[Owasp-leaders] [Committees-chairs] [Global_chapter_committee] [Global_conference_committee] [owasp-board] Re: 2012 Speaker Agreement Update

Dennis Groves dennis.groves at owasp.org
Thu Mar 29 08:53:18 UTC 2012


I think we should be able to publish under the GNU Licenses as
well. Additionally, I agree with Jim. I am just going to make it known that
while I very much agree with vendor neutrality; however, we also must
balance this with the fact that many of you are lucky to be supported by an
employer who supports OWASP - and we should not discourage this! They are
greasing the wheels and making it possible for OWASP to continue our
mission. That said I believe OWASP should formalise that into a 'hard-line'
so that they vendors have a clear incentives program, but still allows
OWASP to maintain its strict vendor neutrality. In this way maybe more of
us could find ourselves in the position Jim is in.

Dennis

-- 
Dennis Groves <http://about.me/dennis.groves>, MSc
dennis.groves at owasp.org

 <http://www.owasp.org/>

*This work is licensed under the Creative Commons
Attribution-NonCommercial-NoDerivs 3.0 Unported License. To view a copy of
this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/ or
send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain
View, California, 94041, USA.*



On Thu, Mar 29, 2012 at 04:47, Benny Ketelslegers <
benny.ketelslegers at owasp.org> wrote:

> I agree as well...  No vendor pitch and creative commons but not to forget
> a non-liability clause for OWASP (chapter) for the content of the
> presentation. Although I'm not sure about legality of such an agreement in
> other (Asian) countries. Will do some research. We need to have a
> translated version anyway and too legal sounding text is hard to translate
> for "volunteers". For non-liability clause alone, I think asking the
> speaker to look and agree to it is important.
> Recommend using a template is fine but I rarely see it enforced, plus
> limits people in their creativity.
>
> My 2¥.
>
> Best regards
>
>
> On Thursday, March 29, 2012, Tin Zaw wrote:
>
>> Jim, that was what I was saying as well, so I am 100% with you on it
>> -- vendor neutral, and available under creative commons.
>>
>> Content and intent are more important than look of the slides. And
>> supporters -- vendors, volunteers, etc. -- must be acknowledged.
>>
>> On Wed, Mar 28, 2012 at 11:14 PM, Mark Bristow <mark.bristow at owasp.org>
>> wrote:
>> > I think your spot on.
>> >
>> > -Mark
>> >
>> > Sent from my wireless device
>> >
>> > On Mar 28, 2012, at 7:08 PM, Jim Manico <jim.manico at owasp.org> wrote:
>> >
>> > Personally, I think we need to enforce, strictly, only 2 points on
>> speakers:
>> >
>> > 1) All presentations must be creative commons.
>> > 2) No vendor pitches.
>> >
>> > Number 1 is easy to enforce. Number 2 is very difficult to enforce.
>> >
>> > WhiteHat Security is very kindly sponsoring me to fly all over the
>> > country/world to give vendor-neutral secure-coding creative-commons
>> talks.
>> > They asked me, very politely, to brand my PowerPoints as WhiteHat
>> > Security. At first, I was really against this. But a few things changed
>> my
>> > mind today.
>> >
>> > 1) WhiteHat is paying my salary, which helps support my ability to
>> deliver
>> > these talks
>> > 2) I would not be able to do this if it was  not for their support
>> giving me
>> > massive chunks of time to do this
>> > 3) WhiteHat is also a OWASP corporate sponsor and supports various OWASP
>> > conferences
>> > 4) They are not trying to control ANY of my content; they are even
>> helping
>> > me clean up my creative-commons slide decks.
>> >
>> > My integrity matters to me. But I am starting to think that a company
>> who
>> > supports me giving a whole lot of vendor-neutral creative-commons secure
>> > coding talks deserves some recognition.
>> >
>> > Thoughts, community? Am I off base here?
>> >
>> > --
>> > Jim Manico
>> > (808) 652-3805
>> >
>> >
>> >
>> > On Mar 29, 2012, at 12:40 AM, Thomas Brennan <tomb at owasp.org> wrote:
>> >
>> >
>> > We want to make a agreement that is acceptable to the goals and mission
>> of
>> > the association in raising application security.
>> >
>> > We don't want to have a paper-tiger agreement that is disregarded as to
>> > complex and not enforced do we?
>> >
>> > Revise and alert the speakers for AppSecDC AppSecUSA EMEA, LATAM etc
>> etc..
>> > If OWASP can't do this with our employees and volenteers then call it
>> what
>> > Seba noted best practice.
>> >
>> > Content is content it's either valuable or it's not, I personally don't
>> care
>> > about a logo -- in many cases they paid the airfare, lodging and salary
>> of
>> > the speaker (this includes Goverment and other submitters) hence if the
>> > preso sucks... It still sucks.
>> >
>> > The agreement is what I am changellging and asking the committes
>> chapters
>> > and conferences trot a health check - and the rest of the leaders for
>> there
>> > input as its their organization and they speak for the 160 chapters and
>> > running conferences.
>> >
>> >
>> > On Mar 28, 2012, at 6:22 PM, Jim Manico <jim.manico at owasp.org> wrote:
>> >
>> > The speaker agreement is already very clear on the topic of presentation
>> > branding.
>> >
>> > " Speakers are encouraged to include their contact information when
>> > introducing themselves, but may NOT include their logo on any visual and
>> > handout materials. Speakers are to avoid any appearance of
>> commercialism in
>> > their session and presentations are to be of a technical or solutions
>> > emphasis."
>> >
>> > At least 50% of all speakers I have seen violate this, including board
>> > members.
>> >
>> > The question is, do we want to enforce this policy (from Nov 2011)?
>> >
>> > - Jim
>> >
>> >
>> > A general remark from my side: only use the speaker agreement when in
>> doubt.
>> > We use this agreement very pragmatically in Belgium and have only
>> pointed to
>> > it upfront to speakers when we thought a certain speaker/topic could
>> become
>> > a commercial talk.
>> >
>> > Otherwise: minimize the red tape :-)
>> >
>> > --seba
>> >
>> > On Wed, Mar 28, 2012 at 8:22 PM, Teresa Stevens
>> > <teresa-ann-stevens at comcast.net> wrote:
>> >>
>> >> I agree with Josh. Thanks,
>> >>
>> >> Teresa Stevens, CISSP, MSIA, PMMC
>> >> Information Security Specialist – Team Leader
>> >> San Francisco Bay Area
>> >> 510-842-8868 (home), 510--
>>
>> Tin Zaw, CISSP, CSSLP
>> Chapter Leader and President, OWASP Los Angeles Chapter
>> Member, OWASP Global Chapter Committee
>> Google Voice: (213) 973-9295
>> LinkedIn: http://www.linkedin.com/in/tinzaw
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120329/7aef3b44/attachment-0001.html>


More information about the OWASP-Leaders mailing list