[Owasp-board] Promotion of OWASP by Non-"non-profits"

Fabio Cerullo fcerullo at owasp.org
Sat Feb 22 01:04:29 UTC 2014


Michael et al,

To answer your questions:

1. Does an owasp project or initiative need to live only on the owasp wiki?
YES. Code repositories are a different story because devs tend to use
different platforms. Ideally, everything OWASP related should be in a
single location.

2. Can a company push forward with an owasp project and promote that
project on their website too? YES, as far as the copyright attributions are
made and brand usage rules are followed.

3. Do questions 1 and 2 matter provided the company/person acts per our
brand usage guidelines here? YES

4. Openness/Closed projects: I dont think is in the spirit of OWASP having
closed projects. Any positive contribution should be allowed if aligned
with the project leader goals and objectives.

Fabio

On Saturday, February 22, 2014, Jim Manico <jim.manico at owasp.org> wrote:

> My take? Anyone can and should be allowed to participate, but project
> leaders decide how.
>
> ie: As a leader, I'm not taking your shitty low-quality patch if I deem it
> bad - but under an open license you should be able to fork.
>
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On Feb 21, 2014, at 3:04 PM, Eoin Keary <eoin.keary at owasp.org<javascript:_e(%7B%7D,'cvml','eoin.keary at owasp.org');>>
> wrote:
>
> Should a private entity whom promotes an owasp project be obliged to let
> team members who are not part of the private entity be part of the team?
>
> Or is it open project, closed team like the top 10??
>
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
>
>
> On 19 Feb 2014, at 22:15, Michael Coates <michael.coates at owasp.org<javascript:_e(%7B%7D,'cvml','michael.coates at owasp.org');>>
> wrote:
>
> Board,
>
> I'd like to understand everyone's thoughts on promotion of OWASP from
> other entities - specifically those that are either corporations, private
> entities and generally companies with different motives then us and a
> non-profit.
>
> More specifically, what expectations to do you feel should be placed on a
> company that wants to promote an owasp project or contribute time and
> resources to the betterment of owasp that of course also benefit themselves
> too (e.g. being a good person has tangential benefits for the person and
> those associated with the person)?
>
> A few questions for consideration
> 1. Does an owasp project or initiative need to live only on the owasp
> wiki?
> 2. Can a company push forward with an owasp project and promote that
> project on their website too?
> 3. Do questions 1 and 2 matter provided the company/person acts per our
> brand usage guidelines here?
> https://www.owasp.org/index.php/Category:OWASP_Project#tab=Brand_Resources
>
> I certainly have my opinions but want to open up the discussion.
>
> I ask these larger questions because the overall issue is more important.
> However, we can also later dive into this idea with a concrete example. We
> have a great scenario where someone is funded by a company to do things
> that benefit OWASP - the podcast series. If we have concerns about any
> aspect of that situation, I'd like to understand them in the overall
> context of how we encourage company participation.
>
> Also, if our expectations don't match our stated guidance we need to
> quickly update our guidance. It's hard for us to expect people to follow
> rules if we don't publish them :)
>
>
> Thanks!
>
>
> --
> Michael Coates
> @_mwc
>
>  _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org<javascript:_e(%7B%7D,'cvml','Owasp-board at lists.owasp.org');>
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org<javascript:_e(%7B%7D,'cvml','Owasp-board at lists.owasp.org');>
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140222/356fe9af/attachment.html>


More information about the Owasp-board mailing list