[Owasp-leaders] [Global_conference_committee] [Committees-chairs] [Global_chapter_committee] [owasp-board] Re: 2012 Speaker Agreement Update

dinis cruz dinis.cruz at owasp.org
Thu Mar 29 12:45:00 UTC 2012


On item #2 can we change that from '30 days before' to '30 minutes before'?

That is probably the only way for me to comply with it :)

Dinis Cruz

On 29 Mar 2012, at 12:59, John Wilander <john.wilander at owasp.org> wrote:

My 50 cents ...

1) The policy should be a simple bullet list and not multiple sections of
text. Understandable for non-native English speakers in less than three
minutes should be the goal.

2) *"I will submit to the OWASP Event Leader my presentation(s) in one of
the previous formats no later than 30 days prior to the conference."* I
rarely even start preparing my presentation 30 days prior to the event
since I want it fresh and in my cache. If I do prepare that early, I
prepare my *demos* which are part of my *presentation* but not part of a
slide deck. This 30 days rule is a typical PowerPoint Pusher requirement
that alienates many quality presenters. Giving good talks is an art that
doesn't fit well with static, month-old slide decks.

3) The language of the policy is too formal for non-native English
speakers. E.g. *"I agree to indemnify and hold harmless OWASP ..."*. With
this level of language we'll have to translate it to several other
languages => more time and effort spent on useless things while several
high profile OWASP projects deteriorate.

