[Owasp-board] Proposal for new global OWASP mailing-list "owasp-all"

Tom Brennan - OWASP tomb at owasp.org
Fri Feb 14 21:09:17 UTC 2014

Ditto with josh on this opt-in

Owasp newsletters have been better
Owasp blog has been more active
Owasp leaders list has been timid
Owasp linkedin has been littered with spam posts
Owasp Facebook very few
Ning?? Not sure what metrics we have with that

A point of discussion is "member Owasp all" (managed by membership /community paid staff reconciled and updated quarterly) 

Do you desire announcements or discussions?


anyone-world just a list serve for anyone to join etc both have value and we should have both but are different in context

Tobias what are you thinking here to be clear?

Also note group admin using google groups or mailman listserve.  

Re board vote - no that's a unnecessary hurdle, experiment let's see are 3 months it's either working really well or has lost the spark -  community will self level the model you champion.

> On Feb 14, 2014, at 3:06 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
> I support the idea of creating an open list for everyone to use but feel that it should be opt-in rather than opt-out.  I'm fine if that means offering a check box at the time of membership purchase and renewal. 
>> On Feb 14, 2014 2:00 PM, "Tobias" <tobias.gondrom at owasp.org> wrote:
>> Hello, 
>> == Proposal ==
>> (I post this first to the OWASP board list for initial feedback and if the idea catches some general support, we can then either just create the list and see how things go or propose a discussion of this on the leaders-list.) 
>> I propose to create a new mailing-list "owasp-all". 
>> Reasoning: to open global OWASP discussions to the global community, beyond the leaders-list. 
>> Over the last months and years, I noticed that we had a number of discussions on the "leaders-list" that should in fact have been open to many more of our members and active contributor as well. Like proposing new ideas for projects and initiatives or e.g. the discussion about RSA and the OWASP security statement. 
>> Note: The leaders-list will remain very important and essential for all project and chapter leadership questions. 
>> I just like to enable normal OWASP members and contributors to exchange ideas and cooperate across chapter boundaries as well. For example it would be nice if OWASP members could coordinate worldwide across chapters to start projects and initiatives or spontaneously join together for a new OWASP initiative. Some of these discussions currently happen informally somewhere in the hallway of a conference, or are done on the leaders list and then sometimes communicated into the local chapters - or not. Which IMHO leaves out the many OWASP members and active contributors, who might be interested in joining interesting new projects or starting new initiatives or voicing their opinion about what OWASP should do in global questions, but who can not participate in the discussion directly because they are not chapter leaders or project leaders. 
>> So my proposal is to create a new mailing-list: 
>> Name: "owasp-all"
>> (or alternative name ideas: "owasp-owasp", "owasp-world", ...) 
>> Scope: 
>> topics in-scope of this mailing-list are new project and initiative ideas that are looking for other fellow contributors and volunteers and news that are relevant and valuable for the global OWASP community. Explicitly out of scope is everything that can be discussed in a specific project or chapter or group of chapters, and topics that are already covered by the scope of any other mailing-list like the governance and project lists. 
>> And as this is a global mailing-list with potentially a lot of subscribers, we ask members to be very cautious and conservative in posting there and follow the scope definition very carefully. Furthermore, please refrain from cross-posting to this mailing-list. And be considerate whether you really need to reply to the whole list of thousands of people if e.g. you just want to sign up to a new initiative. A direct reply to the person who sent the initial message can spare others a lot of email traffic. 
>> Target group: 
>> all OWASP leaders, active contributors and those who are interested in joining a project or initiative and don't know yet which one, OWASP members, and anyone interested in the global OWASP community. 
>> Sign-up: 
>> The list is free for anyone to subscribe / unsubscribe. 
>> At the start, I suggest that the list should be pre-filled with all members of the leaders-list and all OWASP members (as per the membership list) with the option to unsubscribe like from any other free mailing-list. 
>> Going forward I propose to add a flag at the membership renewal form (i.e. when you pay your membership fee) that you want to be on the global "OWASP-all" mailing-list (with the default setting       to be "yes"). 
>> And I would appreciate if we could send an email to all chapter mailing-lists to inform people there about this new global OWASP community mailing-list which is open to everyone. 
>> Please note that I don't know whether we would need a board vote for this mailing-list to be created or could just do it. 
>> So I err on the side of caution and ask for feedback and possibly a board vote for approval. 
>> All the best, 
>> Tobias
>> Tobias Gondrom
>> OWASP Global Board Member
>> OWASP CISO Survey Project Lead
>> email: tobias.gondrom at owasp.org
>> mobile: +852 56002975
>> mobile: +44 7521003005 
>> skype: tgondrom
>> twitter: @tgondrom
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140214/df358a89/attachment.html>

More information about the Owasp-board mailing list