[Owasp-leaders] [Global_conference_committee] [Committees-chairs] [Global_chapter_committee] [owasp-board] Re: 2012 Speaker Agreement Update

John Wilander john.wilander at owasp.org
Thu Mar 29 12:55:44 UTC 2012


David,

I organized the European OWASP AppSec 2010. All slide decks were collected onsite. No complaints.

Regarding top speakers ... I consider myself a top tier speaker in appsec (my last talk had 700 attendees) and one step down from Beck et al. When I give talks at commercial events I typically charge €1,700 for 45 minutes.

    Regards, John

-- 
My music http://www.johnwilander.com
Twitter https://twitter.com/johnwilander
CV or Résumé http://johnwilander.se

29 mar 2012 kl. 14:36 skrev David H <dmalloc at gmail.com>:

>> 
>> 1) The policy should be a simple bullet list and not multiple sections of text. Understandable for non-native English speakers in less than three minutes should be the goal.
>> 
> I agree with this.
> 
>  
>> 2) "I will submit to the OWASP Event Leader my presentation(s) in one of the previous formats no later than 30 days prior to the conference." I rarely even start preparing my presentation 30 days prior to the event since I want it fresh and in my cache. If I do prepare that early, I prepare my *demos* which are part of my *presentation* but not part of a slide deck. This 30 days rule is a typical PowerPoint Pusher requirement that alienates many quality presenters. Giving good talks is an art that doesn't fit well with static, month-old slide decks.
>> 
> Have you ever organised a large scale Conference event? While your points are fair there are organisational requirements which mean you have to have material up-front. Especially when you are trying to provide booklets or any other form of pre-prepaired documentation. For example a copy of your slides might need to be distributed into the room where you hold your talk. That helps people follow along and they can take it easily away with their notes. That requires proper type setting, printing it etc etc. I am sorry if this sounds belligerent but any serious presenter knows this and no one seems to have gotten alienated when we did this. So if someone like Ward Cunnigham or Kent Beck can stick to this, I am sure our presenters could as well.
>> 3) The language of the policy is too formal for non-native English speakers. E.g. "I agree to indemnify and hold harmless OWASP ...". With this level of language we'll have to translate it to several other languages => more time and effort spent on useless things while several high profile OWASP projects deteriorate.
>>  
>>    Regards, John
>> 
>> 
>> 2012/3/29 Dennis Groves <dennis.groves at owasp.org>
>>> I think we should be able to publish under the GNU Licenses as well. Additionally, I agree with Jim. I am just going to make it known that while I very much agree with vendor neutrality; however, we also must balance this with the fact that many of you are lucky to be supported by an employer who supports OWASP - and we should not discourage this! They are greasing the wheels and making it possible for OWASP to continue our mission. That said I believe OWASP should formalise that into a 'hard-line' so that they vendors have a clear incentives program, but still allows OWASP to maintain its strict vendor neutrality. In this way maybe more of us could find ourselves in the position Jim is in.
>>> 
>>> Dennis
>>> 
>>> -- 
>>> Dennis Groves, MSc
>>> dennis.groves at owasp.org
>>> 
>>> 
>>> 
>>> This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.
>>> 
>>> 
>>> 
>>> On Thu, Mar 29, 2012 at 04:47, Benny Ketelslegers <benny.ketelslegers at owasp.org> wrote:
>>>> I agree as well...  No vendor pitch and creative commons but not to forget a non-liability clause for OWASP (chapter) for the content of the presentation. Although I'm not sure about legality of such an agreement in other (Asian) countries. Will do some research. We need to have a translated version anyway and too legal sounding text is hard to translate for "volunteers". For non-liability clause alone, I think asking the speaker to look and agree to it is important. 
>>>> Recommend using a template is fine but I rarely see it enforced, plus limits people in their creativity.
>>>> 
>>>> My 2¥.
>>>> 
>>>> Best regards
>>>> 
>>>> 
>>>> On Thursday, March 29, 2012, Tin Zaw wrote:
>>>>> Jim, that was what I was saying as well, so I am 100% with you on it
>>>>> -- vendor neutral, and available under creative commons.
>>>>> 
>>>>> Content and intent are more important than look of the slides. And
>>>>> supporters -- vendors, volunteers, etc. -- must be acknowledged.
>>>>> 
>>>>> On Wed, Mar 28, 2012 at 11:14 PM, Mark Bristow <mark.bristow at owasp.org> wrote:
>>>>> > I think your spot on.
>>>>> >
>>>>> > -Mark
>>>>> >
>>>>> > Sent from my wireless device
>>>>> >
>>>>> > On Mar 28, 2012, at 7:08 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>>>> >
