[Owasp-board] OWASP Funding Proposal

Tobias tobias.gondrom at owasp.org
Thu Oct 8 19:15:42 UTC 2015

Hi Josh,

I gave my feedback during the last board meeting.

But let me provide feedback in a more structured way going through the 
latest list.
I agree with nearly all of them. Only for for some, I think we need to 
clarify a little bit more.

Proposal 1: Agreed. But if I recall correctly your proposal #1 was 
already approved at the last board meeting. So I think we can consider 
that done.

Proposal 2: Agreed

*Proposal 3: **needs clarification**
*I think we need to spell out what we mean with an "active chapter" as 
we are using the term as a criteria in proposal 3? Is that a 
mailing-list with no traffic and no meetings, but two leaders on the 
wiki page? Or would "active" mean they have some meetings and maybe a 
handful of members? My proposal for the definition of "active chapter" 
would be something like at least 3 emails on the mailing-list in the 
last year, at least one meeting and at least 5 members. Is this enough 
to count as active? For "active projects", I am less clear what is an 
active project? Just a project page with no content and no communication 
or subscribers on the mailing-list except for the two leaders? Would 
this already be an active project? Any thoughts how we can describe this 
term from proposal 3?

Proposal 4: "Upon creation of a new project or chapter, as long as they 
have at least two leaders they will be allocated a $500 budget to begin 
*COMMENT: *I have been thinking a bit more on Michael's comment last 
night to reward activity. And I think some reward mechanism for chapter 
activity and project status would be right. IMO we should be consistent 
and apply the same criteria for "active" as we did in proposal 3.

Proposal 5: Agreed

*Proposal 6: propose minor revision of wording to clarify**
*> Proposal 6: If a request for funding has been approved for one 
chapter or project, then it can be considered an acceptable
 > expense for all chapters or projects.  If they have an account 
balance which covers that expense in full, then they should
 > be considered pre-approved for spending.

I agree in spirit, but I think this needs clarification and am a bit 
concerned about liberal interpretations of what is the same expense 
type. Expenses tend to not be exactly identical and I like to safe 
chapter and project leads from searching the public expense lists for 
precedence. As one example if a flight ticket is approved for a chapter 
leader to attend the AppSec chapter leader workshop, that should not 
mean we also approve a flight ticket to Bahamas for holiday for another 
chapter leader. Technically both are flight expenses for chapter 
leaders. (I know I am splitting hairs...)

*Suggested revision: **
*Proposal 6: If a request for funding has been approved for one chapter 
or project, then it can be considered an acceptable expense for all 
chapters or projects. Our operations team shall periodically (at least 
once every 3 months) review the list of published expenses and if new 
expense types come up add them to the published list of acceptable 
expenses. If the chapters or projects have an account balance which 
covers that expense in full, then they should be considered pre-approved 
for spending.

Proposal 7: Agreed.
(Personally for me bi-monthly or quarterly would also be ok, but am also 
in agreement with monthly. )

Proposal 8: Agreed.

Revised Proposal 9: Agreed.
(on a note: technically, this is already the case today, but I don't 
mind making this more explicit.)

Revised Proposal 10: Agreed.

*New Proposal 11: **
*Building on Michael's and your comment about rewarding active projects. 
I very much like that idea!
And I would have a friendly additional proposal.
Proposal 11:
Any project newly reaching lab status receives a one-time extra USD500 
into their project account.
Any project newly reaching flagship status receives a one-time extra 
USD1000 into their project account.

This could add some nice gamification feature for projects that are 
often underfunded and could make the maturity status of projects more 
exciting. What do you think about that?

Best regards, Tobias

Ps.: our next board meeting is on October 14th. I propose to simply add 
this to the agenda there. If we can resolve the clarification items, I 
am also ok to e-vote on them before that.

On 08/10/15 05:54, Josh Sokol wrote:
> Board,
> Almost two weeks has past since my funding proposal was put on hold at 
> the September Board Meeting.  It's been put out for the community to 
> comment on and, after some discussion, I made a couple of subtle 
> tweaks for clarification purposes to proposals 9 and 10, but it is 
> otherwise pretty much the same proposal as what I had originally 
> presented.  We have had a couple of members of the community 
> communicate in favor of the plan.  The two dissenters, Azzedine and 
> Richard, have been addressed after a clarification of the wording and 
> intent. The only Board member who I have received feedback on it 
> during this time period is Jim, and I believe he stated that his 
> issues have been sufficiently addressed.  Are there any other concerns 
> out there before it can be brought to a vote? Here are the current 
> proposals:
> https://www.owasp.org/index.php/Proposal_for_2015-09-25_OWASP_Board_Meeting
> If there are no further comments and we feel that two weeks is a 
> sufficient time for feedback, then I would like to proceed with an 
> e-mail vote so that we do not have to waste additional time on it 
> during the October Board Meeting. Thoughts?
> ~josh
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20151008/5ee09402/attachment.html>

More information about the Owasp-board mailing list