owasp Global Board & Secretary



On 05/02/14 22:48, Dennis Groves wrote:
> Legally, Sarah has the right to speak on behalf of OWASP.
>
>
> On Wed, Feb 5, 2014 at 3:41 PM, Eoin Keary <eoin.keary at owasp.org
> <mailto:eoin.keary at owasp.org>> wrote:
>
>     So who has the authority to speak for OWASP? I was voted in
>     (twice) as a board member to represent my voters.
>
>     Shall we set up a censorship panel? A politically correctness
>     project such that we don't offend commercial interests or should
>     we lead by example, stand up and be counted?
>
>
>
>     Eoin Keary
>     Owasp Global Board
>     +353 87 977 2988 <tel:%2B353%2087%20977%202988>
>
>
>     On 5 Feb 2014, at 21:46, Michael Coates <michael.coates at owasp.org
>     <mailto:michael.coates at owasp.org>> wrote:
>
>>     So, Josh did provide an example, but this thread was not intended
>>     to focus on any one situation. There's actually a few different
>>     ones we could look it (including me) and instead I just wanted to
>>     cover the overall idea. Goal is to be aware of potential
>>     situations so we can keep doing awesome things effectively.
>>
>>
>>     --
>>     Michael Coates
>>     @_mwc
>>
>>
>>
>>     On Wed, Feb 5, 2014 at 1:43 PM, Josh Sokol <josh.sokol at owasp.org
>>     <mailto:josh.sokol at owasp.org>> wrote:
>>
>>         I'm not sure I'd necessarily frame it as "crossing the line",
>>         but your tweets regarding cancelling the RSA training were
>>         definitely regarded as actions by "OWASP" and not "Eoin" in
>>         the media that covered it.  Not that you should have to ask
>>         for permission to cancel a training, but when you're doing it
>>         as an OWASP training, then the cancellation should have been
>>         an OWASP message.  What if we had decided to fill your slot
>>         with another trainer?  Much of the damage would have already
>>         been done.  I think that the point that Michael is trying to
>>         make here is that we are viewed as the OWASP Board and
>>         statements by one of us can certainly affect the others and
>>         the Foundation.  Nobody is asking for you to seek permission,
>>         but rather, to consider the consequences as they relate to
>>         more than just yourself.
>>
>>         ~josh
>>
>>
>>         On Wed, Feb 5, 2014 at 3:20 PM, Eoin Keary
>>         <eoin.keary at owasp.org <mailto:eoin.keary at owasp.org>> wrote:
>>
>>             If someone asks me my opinion as an OWASP leader I am not
>>             prepared to ask for permission. I've been with OWASP for
>>             10 years and never crossed the line.
>>
>>             Eoin Keary
>>             Owasp Global Board
>>             +353 87 977 2988 <tel:%2B353%2087%20977%202988>
>>
>>
>>             On 5 Feb 2014, at 19:14, Michael Coates
>>             <michael.coates at owasp.org
>>             <mailto:michael.coates at owasp.org>> wrote:
>>
>>             > Board,
>>             >
>>             > I'd like to bring up a topic for thought. As board
>>             members we individually have very little power. Hence the
>>             entire process of a vote for decisions and the rule of
>>             majority.
>>             >
>>             > In addition, we also each wear a variety of hats - our
>>             professional "day job" our "owasp hat", our own ideas
>>             separate from each, etc.
>>             >
>>             > I mention these items for the following scenarios:
>>             > 1. We need to be careful about acting as individuals
>>             and issuing statements on behalf of OWASP. I believe an
>>             official channel for OWASP statements is much more clear
>>             for the community and the world rather then individual
>>             statements by board members on blogs, twitter,
>>             interviews, etc.
>>             >
>>             > 2. Currently our owasp blog serves a variety of
>>             purposes. Whether or not we intend, any post made here
>>             will also be interpreted as an official statement by
>>             OWASP. Food for thought - there are multiple people that
>>             can post to this blog. If we hastily issue a post here it
>>             could be picked up as an official statement by OWASP
>>             before we have a chance to fully flush out the wording or
>>             message.
>>             >
>>             > 3. Our mailing lists are all publicly archived. This is
>>             great and by design. Keep in mind that your statements
>>             will be referenced within stories, future discussions,
>>             etc. We should do our best to keep on topic within
>>             subject threads, change subject lines when conversation
>>             drifts, and be cognizant that emails sent in haste will
>>             live on forever.
>>             >
>>             > I'm interested in others thoughts on this. Building
>>             clear official channels for OWASP statements will make
>>             our messages more powerful and easier for others to spread.
>>             >
>>             >
>>             > --
>>             > Michael Coates
>>             > @_mwc
>>             >
>>             > _______________________________________________
>>             > Owasp-board mailing list
>>             > Owasp-board at lists.owasp.org
>>             <mailto:Owasp-board at lists.owasp.org>
>>             > https://lists.owasp.org/mailman/listinfo/owasp-board
>>             _______________________________________________
>>             Owasp-board mailing list
>>             Owasp-board at lists.owasp.org
>>             <mailto:Owasp-board at lists.owasp.org>
>>             https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>>
>
>     _______________________________________________
>     Owasp-board mailing list
>     Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
>
> -- 
> Dennis Groves <http://about.me/dennis.groves>, MSc
> Email me, <mailto:dennis.groves at owasp.org> or schedule a meeting
> <http://goo.gl/8sPIy>.
> /This email is licensed under a CC BY-ND 3.0
> <http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB> license./
> Stand up for your freedom to install free software.
> <http://www.fsf.org/campaigns/secure-boot/statement>
> Please do not send me Microsoft Office/Apple iWork documents.
> Send OpenDocument <http://fsf.org/campaigns/opendocument/> instead!
>
> <http://www.owasp.org/>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140205/ff7973fa/attachment-0001.html>


More information about the Owasp-board mailing list