[Owasp-board] Vote Request - OWASP Participation at RSA

Fabio Cerullo fcerullo at owasp.org
Tue Jan 7 22:48:20 UTC 2014


Michael

I would vote NOT to terminate the agreement and training.

There is not enough evidence to make any judgements about RSA.

Regards
Fabio

El Tuesday, January 7, 2014, Michael Coates escribió:

> Sure, the email thread and Simon's poll are all different perspectives and
> thoughts. There is no direct mapping between these items and the various
> options forward. I'm very happy to see the large discussion and many
> people's views.
>
> In the end easy decisions are easy - this is not one of those scenarios.
> After weighing all the information it's our job on the board to determine
> the difficult decision we believe is best for OWASP.
>
> One view of this current situation, as you put it, is an all or nothing
> view. I believe this was, for the most part, the discussion until the
> co-marketing agreement entered into play. We now have the additional
> variable to consider. I won't restate my views (it's long and archived on
> the leaders thread). But, in short, I believe we should train at RSA and at
> any other venue that we can. I believe we should pause on co-marketing
> until all facts come to light.
>
> Without any board vote we would consider along the previous path - RSA
> training and the terms of the co-marketing agreement.
>
> However, if we pass a vote we'll update our path accordingly.
>
>
>
>
> --
> Michael Coates
> @_mwc
>
>
>
> On Tue, Jan 7, 2014 at 9:07 AM, Eoin Keary <eoin.keary at owasp.org> wrote:
>
> Hi Michael,
> Man, this board member stuff can be difficult!!
>
> The email thread or peoples views do not distinguish between contract or
> presence at the event IMHO.
>
> I think the argument, be it right or wrong is; "should OWASP be involved
> with the RSA event or not."
>
> That's just my interpretation of the discussion.
>
> Again, id like to present the class to 200 developers regardless of venue
> which is the important aspect of this discussion for me.
>
>
>
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
>
>
> On 7 Jan 2014, at 16:25, Michael Coates <michael.coates at owasp.org> wrote:
>
> Eoin,
>
> Correct. Some people see participating as the right choice, some people
> see canceling as the right choice, and we have the element of co-marketing
> in the mix too.
>
> The vote that I proposed is to cancel the co-marketing and participate if
> possible. I support participating. I don't support co-marketing at this
> time until the details of the accusations are cleared up.
>
> -Michael
>
>
>
>
>
>
> On Tue, Jan 7, 2014 at 2:08 AM, Eoin <eoin.keary at owasp.org> wrote:
>
> I am not voting but the topic that is up for vote is wrong in my opinion.
>
> Some media, people in general will see OWASP participation in RSA as
> negative, hence the debate.
>  Cancelling a contract does not really cut it. its "window dressing."
>
> Either we  (OWASP) are engaging with RSAC or not, its that simple.
>
> Delivering anything at RSAC shall be interpreted as a sign of support,
> this is the root cause of the debate: *Are we to support RSAC this year
> given the allegations?* (contract is circumstantial).
>
>
>
>
> On 7 January 2014 00:42, Tobias <tobias.gondrom at owasp.org> wrote:
>
>  My vote is: Yes. OWASP shall terminate the co-marketing agreement with
> RSA for RSA 2014.
>
> My reasons are:
>
>  1. community feedback and discussion (there seems to be a significant
> part of the community concerned about this) Note: I would have loved to see
> an OWASP community poll on this before making this decision to get a better
> feel for the wishes of our community, but acknowledge Michael's request
> that we need to decide this urgently.
>
>  2. we have an alternative (as outlined in Sarah's email, BSides) that
> can fulfil the goal equally.
>
>  3. I understand that there is a lot of uncertainty about RSA's level of
> involvement. And I don't feel in a position to make a final judgement about
> this. And as often with secrecy, we possibly never will be.
> But in this case we don't have to have final judgement. The co-marketing
> agreement is quite extensive and could be seen as active endorsement. To
> follow such an agreement we would need to have a very high level of
> confidence and trust in the other party. So already a reasonable shadow of
> doubt is sufficient grounds, to distance OWASP in this case from a very
> active co-marketing agreement with the company RSA, to avoid being
> interpreted as an active endorsement of a commercial entity currently under
> review. And we should abstain from actively endorsing RSA for the time
> being, until all facts of the case have been properly examined
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140107/f2be5636/attachment.html>


More information about the Owasp-board mailing list