<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">Jim, Eoin and Sarah, <br>
      <br>
      it would have been nice for someone to mention that "the whole
      point is to officially represent OWASP" when I sent the email on
      Dec-29 stating the assumption that you are attending as
      individuals: <br>
      <a
href="http://lists.owasp.org/pipermail/owasp-board/2014-January/012844.html">http://lists.owasp.org/pipermail/owasp-board/2014-January/012844.html</a><br>
      <br>
      This does indeed change the perception of this. :-( <br>
      <br>
      Best regards, Tobias<br>
      <br>
      <br>
      <br>
      On 04/01/14 22:54, Eoin Keary wrote:<br>
    </div>
    <blockquote
      cite="mid:51BBF773-C228-4CB3-B44F-CB5DE7DB8782@owasp.org"
      type="cite">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      <div>+1<br>
        <br>
        Eoin Keary
        <div>Owasp Global Board</div>
        <div>+353 87 977 2988</div>
        <div><br>
        </div>
      </div>
      <div><br>
        On 4 Jan 2014, at 22:52, Jim Manico <<a
          moz-do-not-send="true" href="mailto:jim.manico@owasp.org">jim.manico@owasp.org</a>>
        wrote:<br>
        <br>
      </div>
      <blockquote type="cite">
        <div>
          <meta http-equiv="content-type" content="text/html;
            charset=UTF-8">
          <div>With respect, this is a RSA association slot. The whole
            point is to officially represent OWASP at RSA....<br>
            <br>
            <div>
              --</div>
            <div>Jim Manico</div>
            <div>@Manicode</div>
            <div>(808) 652-3805</div>
          </div>
          <div><br>
            On Jan 4, 2014, at 7:53 AM, Tobias <<a
              moz-do-not-send="true"
              href="mailto:tobias.gondrom@owasp.org">tobias.gondrom@owasp.org</a>>
            wrote:<br>
            <br>
          </div>
          <blockquote type="cite">
            <div>
              <meta content="text/html; charset=UTF-8"
                http-equiv="Content-Type">
              <div class="moz-cite-prefix">No. There was no vote. <br>
                <br>
                And to be clear, my understanding was that everyone
                would be attending as individuals and not as
                representatives of the board or OWASP. <br>
                <br>
                I am not quite sure how this perception came about. But
                we may have to take clarifying action. <br>
                If other board members would concur, I would propose to
                make a simple statement that OWASP leaders and members
                speaking at the RSA conference do so as individuals and
                not in their function as representatives of OWASP. <br>
                <br>
                Best regards, Tobias<br>
                <br>
                <br>
                OWASP Global Board Member and Secretary of the Board<br>
                <br>
                <br>
                <br>
                <br>
                On 04/01/14 17:39, Tom Brennan - OWASP wrote:<br>
              </div>
              <blockquote
                cite="mid:5F14393E-5EDE-47D9-9225-C7C193A5A8F0@owasp.org"
                type="cite">
                <meta http-equiv="content-type" content="text/html;
                  charset=UTF-8">
                <div>There was a vote ?</div>
                <div><br>
                  On Jan 4, 2014, at 12:31 PM, Eoin Keary <<a
                    moz-do-not-send="true"
                    href="mailto:eoin.keary@owasp.org">eoin.keary@owasp.org</a>>

                  wrote:<br>
                  <br>
                </div>
                <blockquote type="cite">
                  <div>
                    <meta http-equiv="content-type" content="text/html;
                      charset=UTF-8">
                    <div>Many negative tweets re RSA an OWASP. (below).</div>
                    <div>As I brought this up already, are we sure we
                      are making the right decision by pushing forward
                      with this?</div>
                    <div><br>
                    </div>
                    <div><br>
                    </div>
                    <div><br>
                      <br>
                      Eoin Keary
                      <div>Owasp Global Board</div>
                      <div>+353 87 977 2988</div>
                      <div><br>
                      </div>
                    </div>
                    <div><br>
                      Begin forwarded message:<br>
                      <br>
                    </div>
                    <blockquote type="cite">
                      <div><b>From:</b> Sastry Tumuluri <<a
                          moz-do-not-send="true"
                          href="mailto:sastry.tumuluri@owasp.org">sastry.tumuluri@owasp.org</a>><br>
                        <b>Date:</b> 4 January 2014 16:48:50 GMT<br>
                        <b>To:</b> "Kanwal Singh (WebMentors)" <<a
                          moz-do-not-send="true"
                          href="mailto:kanwalsb@gmail.com">kanwalsb@gmail.com</a>>,

                        Ravdeep Sodhi <<a moz-do-not-send="true"
                          href="mailto:ravdeep.sodhi@ecoretechnos.com">ravdeep.sodhi@ecoretechnos.com</a>>,

