[Owasp-board] OWASP Project Committee

johanna curiel curiel johanna.curiel at owasp.org
Wed Sep 17 21:44:53 UTC 2014

Hi Josh,

Here is the list of requirements that members must comply(apart from the
rules stipulated in the committee)
-Must Provide feedback when requested
-Project Review of at least one project during a period of 3  months
-Provide feedback and Review of Reports regarding the project review's
result(every 6 months we have major reviews and when a member requests one,
minor ones are done every 3 months)

These are all my requirements. Feel free to shoot anytime the email to the
community to look for members



On Wed, Sep 17, 2014 at 3:42 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

> OK, we can delay the call for participants for as long as you need, but
> the committee cannot be created until that call has been made and the 7 day
> window has passed.  Let me know if you need any help with that.
> ~josh
> On Wed, Sep 17, 2014 at 2:37 PM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>> Josh
>> Sure
>>  I think the best  is to create a list of requirements for participation
>> and then we can publish this through the Community-leader list.
>> I also want as much as transparency from beginning and during the
>> participation of the committee, because I alone cannot run this. Alone
>> means is Is not transparent , nor democratic ,neither sustainable in the
>> long run.
>> regards
>> On Wed, Sep 17, 2014 at 3:33 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>>> Johanna,
>>> If you would prefer to make the announcement on the OWASP community list
>>> to elaborate on what you are looking for from committee members, I think
>>> that would be acceptable.  The goal here is to provide transparency in the
>>> committee creation and provide everyone with an opportunity for membership
>>> from the start.  Also, to ensure that there is an adequate number of
>>> participants to keep committee activities afloat.
>>> ~josh
>>> On Wed, Sep 17, 2014 at 11:55 AM, johanna curiel curiel <
>>> johanna.curiel at owasp.org> wrote:
>>>> So, since last night we established majority support, no arguments
>>>> against, no conflict, and in-line with OWASP goals, now we (the Board) need
>>>> to make a public call for OWASP members interested.
>>>> Hi Josh,
>>>> Could it be possible that we emphasize that members that want to be
>>>> part of the committee, should be actively involved?
>>>> Sometimes people have the tendency to not read the entire document,
>>>> however I find important that we highlight is. Bottom line: You want to be
>>>> a member, you must be active. I think the potential bottlenecks of
>>>> committees is this, that people become inactive and at a certain moment
>>>> there is not enough participation of other members.
>>>> If that could be the case, then unfortunately I would have to step back
>>>> from the committee and my work involved in it. That is how I interpret  the
>>>> committee rules. Please let me know if I'm interpreting this correctly
>>>> regards
>>>> Johanna
>>>> On Wed, Sep 17, 2014 at 10:34 AM, Josh Sokol <josh.sokol at owasp.org>
>>>> wrote:
>>>>> To summarize the process:
>>>>> Step 1) Johanna made the proposal - COMPLETE
>>>>> Step 2) Community discussion - COMPLETE
>>>>> Step 3) Perceived majority support and no major arguments against -
>>>>> Step 4) Board established no conflict and in-line with OWASP Goals -
>>>>> Step 5) The BOARD initiates a public call for OWASP members interested
>>>>> in committee membership via the OWASP community mailing list.  There is a 7
>>>>> day window for this call. - WE ARE HERE
>>>>> Step 6) As long as there are at least 5 applicants, the Board votes on
>>>>> the creation of the committee.
>>>>> So, since last night we established majority support, no arguments
>>>>> against, no conflict, and in-line with OWASP goals, now we (the Board) need
>>>>> to make a public call for OWASP members interested.
>>>>> ~josh
>>>>> On Wed, Sep 17, 2014 at 4:15 AM, johanna curiel curiel <
>>>>> johanna.curiel at owasp.org> wrote:
>>>>>> Jim,
>>>>>> After  I sent the draft to the owasp list, I received a request to be
>>>>>> part of the committee from the following members
>>>>>> Carlos Allende
>>>>>> Azzedine Menouchi
>>>>>> Amro
>>>>>> Christian Ducharme
>>>>>> Christian is a relative new volunteer and had made some valuable
>>>>>> contributions reviewing some of the projects
>>>>>> Other members have provided their feedback but I must say I wish the
>>>>>> participation into reviews was much higher, however most people struggle to
>>>>>> be committed to do this because of the amount of work involved into
>>>>>> testing  Owasp projects.it sounds simple, but consuming hardly well
>>>>>> documented owasp projects , Configuring and install them can be
>>>>>> challenging, especially those ones that are not click and install.
>>>>>> Being that said, and based on my experience, what I expect from these
>>>>>> members is feedback when proposing guidelines.
>>>>>> In the past, project review committees and technical board failed
>>>>>> because it was expected that volunteer members will be doing these kind of
>>>>>> work. Unfortunately, experience have shown that we cannot expect this
>>>>>> because most volunteers do not have the time and regular commitment to do
>>>>>> this, therefore my focus has been to automate some of these tasks and
>>>>>> create an analysis structure where we focus on some key indicators.
>>>>>> eventually we might create a budget to hire , when necessary, a
>>>>>> tester/programmer to support us with some of these tasks as we are about to
>>>>>> do, by configuring the builds into the VM machine and be able to smoke test
>>>>>> using automated tools such as Ranorex.
>>>>>> I have been managing with Kait must of the work of with the
>>>>>> communication and status of the projects through JIRA, so we have a history
>>>>>> of the actions per projects.
>>>>>> My personal situation will also change in the future , so all the
>>>>>> work I have done so far, will be done in cycles to allow a realistic
>>>>>> planning. We have been able to clean the inventory and set a process for
>>>>>> reviews, based on the actual resources.
>>>>>> This is what I can offer as a volunteer and member of a this
>>>>>> committee. This is what we can achieve as a team based of previous
>>>>>> experiences, successes and fails.
>>>>>> Let me know as a board if you want to move fwd with the proposal and
>>>>>> the committee based on the actual situation
>>>>>> Regards
>>>>>> Johanna
>>>>>> On Tuesday, September 16, 2014, Jim Manico <jim at manico.net> wrote:
>>>>>>> Johanna,
>>>>>>> The OWASP Board reviewed your application for a project committee
>>>>>>> and agreed to move to the next step in the committee creation process
>>>>>>> outlined here.
>>>>>>> https://docs.google.com/a/owasp.org/document/d/
>>>>>>> 1Qpb34WXJQfPdNOc2w7iwGwgwDUsI8GmGtM8C6bRPzU8/edit?pli=1
>>>>>>> Johanna, the next step is to find 5 OWASP members in good standing
>>>>>>> who wish to be a part of this committee. There is a 5 member minimum to
>>>>>>> create a committee.
>>>>>>> Since this is all part of the new Committee 2.0 process and this is
>>>>>>> my first time sending an email of this nature, can anyone please correct my
>>>>>>> process if wrong here?
>>>>>>> Aloha,
>>>>>>> Jim
>>>>>> _______________________________________________
>>>>>> Owasp-board mailing list
>>>>>> Owasp-board at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140917/a32ff829/attachment.html>

More information about the Owasp-board mailing list