[Owasp-board] OWASP Summer Code Sprint Proposal

Konstantinos Papapanagiotou Konstantinos at owasp.org
Tue Apr 7 20:11:49 UTC 2015


All,

I'd like to help but before that I'd like to be 100% certain that there is
no CoI if hackademic participates in the same sense it participated in last
year's GSOC.

Kostas

On Tue, Apr 7, 2015 at 7:31 PM, psiinon <psiinon at gmail.com> wrote:

> If it come to a vote then I'd be very happy to back Kostas.
> I think he did an excellent job with GSoC.
>
> Simon
>
> On Tue, Apr 7, 2015 at 5:26 PM, Fabio Cerullo <fcerullo at owasp.org> wrote:
>
>> Johanna
>>
>> Anybody is welcome to participate and don’t like to establish rules about
>> ‘who’ should be participating as the ones you are suggesting.
>>
>> As mentioned earlier, I trust Kostas to do a great job and you are also
>> welcome to participate in the org team / project mentor teams.
>>
>> Having said that, I will progress with the project proposal working with
>> him which to my view is transparent and open to everyone.
>>
>> If someone from the Global Board disagrees, please let me know. Otherwise
>> I will seek budget approval for this to move ahead.
>>
>> Thanks,
>>
>> Fabio Cerullo
>> Global Board Member
>> OWASP Foundation
>> https://www.owasp.org
>>
>> On 7 Apr 2015, at 16:01, johanna curiel curiel <johanna.curiel at owasp.org>
>> wrote:
>>
>> I would definitely support Kostas as overall program admin in case he is
>> interested. Do you agree?
>>
>> I think this should be submitted to a vote, especially depending if
>> Kostas wants to mentor a project or if hackademics is also participating
>>
>> On Tue, Apr 7, 2015 at 10:56 AM, Fabio Cerullo <fcerullo at owasp.org>
>> wrote:
>>
>>> I think the 2 mentors per student slot makes sense. In case one of the
>>> mentors get sick, etc.
>>>
>>> Based on the feedback received and the iterations so far, it seems we
>>> have a strong proposal to put up for voting.
>>>
>>> I would definitely support Kostas as overall program admin in case he is
>>> interested. Do you agree?
>>>
>>> Thanks,
>>>
>>> Fabio Cerullo
>>> Global Board Member
>>> OWASP Foundation
>>> https://www.owasp.org
>>>
>>> On 7 Apr 2015, at 15:46, johanna curiel curiel <johanna.curiel at owasp.org>
>>> wrote:
>>>
>>> What do you think? I don’t have time to setup the wiki, etc at present
>>> but would welcome your help.
>>>
>>> I think the rules based on stages seems quite fair to me, however, that
>>> is my opinion ;-), another important criteria should be how many mentors
>>> are available per project to provide guidance. I think 1 project leader per
>>> student should be the minimum (Google uses 2 mentors per project/proposal)
>>>
>>> Also it should be clear , in case a mentor is not able to followup or
>>> continue with mentoring what should be done and who should follow up this
>>> (the org team), therefore , when volunteers want to be part of the
>>> program(whether org team/mentor) they must know their responsibilities,
>>> after all , we don't want to waste money well intended.
>>>
>>> Fabio, if you have no time to set the wiki, someone must take the lead
>>> to do this, based on what you have proposed, it seems to me that the
>>> person responsible or in-charge of the program should do this. Is it clear
>>> who is this person? (will it be Kostas? other ones?)
>>>
>>> When i take an initiative, I have always followed these steps
>>> (wiki-proposal, publish info, get reactions/adapt) so it is as much
>>> transparent as I can do. It is a lot of work but this is part of
>>> our responsibilities when managing these kind of initiatives.
>>>
>>> regards
>>>
>>> Johanna
>>>
>>> On Tue, Apr 7, 2015 at 10:37 AM, Fabio Cerullo <fcerullo at owasp.org>
>>> wrote:
>>>
>>>> Johanna,
>>>>
>>>> Thanks for asking.
>>>>
>>>> I thought about the slot allocation and maybe the criteria is the
>>>> ‘maturity’ of the project.
>>>>
>>>> https://www.owasp.org/index.php/OWASP_Project_Stages
>>>>
>>>> So, based on the project current status: Incubator, Lab, Flagship it is
>>>> decided the max amount of slots.
>>>>
>>>> Flagship: Max 3 slots
>>>> Lab: Max 2 slots
>>>> Incubator: Max 1 slot
>>>>
>>>> What do you think? I don’t have time to setup the wiki, etc at present
>>>> but would welcome your help.
>>>>
>>>> Thanks,
>>>>
>>>> Fabio Cerullo
>>>> Global Board Member
>>>> OWASP Foundation
>>>> https://www.owasp.org
>>>>
>>>> On 7 Apr 2015, at 15:24, johanna curiel curiel <
>>>> johanna.curiel at owasp.org> wrote:
>>>>
>>>> 5) Finally, the org team in conjunction with the project mentors team
>>>> then decide how many slots each project will get.
>>>>
>>>> I think , in order to avoid any conflict of interest, the org team
>>>> members should be an independent member with no ties to any of
>>>> the participating projects
>>>>
>>>> So I would like to formally request a budget of USD 30K (3K per slot
>>>> with a max of 10 slots) to move ahead with this process.
>>>>
>>>> A clear criteria should exist before any approvals are exercised.
>>>> The board should ask :
>>>> *Do we have clear criteria for this program?*
