[Owasp-leaders] [Global_conference_committee] [Committees-chairs] [Global_chapter_committee] [owasp-board] Re: 2012 Speaker Agreement Update

Ralph Durkee rd at rd1.net
Thu Jun 28 10:56:02 UTC 2012


I've found collecting  a draft of the presentation 30 days prior is a 
good practice.  The final can be 5 days prior.   I would consider it 
professional, and allows you to have copies for attendees ready  when 
they arrive.

  -- Ralph Durkee
Principal Security Consultant


On 03/29/2012 07:50 AM, John Wilander wrote:
> My 50 cents ...
>
> 1) The policy should be a simple bullet list and not multiple sections 
> of text. Understandable for non-native English speakers in less than 
> three minutes should be the goal.
>
> 2) /"I will submit to the OWASP Event Leader my presentation(s) in one 
> of the previous formats no later than 30 days prior to the 
> conference."/ I rarely even start preparing my presentation 30 days 
> prior to the event since I want it fresh and in my cache. If I do 
> prepare that early, I prepare my *demos* which are part of my 
> *presentation* but not part of a slide deck. This 30 days rule is a 
> typical PowerPoint Pusher requirement that alienates many quality 
> presenters. Giving good talks is an art that doesn't fit well with 
> static, month-old slide decks.
>
> 3) The language of the policy is too formal for non-native English 
> speakers. E.g. /"I agree to indemnify and hold harmless OWASP ..."/. 
> With this level of language we'll have to translate it to several 
> other languages => more time and effort spent on useless things while 
> several high profile OWASP projects deteriorate.
>
>    Regards, John
>
>
> 2012/3/29 Dennis Groves <dennis.groves at owasp.org 
> <mailto:dennis.groves at owasp.org>>
>
>     I think we should be able to publish under the GNU Licenses as
>     well. Additionally, I agree with Jim. I am just going to make it
>     known that while I very much agree with vendor neutrality;
>     however, we also must balance this with the fact that many of you
>     are lucky to be supported by an employer who supports OWASP - and
>     we should not discourage this! They are greasing the wheels and
>     making it possible for OWASP to continue our mission. That said I
>     believe OWASP should formalise that into a 'hard-line' so that
>     they vendors have a clear incentives program, but still allows
>     OWASP to maintain its strict vendor neutrality. In this way maybe
>     more of us could find ourselves in the position Jim is in.
>
>     Dennis
>
>     -- 
>     Dennis Groves <http://about.me/dennis.groves>, MSc
>     dennis.groves at owasp.org <mailto:dennis.groves at owasp.org>
>
>     <http://www.owasp.org/>
>
>     /This work is licensed under the Creative Commons
>     Attribution-NonCommercial-NoDerivs 3.0 Unported License. To view a
>     copy of this license, visit
>     http://creativecommons.org/licenses/by-nc-nd/3.0/ or send a letter
>     to Creative Commons, 444 Castro Street, Suite 900, Mountain View,
>     California, 94041, USA./
>
>
>
>     On Thu, Mar 29, 2012 at 04:47, Benny Ketelslegers
>     <benny.ketelslegers at owasp.org
>     <mailto:benny.ketelslegers at owasp.org>> wrote:
>
>         I agree as well...  No vendor pitch and creative commons but
>         not to forget a non-liability clause for OWASP (chapter) for
>         the content of the presentation. Although I'm not sure about
>         legality of such an agreement in other (Asian) countries. Will
>         do some research. We need to have a translated version anyway
>         and too legal sounding text is hard to translate for
>         "volunteers". For non-liability clause alone, I think asking
>         the speaker to look and agree to it is important.
>         Recommend using a template is fine but I rarely see it
>         enforced, plus limits people in their creativity.
>
>         My 2¥.
>
>         Best regards
>
>
>         On Thursday, March 29, 2012, Tin Zaw wrote:
>
>             Jim, that was what I was saying as well, so I am 100% with
>             you on it
>             -- vendor neutral, and available under creative commons.
>
>             Content and intent are more important than look of the
>             slides. And
>             supporters -- vendors, volunteers, etc. -- must be
>             acknowledged.
>
>             On Wed, Mar 28, 2012 at 11:14 PM, Mark Bristow
>             <mark.bristow at owasp.org> wrote:
>             > I think your spot on.
>             >
>             > -Mark
>             >
>             > Sent from my wireless device
>             >
>             > On Mar 28, 2012, at 7:08 PM, Jim Manico
>             <jim.manico at owasp.org> wrote:
>             >
>             > Personally, I think we need to enforce, strictly, only 2
>             points on speakers:
>             >
>             > 1) All presentations must be creative commons.
>             > 2) No vendor pitches.
>             >
>             > Number 1 is easy to enforce. Number 2 is very difficult
>             to enforce.
>             >
>             > WhiteHat Security is very kindly sponsoring me to
>             fly all over the
>             > country/world to give vendor-neutral secure-coding
>             creative-commons talks.
>             > They asked me, very politely, to brand my PowerPoints as
>             WhiteHat
>             > Security. At first, I was really against this. But a few
>             things changed my
>             > mind today.
>             >
>             > 1) WhiteHat is paying my salary, which helps support my
>             ability to deliver
>             > these talks
>             > 2) I would not be able to do this if it was  not for
>             their support giving me
