[Owasp-board] OWASP Summer Code Sprint Proposal

psiinon psiinon at gmail.com
Tue Apr 7 16:31:22 UTC 2015


If it come to a vote then I'd be very happy to back Kostas.
I think he did an excellent job with GSoC.

Simon

On Tue, Apr 7, 2015 at 5:26 PM, Fabio Cerullo <fcerullo at owasp.org> wrote:

> Johanna
>
> Anybody is welcome to participate and don’t like to establish rules about
> ‘who’ should be participating as the ones you are suggesting.
>
> As mentioned earlier, I trust Kostas to do a great job and you are also
> welcome to participate in the org team / project mentor teams.
>
> Having said that, I will progress with the project proposal working with
> him which to my view is transparent and open to everyone.
>
> If someone from the Global Board disagrees, please let me know. Otherwise
> I will seek budget approval for this to move ahead.
>
> Thanks,
>
> Fabio Cerullo
> Global Board Member
> OWASP Foundation
> https://www.owasp.org
>
> On 7 Apr 2015, at 16:01, johanna curiel curiel <johanna.curiel at owasp.org>
> wrote:
>
> I would definitely support Kostas as overall program admin in case he is
> interested. Do you agree?
>
> I think this should be submitted to a vote, especially depending if Kostas
> wants to mentor a project or if hackademics is also participating
>
> On Tue, Apr 7, 2015 at 10:56 AM, Fabio Cerullo <fcerullo at owasp.org> wrote:
>
>> I think the 2 mentors per student slot makes sense. In case one of the
>> mentors get sick, etc.
>>
>> Based on the feedback received and the iterations so far, it seems we
>> have a strong proposal to put up for voting.
>>
>> I would definitely support Kostas as overall program admin in case he is
>> interested. Do you agree?
>>
>> Thanks,
>>
>> Fabio Cerullo
>> Global Board Member
>> OWASP Foundation
>> https://www.owasp.org
>>
>> On 7 Apr 2015, at 15:46, johanna curiel curiel <johanna.curiel at owasp.org>
>> wrote:
>>
>> What do you think? I don’t have time to setup the wiki, etc at present
>> but would welcome your help.
>>
>> I think the rules based on stages seems quite fair to me, however, that
>> is my opinion ;-), another important criteria should be how many mentors
>> are available per project to provide guidance. I think 1 project leader per
>> student should be the minimum (Google uses 2 mentors per project/proposal)
>>
>> Also it should be clear , in case a mentor is not able to followup or
>> continue with mentoring what should be done and who should follow up this
>> (the org team), therefore , when volunteers want to be part of the
>> program(whether org team/mentor) they must know their responsibilities,
>> after all , we don't want to waste money well intended.
>>
>> Fabio, if you have no time to set the wiki, someone must take the lead to
>> do this, based on what you have proposed, it seems to me that the
>> person responsible or in-charge of the program should do this. Is it clear
>> who is this person? (will it be Kostas? other ones?)
>>
>> When i take an initiative, I have always followed these steps
>> (wiki-proposal, publish info, get reactions/adapt) so it is as much
>> transparent as I can do. It is a lot of work but this is part of
>> our responsibilities when managing these kind of initiatives.
>>
>> regards
>>
>> Johanna
>>
>> On Tue, Apr 7, 2015 at 10:37 AM, Fabio Cerullo <fcerullo at owasp.org>
>> wrote:
>>
>>> Johanna,
>>>
>>> Thanks for asking.
>>>
>>> I thought about the slot allocation and maybe the criteria is the
>>> ‘maturity’ of the project.
>>>
>>> https://www.owasp.org/index.php/OWASP_Project_Stages
>>>
>>> So, based on the project current status: Incubator, Lab, Flagship it is
>>> decided the max amount of slots.
>>>
>>> Flagship: Max 3 slots
>>> Lab: Max 2 slots
>>> Incubator: Max 1 slot
>>>
>>> What do you think? I don’t have time to setup the wiki, etc at present
>>> but would welcome your help.
>>>
>>> Thanks,
>>>
>>> Fabio Cerullo
>>> Global Board Member
>>> OWASP Foundation
>>> https://www.owasp.org
>>>
>>> On 7 Apr 2015, at 15:24, johanna curiel curiel <johanna.curiel at owasp.org>
>>> wrote:
>>>
>>> 5) Finally, the org team in conjunction with the project mentors team
>>> then decide how many slots each project will get.
>>>
>>> I think , in order to avoid any conflict of interest, the org team
>>> members should be an independent member with no ties to any of
>>> the participating projects
>>>
>>> So I would like to formally request a budget of USD 30K (3K per slot
>>> with a max of 10 slots) to move ahead with this process.
>>>
>>> A clear criteria should exist before any approvals are exercised.
>>> The board should ask :
>>> *Do we have clear criteria for this program?*
>>> In my opinion, no, just a bunch of emails.
>>>