   Regards, John


2012/3/29 Dennis Groves <dennis.groves at owasp.org>

> I think we should be able to publish under the GNU Licenses as
> well. Additionally, I agree with Jim. I am just going to make it known that
> while I very much agree with vendor neutrality; however, we also must
> balance this with the fact that many of you are lucky to be supported by an
> employer who supports OWASP - and we should not discourage this! They are
> greasing the wheels and making it possible for OWASP to continue our
> mission. That said I believe OWASP should formalise that into a 'hard-line'
> so that they vendors have a clear incentives program, but still allows
> OWASP to maintain its strict vendor neutrality. In this way maybe more of
> us could find ourselves in the position Jim is in.
>
> Dennis
>
> --
> Dennis Groves <http://about.me/dennis.groves>, MSc
> dennis.groves at owasp.org
>
>  <http://www.owasp.org/>
>
> *This work is licensed under the Creative Commons
> Attribution-NonCommercial-NoDerivs 3.0 Unported License. To view a copy of
> this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/ or
> send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain
> View, California, 94041, USA.*
>
>
>
> On Thu, Mar 29, 2012 at 04:47, Benny Ketelslegers <
> benny.ketelslegers at owasp.org> wrote:
>
>> I agree as well...  No vendor pitch and creative commons but not to
>> forget a non-liability clause for OWASP (chapter) for the content of the
>> presentation. Although I'm not sure about legality of such an agreement in
>> other (Asian) countries. Will do some research. We need to have a
>> translated version anyway and too legal sounding text is hard to translate
>> for "volunteers". For non-liability clause alone, I think asking the
>> speaker to look and agree to it is important.
>> Recommend using a template is fine but I rarely see it enforced, plus
>> limits people in their creativity.
>>
>> My 2¥.
>>
>> Best regards
>>
>>
>> On Thursday, March 29, 2012, Tin Zaw wrote:
>>
>>> Jim, that was what I was saying as well, so I am 100% with you on it
>>> -- vendor neutral, and available under creative commons.
>>>
>>> Content and intent are more important than look of the slides. And
>>> supporters -- vendors, volunteers, etc. -- must be acknowledged.
>>>
>>> On Wed, Mar 28, 2012 at 11:14 PM, Mark Bristow <mark.bristow at owasp.org>
>>> wrote:
>>> > I think your spot on.
>>> >
>>> > -Mark
>>> >
>>> > Sent from my wireless device
>>> >
>>> > On Mar 28, 2012, at 7:08 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>> >
>>> > Personally, I think we need to enforce, strictly, only 2 points on
>>> speakers:
>>> >
>>> > 1) All presentations must be creative commons.
>>> > 2) No vendor pitches.
>>> >
>>> > Number 1 is easy to enforce. Number 2 is very difficult to enforce.
>>> >
>>> > WhiteHat Security is very kindly sponsoring me to fly all over the
>>> > country/world to give vendor-neutral secure-coding creative-commons
>>> talks.
>>> > They asked me, very politely, to brand my PowerPoints as WhiteHat
>>> > Security. At first, I was really against this. But a few things
>>> changed my
>>> > mind today.
>>> >
>>> > 1) WhiteHat is paying my salary, which helps support my ability to
>>> deliver
>>> > these talks
>>> > 2) I would not be able to do this if it was  not for their support
>>> giving me
>>> > massive chunks of time to do this
>>> > 3) WhiteHat is also a OWASP corporate sponsor and supports various
>>> OWASP
>>> > conferences
>>> > 4) They are not trying to control ANY of my content; they are even
>>> helping
>>> > me clean up my creative-commons slide decks.
>>> >
>>> > My integrity matters to me. But I am starting to think that a company
>>> who
>>> > supports me giving a whole lot of vendor-neutral creative-commons
>>> secure
>>> > coding talks deserves some recognition.
>>> >
>>> > Thoughts, community? Am I off base here?
>>> >
>>> > --
>>> > Jim Manico
>>> > (808) 652-3805
>>> >
>>> >
>>> >
>>> > On Mar 29, 2012, at 12:40 AM, Thomas Brennan <tomb at owasp.org> wrote:
>>> >
>>> >
>>> > We want to make a agreement that is acceptable to the goals and
>>> mission of
>>> > the association in raising application security.
>>> >
>>> > We don't want to have a paper-tiger agreement that is disregarded as to
>>> > complex and not enforced do we?
>>> >
>>> > Revise and alert the speakers for AppSecDC AppSecUSA EMEA, LATAM etc
>>> etc..
>>> > If OWASP can't do this with our employees and volenteers then call it
>>> what
>>> > Seba noted best practice.
>>> >
>>> > Content is content it's either valuable or it's not, I personally
>>> don't care
>>> > about a logo -- in many cases they paid the airfare, lodging and
>>> salary of
>>> > the speaker (this includes Goverment and other submitters) hence if the
>>> > preso sucks... It still sucks.
>>> >
>>> > The agreement is what I am changellging and asking the committes
>>> chapters
>>> > and conferences trot a health check - and the rest of the leaders for
>>> there
>>> > input as its their organization and they speak for the 160 chapters and
>>> > running conferences.
>>> >
>>> >
>>> > On Mar 28, 2012, at 6:22 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>> >
>>> > The speaker agreement is already very clear on the topic of
>>> presentation
>>> > branding.
>>> >
>>> > " Speakers are encouraged to include their contact information when
>>> > introducing themselves, but may NOT include their logo on any visual
>>> and
>>> > handout materials. Speakers are to avoid any appearance of
>>> commercialism in
>>> > their session and presentations are to be of a technical or solutions
>>> > emphasis."
>>> >
>>> > At least 50% of all speakers I have seen violate this, including board
>>> > members.
>>> >
>>> > The question is, do we want to enforce this policy (from Nov 2011)?
>>> >
>>> > - Jim
>>> >
>>> >
>>> > A general remark from my side: only use the speaker agreement when in
>>> doubt.
>>> > We use this agreement very pragmatically in Belgium and have only
>>> pointed to
>>> > it upfront to speakers when we thought a certain speaker/topic could
>>> become
>>> > a commercial talk.
>>> >
>>> > Otherwise: minimize the red tape :-)
>>> >
>>> > --seba
>>> >
>>> > On Wed, Mar 28, 2012 at 8:22 PM, Teresa Stevens
>>> > <teresa-ann-stevens at comcast.net> wrote:
>>> >>
>>> >> I agree with Josh. Thanks,
>>> >>
>>> >> Teresa Stevens, CISSP, MSIA, PMMC
>>> >> Information Security Specialist – Team Leader
>>> >> San Francisco Bay Area
>>> >> 510-842-8868 (home), 510--
>>>
>>> Tin Zaw, CISSP, CSSLP
>>> Chapter Leader and President, OWASP Los Angeles Chapter
>>> Member, OWASP Global Chapter Committee
>>> Google Voice: (213) 973-9295
>>> LinkedIn: http://www.linkedin.com/in/tinzaw
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
> _______________________________________________
> Global_conference_committee mailing list
> Global_conference_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>
>


-- 
John Wilander, https://twitter.com/johnwilander
Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
Conf Comm, http://www.owasp.org/index.php/Global_Conferences_Committee
My music http://www.johnwilander.com & my résumé http://johnwilander.se

_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120329/d179b52e/attachment.html>


More information about the OWASP-Leaders mailing list