[Owasp-leaders] [Committees-chairs] [Global_conference_committee] [Global_chapter_committee] [owasp-board] Re: 2012 Speaker Agreement Update

Tin Zaw tin.zaw at owasp.org
Wed Mar 28 23:31:01 UTC 2012


Jim, that was what I was saying as well, so I am 100% with you on it
-- vendor neutral, and available under creative commons.

Content and intent are more important than look of the slides. And
supporters -- vendors, volunteers, etc. -- must be acknowledged.

On Wed, Mar 28, 2012 at 11:14 PM, Mark Bristow <mark.bristow at owasp.org> wrote:
> I think your spot on.
>
> -Mark
>
> Sent from my wireless device
>
> On Mar 28, 2012, at 7:08 PM, Jim Manico <jim.manico at owasp.org> wrote:
>
> Personally, I think we need to enforce, strictly, only 2 points on speakers:
>
> 1) All presentations must be creative commons.
> 2) No vendor pitches.
>
> Number 1 is easy to enforce. Number 2 is very difficult to enforce.
>
> WhiteHat Security is very kindly sponsoring me to fly all over the
> country/world to give vendor-neutral secure-coding creative-commons talks.
> They asked me, very politely, to brand my PowerPoints as WhiteHat
> Security. At first, I was really against this. But a few things changed my
> mind today.
>
> 1) WhiteHat is paying my salary, which helps support my ability to deliver
> these talks
> 2) I would not be able to do this if it was  not for their support giving me
> massive chunks of time to do this
> 3) WhiteHat is also a OWASP corporate sponsor and supports various OWASP
> conferences
> 4) They are not trying to control ANY of my content; they are even helping
> me clean up my creative-commons slide decks.
>
> My integrity matters to me. But I am starting to think that a company who
> supports me giving a whole lot of vendor-neutral creative-commons secure
> coding talks deserves some recognition.
>
> Thoughts, community? Am I off base here?
>
> --
> Jim Manico
> (808) 652-3805
>
>
>
> On Mar 29, 2012, at 12:40 AM, Thomas Brennan <tomb at owasp.org> wrote:
>
>
> We want to make a agreement that is acceptable to the goals and mission of
> the association in raising application security.
>
> We don't want to have a paper-tiger agreement that is disregarded as to
> complex and not enforced do we?
>
> Revise and alert the speakers for AppSecDC AppSecUSA EMEA, LATAM etc etc..
> If OWASP can't do this with our employees and volenteers then call it what
> Seba noted best practice.
>
> Content is content it's either valuable or it's not, I personally don't care
> about a logo -- in many cases they paid the airfare, lodging and salary of
> the speaker (this includes Goverment and other submitters) hence if the
> preso sucks... It still sucks.
>
> The agreement is what I am changellging and asking the committes chapters
> and conferences trot a health check - and the rest of the leaders for there
> input as its their organization and they speak for the 160 chapters and
> running conferences.
>
>
> On Mar 28, 2012, at 6:22 PM, Jim Manico <jim.manico at owasp.org> wrote:
>
> The speaker agreement is already very clear on the topic of presentation
> branding.
>
> " Speakers are encouraged to include their contact information when
> introducing themselves, but may NOT include their logo on any visual and
> handout materials. Speakers are to avoid any appearance of commercialism in
> their session and presentations are to be of a technical or solutions
> emphasis."
>
> At least 50% of all speakers I have seen violate this, including board
> members.
>
> The question is, do we want to enforce this policy (from Nov 2011)?
>
> - Jim
>
>
> A general remark from my side: only use the speaker agreement when in doubt.
> We use this agreement very pragmatically in Belgium and have only pointed to
> it upfront to speakers when we thought a certain speaker/topic could become
> a commercial talk.
>
> Otherwise: minimize the red tape :-)
>
> --seba
>
> On Wed, Mar 28, 2012 at 8:22 PM, Teresa Stevens
> <teresa-ann-stevens at comcast.net> wrote:
>>
>> I agree with Josh. Thanks,
>>
>> Teresa Stevens, CISSP, MSIA, PMMC
>> Information Security Specialist – Team Leader