>>> *Has it been openly defined for all potential participating members and
>>> project leaders?*
>>> No, it should be published on a Wiki and send through the community
>>> /owasp-leaders list for people to comment and agree. At least a clear
>>> proposal should be setup and published.
>>>
>>> After this process then I think we could go ahead and approve, because
>>> its clear what are the rules for participation. There are still some
>>> issues that I see as potential conflicts such as *for example*:
>>>
>>>    - How many slots can a project get?
>>>    - Should a project get more slots than others?
>>>    - Based on what *exact*  criteria should we provide slots?
>>>    - Should the org team have tights (such as being an active
>>>    volunteer) to the participating project(this can be conflict of interest)
>>>
>>>
>>>
>>> regards
>>>
>>> Johanna
>>>
>>>
>>>
>>> On Tue, Apr 7, 2015 at 9:28 AM, Fabio Cerullo <fcerullo at owasp.org>
>>> wrote:
>>>
>>>> Tobias,
>>>>
>>>> Thanks for your comments.
>>>>
>>>> I think an escalation procedure on step #5 is in order in case there is
>>>> a disagreement between the org team and the project mentors team about
>>>> slots.
>>>>
>>>> So I would like to formally request a budget of USD 30K (3K per slot
>>>> with a max of 10 slots) to move ahead with this process.
>>>>
>>>> I will appreciate the support from fellow Board members to make this
>>>> happen.
>>>>
>>>> Thanks,
>>>>
>>>> Fabio Cerullo
>>>> Global Board Member
>>>> OWASP Foundation
>>>> https://www.owasp.org
>>>>
>>>> On 7 Apr 2015, at 13:49, Tobias <tobias.gondrom at owasp.org> wrote:
>>>>
>>>>  Sounds fair to me.
>>>>
>>>> With one suggested addition: if there is disagreement in step #5, I
>>>> like to see this reported to the org team / board / community for
>>>> resolution without conflict of interest.
>>>> If the teams agree with the resolution of step #5, I am happy and
>>>> favour to go ahead. If there is serious disagreement, I like to hear about
>>>> it.
>>>>
>>>> Best, Tobias
>>>>
>>>>
>>>> On 07/04/15 05:33, Fabio Cerullo wrote:
>>>>
>>>> Jim,
>>>>
>>>>  Please allow me to explain a submission process might work for
>>>> everyone:
>>>>
>>>>  1) Student review the ideas suggested by mentors. For example, GSOC
>>>> 2015 Ideas: https://www.owasp.org/index.php/GSoC2015_Ideas
>>>> 2) Based on those ideas, the students submit their own ideas/projects.
>>>> Usually there are dozens of ideas submitted by students, some are good,
>>>> some are poor, and some are completely new. The mentors are not involved at
>>>> this stage other than answering questions to the students. There is a
>>>> deadline for the students submission.
>>>> 3) The 'project leaders/mentors team' are the ones who evaluate and
>>>> pick the best students proposals because they know about their projects. In
>>>> the past, we allowed all mentors to score all proposals and that is what
>>>> caused an issue because some people ‘down voted’ other proposals to let
>>>> their own proposals to score higher.
>>>> 4) The 'org team' makes sure that there is no wrong doing by reviewing
>>>> scores/etc. Last year, the issue above was identified by Kostas/staff and
>>>> it was promptly addressed. An additional control that could be implemented,
>>>> and we were hoping to implement this year at GSOC, is that no mentor could
>>>> vote on other project proposals (e.g. ZAP mentors cannot down vote on OWTF
>>>> proposals and viceversa). So that will bubble up naturally all the best
>>>> proposals for each corresponding project based on scores from the project
>>>> leaders/mentors.
>>>> 5) Finally, the org team in conjunction with the project mentors team
>>>> then decide how many slots each project will get.
>>>>
>>>>  Does it sound fair?
>>>>
>>>>  Fabio Cerullo
>>>> Global Board Member
>>>> OWASP Foundation
>>>> https://www.owasp.org
>>>>
>>>>  On 6 Apr 2015, at 20:07, Jim Manico <jim.manico at owasp.org> wrote:
>>>>
>>>> I suggest the mentors work with students to make great proposals and
>>>> have a •different group vote on who wins•. The whole issue was mentors
>>>> voting on projects and we should consider avoiding that if we
>>>> replicate a similar program at OWASP.
>>>>
>>>> --
>>>> Jim Manico
>>>> @Manicode
>>>> (808) 652-3805
>>>>
>>>> On Apr 6, 2015, at 10:04 AM, Fabio Cerullo <fcerullo at owasp.org> wrote:
>>>>
>>>> The ‘Mentors team’ will review/score the proposals and select the best
>>>> ones with an oversight from the ‘Organisation Team’.
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>>
>>>
>>>
>>
>>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>


-- 
OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150407/4ffb81a7/attachment-0001.html>


More information about the Owasp-board mailing list