>>>> In my opinion, no, just a bunch of emails.
>>>>
>>>> *Has it been openly defined for all potential participating members and
>>>> project leaders?*
>>>> No, it should be published on a Wiki and send through the community
>>>> /owasp-leaders list for people to comment and agree. At least a clear
>>>> proposal should be setup and published.
>>>>
>>>> After this process then I think we could go ahead and approve, because
>>>> its clear what are the rules for participation. There are still some
>>>> issues that I see as potential conflicts such as *for example*:
>>>>
>>>>    - How many slots can a project get?
>>>>    - Should a project get more slots than others?
>>>>    - Based on what *exact*  criteria should we provide slots?
>>>>    - Should the org team have tights (such as being an active
>>>>    volunteer) to the participating project(this can be conflict of interest)
>>>>
>>>>
>>>>
>>>> regards
>>>>
>>>> Johanna
>>>>
>>>>
>>>>
>>>> On Tue, Apr 7, 2015 at 9:28 AM, Fabio Cerullo <fcerullo at owasp.org>
>>>> wrote:
>>>>
>>>>> Tobias,
>>>>>
>>>>> Thanks for your comments.
>>>>>
>>>>> I think an escalation procedure on step #5 is in order in case there
>>>>> is a disagreement between the org team and the project mentors team about
>>>>> slots.
>>>>>
>>>>> So I would like to formally request a budget of USD 30K (3K per slot
>>>>> with a max of 10 slots) to move ahead with this process.
>>>>>
>>>>> I will appreciate the support from fellow Board members to make this
>>>>> happen.
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Fabio Cerullo
>>>>> Global Board Member
>>>>> OWASP Foundation
>>>>> https://www.owasp.org
>>>>>
>>>>> On 7 Apr 2015, at 13:49, Tobias <tobias.gondrom at owasp.org> wrote:
>>>>>
>>>>>  Sounds fair to me.
>>>>>
>>>>> With one suggested addition: if there is disagreement in step #5, I
>>>>> like to see this reported to the org team / board / community for
>>>>> resolution without conflict of interest.
>>>>> If the teams agree with the resolution of step #5, I am happy and
>>>>> favour to go ahead. If there is serious disagreement, I like to hear about
>>>>> it.
>>>>>
>>>>> Best, Tobias
>>>>>
>>>>>
>>>>> On 07/04/15 05:33, Fabio Cerullo wrote:
>>>>>
>>>>> Jim,
>>>>>
>>>>>  Please allow me to explain a submission process might work for
>>>>> everyone:
>>>>>
>>>>>  1) Student review the ideas suggested by mentors. For example, GSOC
>>>>> 2015 Ideas: https://www.owasp.org/index.php/GSoC2015_Ideas
>>>>> 2) Based on those ideas, the students submit their own ideas/projects.
>>>>> Usually there are dozens of ideas submitted by students, some are good,
>>>>> some are poor, and some are completely new. The mentors are not involved at
>>>>> this stage other than answering questions to the students. There is a
>>>>> deadline for the students submission.
>>>>> 3) The 'project leaders/mentors team' are the ones who evaluate and
>>>>> pick the best students proposals because they know about their projects. In
>>>>> the past, we allowed all mentors to score all proposals and that is what
>>>>> caused an issue because some people ‘down voted’ other proposals to let
>>>>> their own proposals to score higher.
>>>>> 4) The 'org team' makes sure that there is no wrong doing by reviewing
>>>>> scores/etc. Last year, the issue above was identified by Kostas/staff and
>>>>> it was promptly addressed. An additional control that could be implemented,
>>>>> and we were hoping to implement this year at GSOC, is that no mentor could
>>>>> vote on other project proposals (e.g. ZAP mentors cannot down vote on OWTF
>>>>> proposals and viceversa). So that will bubble up naturally all the best
>>>>> proposals for each corresponding project based on scores from the project
>>>>> leaders/mentors.
>>>>> 5) Finally, the org team in conjunction with the project mentors team
>>>>> then decide how many slots each project will get.
>>>>>
>>>>>  Does it sound fair?
>>>>>
>>>>>  Fabio Cerullo
>>>>> Global Board Member
>>>>> OWASP Foundation
>>>>> https://www.owasp.org
>>>>>
>>>>>  On 6 Apr 2015, at 20:07, Jim Manico <jim.manico at owasp.org> wrote:
>>>>>
>>>>> I suggest the mentors work with students to make great proposals and
>>>>> have a •different group vote on who wins•. The whole issue was mentors
>>>>> voting on projects and we should consider avoiding that if we
>>>>> replicate a similar program at OWASP.
>>>>>
>>>>> --
>>>>> Jim Manico
>>>>> @Manicode
>>>>> (808) 652-3805
>>>>>
>>>>> On Apr 6, 2015, at 10:04 AM, Fabio Cerullo <fcerullo at owasp.org> wrote:
>>>>>
>>>>> The ‘Mentors team’ will review/score the proposals and select the best
>>>>> ones with an oversight from the ‘Organisation Team’.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing listOwasp-board at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owasp-board mailing list
>>>>> Owasp-board at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>
>
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150407/d0391efc/attachment-0001.html>


More information about the Owasp-board mailing list