                        "Nishant Johar (EMOBX)" <<a
                          moz-do-not-send="true"
                          href="mailto:nj@emobx.com">nj@emobx.com</a>>,
                        Rochak Chauhan <<a moz-do-not-send="true"
                          href="mailto:rochak.chauhan@owasp.org">rochak.chauhan@owasp.org</a>><br>
                        <b>Cc:</b> "Jim Manico (OWASP)" <<a
                          moz-do-not-send="true"
                          href="mailto:jim.manico@owasp.org">jim.manico@owasp.org</a>>,

                        "Eoin Keary (OWASP)" <<a
                          moz-do-not-send="true"
                          href="mailto:eoin.keary@owasp.org">eoin.keary@owasp.org</a>><br>
                        <b>Subject:</b> <b>OWASP Board decision that I
                          don't agree with</b><br>
                        <br>
                      </div>
                    </blockquote>
                    <blockquote type="cite">
                      <div>
                        <div dir="ltr">
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif">Friends,</div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif"><br>
                          </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif">
                            Please see the following full conversation
                            on twitter: </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif"><a
                              moz-do-not-send="true"
                              href="https://twitter.com/EoinKeary/status/419111748424454145"
                              target="_blank">https://twitter.com/EoinKeary/status/419111748424454145</a></div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif"><br>
                          </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif">Eoin
                            Keary and Jim Manico (both OWASP board
                            members) will be presenting/conducting 4 hrs
                            of free-of-cost AppSec training at the RSA
                            Conference, 2014. Michael Coates, Chairman
                            of the OWASP Board is also said to be
                            present. Apparently, this was discussed at
                            the OWASP board level; and the board has
                            decided to go ahead, keeping in mind the
                            benefit to the attending developers.</div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif"><br>
                          </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif">As you
                            are aware, RSA is strongly suspected (we'll
                            never be 100% sure, I'm afraid) of being
                            complicit with NSA in enabling fatal
                            weakening of crypto products. RSA has issued
                            a sort of a denial that only deepens the
                            mistrust. As a protest, many leading
                            speakers are cancelling their talks at the
                            upcoming RSAC 2014. Among them are (to my
                            knowledge) Mikko Hypponen, Jeffrey Carr and
                            Josh Thomas.</div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif"><br>
                          </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif">At
                            such a time, I am saddened by the OWASP
                            board decision to support RSAC by their
                            presence. At a time when they had the
                            opportunity to let the world know how much
                            they care for the Information Security
                            profession (esp., against weakening crypto);
                            and how much they care about the privacy of
                            people (against NSA's unabashed spying on
                            Americans & non-Americans alike), the
                            board has copped out using a flimsy
                            rationalization ("benefit of (a few)
                            developers", many of who would rethink their
                            attendance had OWASP and more organizations
                            didn't blink!"). </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif"><br>
                          </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif">I'm
                            sure there was a heated debate. I'm sure all
                            angles were considered. However, this goes
                            too deep for me to take it as "better men
                            than me have considered and decided". As a
                            matter of my personal values, if the
                            situation doesn't change, I would no longer
                            wish to continue as the OWASP Chapter Lead.
                            Please let me know if any of you would like
                            to take over from me. </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif"><br>
                          </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif">I will
                            also share my feelings with fellow chapter
                            members at our next chapter meeting on Jan
                            21st. Needless to say, no matter how things
                            go, I remain committed to the principles of
                            our open and open-source infosec community.</div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif"><br>
                          </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif">Best
                            regards,</div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif"> <br>
                          </div>
                          <div class="gmail_default"
                            style="font-family:tahoma,sans-serif">==Sas3==</div>
                        </div>
                      </div>
                    </blockquote>
                  </div>
                </blockquote>
                <blockquote type="cite">
                  <div><span>_______________________________________________</span><br>
                    <span>Owasp-board mailing list</span><br>
                    <span><a moz-do-not-send="true"
                        href="mailto:Owasp-board@lists.owasp.org">Owasp-board@lists.owasp.org</a></span><br>
                    <span><a moz-do-not-send="true"
                        href="https://lists.owasp.org/mailman/listinfo/owasp-board">https://lists.owasp.org/mailman/listinfo/owasp-board</a></span><br>
                  </div>
                </blockquote>
                <br>
                <fieldset class="mimeAttachmentHeader"></fieldset>
                <br>
                <pre>_______________________________________________
Owasp-board mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Owasp-board@lists.owasp.org">Owasp-board@lists.owasp.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.owasp.org/mailman/listinfo/owasp-board">https://lists.owasp.org/mailman/listinfo/owasp-board</a>
</pre>
              </blockquote>
              <br>
            </div>
          </blockquote>
          <blockquote type="cite">
            <div><span>_______________________________________________</span><br>
              <span>Owasp-board mailing list</span><br>
              <span><a moz-do-not-send="true"
                  href="mailto:Owasp-board@lists.owasp.org">Owasp-board@lists.owasp.org</a></span><br>
              <span><a moz-do-not-send="true"
                  href="https://lists.owasp.org/mailman/listinfo/owasp-board">https://lists.owasp.org/mailman/listinfo/owasp-board</a></span><br>
            </div>
          </blockquote>
        </div>
      </blockquote>
    </blockquote>
    <br>
  </body>
</html>