>> San Francisco Bay Area
>> 510-842-8868 (home), 510-872-2187 (cell)
>>
>>
>> From: Josh Sokol <josh.sokol at owasp.org>
>> Date: Wed, 28 Mar 2012 11:13:22 -0500
>> To: Mark Bristow <mark.bristow at owasp.org>
>> Cc: "owasp-board at owasp.org" <owasp-board at owasp.org>,
>> "committees-chairs at lists.owasp.org" <committees-chairs at lists.owasp.org>,
>> global_conference_committee <global_conference_committee at lists.owasp.org>,
>> global_chapter_committee Committee
>> <global_chapter_committee at lists.owasp.org>, Eoin <eoin.keary at owasp.org>
>> Subject: Re: [Global_chapter_committee] [Global_conference_committee]
>> [owasp-board] Re: [Committees-chairs] 2012 Speaker Agreement Update
>>
>> I agree with what Jason said.  I see no reason why a person should not be
>> able to include a company logo in a slide deck regardless of whether they
>> are a corporate member or not.  My $0.02:
>>
>> * If the event has a presentation template, then corporate logos should be
>> limited to only the "About Me" page of the presentation.
>>
>> ~josh
>>
>> On Wed, Mar 28, 2012 at 9:20 AM, Mark Bristow <mark.bristow at owasp.org>
>> wrote:
>>>
>>> I think these are reasonable changes except the no-logo on the "about me"
>>> slide.  I think that's fine if we put a boundry on the size.  The GCC is in
>>> the final process of selecting a new presentation template, so this will be
>>> easy to add.
>>>
>>> On Tue, Mar 27, 2012 at 12:29 PM, Eoin <eoin.keary at owasp.org> wrote:
>>>>
>>>> I am happy with vendor logo as long as content isn't a vendor pitch or
>>>> vendor bespoke (ip) and covers off an issue which is in the open  body of
>>>> knowledge.
>>>>
>>>>
>>>> Eoin Keary
>>>> BCC Risk Advisory
>>>> Owasp Global Board
>>>> +353 87 977 2988
>>>>
>>>>
>>>> On 27 Mar 2012, at 16:13, Jason Li <jason.li at owasp.org> wrote:
>>>>
>>>> Agreed on the use of the template.
>>>>
>>>> What's the purpose of the restriction on the company logo?
>>>>
>>>> Is it an attempt to spur corporate membership? Is it meant to remove the
>>>> "vendor"-ness of a talk?
>>>>
>>>> If the former, I think it actually comes across as off-putting and might
>>>> have the opposite effect... If the latter, then the inclusion of the company
>>>> logo if and only if they are an OWASP supporter seems overly restrictive
>>>> IMHO in comparison to the goal.
>>>>
>>>> What about updating the template to include a specific place and limited
>>>> small size for a logo and mandating the use of the template? That would
>>>> limit how much a presenter could plaster their logo across a presentation.
>>>>
>>>> -Jason
>>>>
>>>> On Tue, Mar 27, 2012 at 9:35 AM, Tom Brennan <tomb at owasp.org> wrote:
>>>>>
>>>>>
>>>>> Committee(s);
>>>>>
>>>>> Today OWASP utilizes a Speaker Agreement that outlines the rules for
>>>>> compensation of speakers, required templates, audio/visual, vulnerabilities
>>>>> disclosure and a laundry list of other terms.
>>>>>
>>>>> The Document:  https://www.owasp.org/index.php/Speaker_Agreement
>>>>>
>>>>> With the upcoming long list of AppSec<Regional>, AppSec<Global> and
>>>>> chapter events  globally happening weekly enforcement of this policy or
>>>>> event policing of this policy is difficult however the spirit of the speaker
>>>>> agreement in keeping OWASP pure to technical,
>
> _______________________________________________
> Committees-chairs mailing list
> Committees-chairs at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/committees-chairs
>
> _______________________________________________
>
> Global_conference_committee mailing list
> Global_conference_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>
>
> _______________________________________________
> Committees-chairs mailing list
> Committees-chairs at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/committees-chairs
>



-- 
Tin Zaw, CISSP, CSSLP
Chapter Leader and President, OWASP Los Angeles Chapter
Member, OWASP Global Chapter Committee
Google Voice: (213) 973-9295
LinkedIn: http://www.linkedin.com/in/tinzaw


More information about the OWASP-Leaders mailing list