>             > massive chunks of time to do this
>             > 3) WhiteHat is also a OWASP corporate sponsor and
>             supports various OWASP
>             > conferences
>             > 4) They are not trying to control ANY of my content;
>             they are even helping
>             > me clean up my creative-commons slide decks.
>             >
>             > My integrity matters to me. But I am starting to think
>             that a company who
>             > supports me giving a whole lot of vendor-neutral
>             creative-commons secure
>             > coding talks deserves some recognition.
>             >
>             > Thoughts, community? Am I off base here?
>             >
>             > --
>             > Jim Manico
>             > (808) 652-3805 <tel:%28808%29%20652-3805>
>             >
>             >
>             >
>             > On Mar 29, 2012, at 12:40 AM, Thomas Brennan
>             <tomb at owasp.org> wrote:
>             >
>             >
>             > We want to make a agreement that is acceptable to the
>             goals and mission of
>             > the association in raising application security.
>             >
>             > We don't want to have a paper-tiger agreement that is
>             disregarded as to
>             > complex and not enforced do we?
>             >
>             > Revise and alert the speakers for AppSecDC AppSecUSA
>             EMEA, LATAM etc etc..
>             > If OWASP can't do this with our employees and volenteers
>             then call it what
>             > Seba noted best practice.
>             >
>             > Content is content it's either valuable or it's not, I
>             personally don't care
>             > about a logo -- in many cases they paid the airfare,
>             lodging and salary of
>             > the speaker (this includes Goverment and other
>             submitters) hence if the
>             > preso sucks... It still sucks.
>             >
>             > The agreement is what I am changellging and asking the
>             committes chapters
>             > and conferences trot a health check - and the rest of
>             the leaders for there
>             > input as its their organization and they speak for the
>             160 chapters and
>             > running conferences.
>             >
>             >
>             > On Mar 28, 2012, at 6:22 PM, Jim Manico
>             <jim.manico at owasp.org> wrote:
>             >
>             > The speaker agreement is already very clear on the topic
>             of presentation
>             > branding.
>             >
>             > " Speakers are encouraged to include their contact
>             information when
>             > introducing themselves, but may NOT include their logo
>             on any visual and
>             > handout materials. Speakers are to avoid any appearance
>             of commercialism in
>             > their session and presentations are to be of a technical
>             or solutions
>             > emphasis."
>             >
>             > At least 50% of all speakers I have seen violate this,
>             including board
>             > members.
>             >
>             > The question is, do we want to enforce this policy (from
>             Nov 2011)?
>             >
>             > - Jim
>             >
>             >
>             > A general remark from my side: only use the speaker
>             agreement when in doubt.
>             > We use this agreement very pragmatically in Belgium and
>             have only pointed to
>             > it upfront to speakers when we thought a certain
>             speaker/topic could become
>             > a commercial talk.
>             >
>             > Otherwise: minimize the red tape :-)
>             >
>             > --seba
>             >
>             > On Wed, Mar 28, 2012 at 8:22 PM, Teresa Stevens
>             > <teresa-ann-stevens at comcast.net> wrote:
>             >>
>             >> I agree with Josh. Thanks,
>             >>
>             >> Teresa Stevens, CISSP, MSIA, PMMC
>             >> Information Security Specialist -- Team Leader
>             >> San Francisco Bay Area
>             >> 510-842-8868 <tel:510-842-8868> (home), 510--
>
>             Tin Zaw, CISSP, CSSLP
>             Chapter Leader and President, OWASP Los Angeles Chapter
>             Member, OWASP Global Chapter Committee
>             Google Voice: (213) 973-9295 <tel:%28213%29%20973-9295>
>             LinkedIn: http://www.linkedin.com/in/tinzaw
>             _______________________________________________
>             OWASP-Leaders mailing list
>             OWASP-Leaders at lists.owasp.org
>             https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>         _______________________________________________
>         OWASP-Leaders mailing list
>         OWASP-Leaders at lists.owasp.org
>         <mailto:OWASP-Leaders at lists.owasp.org>
>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>     _______________________________________________
>     Global_conference_committee mailing list
>     Global_conference_committee at lists.owasp.org
>     <mailto:Global_conference_committee at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/global_conference_committee
>
>
>
>
> -- 
> John Wilander, https://twitter.com/johnwilander
> Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
> Conf Comm, http://www.owasp.org/index.php/Global_Conferences_Committee
> My music http://www.johnwilander.com & my résumé http://johnwilander.se
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120628/79a1603c/attachment-0001.html>


More information about the OWASP-Leaders mailing list