>>>>> > Personally, I think we need to enforce, strictly, only 2 points on speakers:
>>>>> >
>>>>> > 1) All presentations must be creative commons.
>>>>> > 2) No vendor pitches.
>>>>> >
>>>>> > Number 1 is easy to enforce. Number 2 is very difficult to enforce.
>>>>> >
>>>>> > WhiteHat Security is very kindly sponsoring me to fly all over the
>>>>> > country/world to give vendor-neutral secure-coding creative-commons talks.
>>>>> > They asked me, very politely, to brand my PowerPoints as WhiteHat
>>>>> > Security. At first, I was really against this. But a few things changed my
>>>>> > mind today.
>>>>> >
>>>>> > 1) WhiteHat is paying my salary, which helps support my ability to deliver
>>>>> > these talks
>>>>> > 2) I would not be able to do this if it was  not for their support giving me
>>>>> > massive chunks of time to do this
>>>>> > 3) WhiteHat is also a OWASP corporate sponsor and supports various OWASP
>>>>> > conferences
>>>>> > 4) They are not trying to control ANY of my content; they are even helping
>>>>> > me clean up my creative-commons slide decks.
>>>>> >
>>>>> > My integrity matters to me. But I am starting to think that a company who
>>>>> > supports me giving a whole lot of vendor-neutral creative-commons secure
>>>>> > coding talks deserves some recognition.
>>>>> >
>>>>> > Thoughts, community? Am I off base here?
>>>>> >
>>>>> > --
>>>>> > Jim Manico
>>>>> > (808) 652-3805
>>>>> >
>>>>> >
>>>>> >
>>>>> > On Mar 29, 2012, at 12:40 AM, Thomas Brennan <tomb at owasp.org> wrote:
>>>>> >
>>>>> >
>>>>> > We want to make a agreement that is acceptable to the goals and mission of
>>>>> > the association in raising application security.
>>>>> >
>>>>> > We don't want to have a paper-tiger agreement that is disregarded as to
>>>>> > complex and not enforced do we?
>>>>> >
>>>>> > Revise and alert the speakers for AppSecDC AppSecUSA EMEA, LATAM etc etc..
>>>>> > If OWASP can't do this with our employees and volenteers then call it what
>>>>> > Seba noted best practice.
>>>>> >
>>>>> > Content is content it's either valuable or it's not, I personally don't care
>>>>> > about a logo -- in many cases they paid the airfare, lodging and salary of
>>>>> > the speaker (this includes Goverment and other submitters) hence if the
>>>>> > preso sucks... It still sucks.
>>>>> >
>>>>> > The agreement is what I am changellging and asking the committes chapters
>>>>> > and conferences trot a health check - and the rest of the leaders for there
>>>>> > input as its their organization and they speak for the 160 chapters and
>>>>> > running conferences.
>>>>> >
>>>>> >
>>>>> > On Mar 28, 2012, at 6:22 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>>>> >
>>>>> > The speaker agreement is already very clear on the topic of presentation
>>>>> > branding.
>>>>> >
>>>>> > " Speakers are encouraged to include their contact information when
>>>>> > introducing themselves, but may NOT include their logo on any visual and
>>>>> > handout materials. Speakers are to avoid any appearance of commercialism in
>>>>> > their session and presentations are to be of a technical or solutions
>>>>> > emphasis."
>>>>> >
>>>>> > At least 50% of all speakers I have seen violate this, including board
>>>>> > members.
>>>>> >
>>>>> > The question is, do we want to enforce this policy (from Nov 2011)?
>>>>> >
>>>>> > - Jim
>>>>> >
>>>>> >
>>>>> > A general remark from my side: only use the speaker agreement when in doubt.
>>>>> > We use this agreement very pragmatically in Belgium and have only pointed to
>>>>> > it upfront to speakers when we thought a certain speaker/topic could become
>>>>> > a commercial talk.
>>>>> >
>>>>> > Otherwise: minimize the red tape :-)
>>>>> >
>>>>> > --seba
>>>>> >
>>>>> > On Wed, Mar 28, 2012 at 8:22 PM, Teresa Stevens
>>>>> > <teresa-ann-stevens at comcast.net> wrote:
>>>>> >>
>>>>> >> I agree with Josh. Thanks,
>>>>> >>
>>>>> >> Teresa Stevens, CISSP, MSIA, PMMC
>>>>> >> Information Security Specialist – Team Leader
>>>>> >> San Francisco Bay Area
>>>>> >> 510-842-8868 (home), 510--
>>>>> 
>>>>> Tin Zaw, CISSP, CSSLP
>>>>> Chapter Leader and President, OWASP Los Angeles Chapter
>>>>> Member, OWASP Global Chapter Committee
>>>>> Google Voice: (213) 973-9295
>>>>> LinkedIn: http://www.linkedin.com/in/tinzaw
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> 
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> 
>>> 
>>> 
>>> _______________________________________________
>>> Global_conference_committee mailing list
>>> Global_conference_committee at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
>>> 
>> 
>> 
>> 
>> -- 
>> John Wilander, https://twitter.com/johnwilander
>> Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
>> Conf Comm, http://www.owasp.org/index.php/Global_Conferences_Committee
>> My music http://www.johnwilander.com & my résumé http://johnwilander.se
>> 
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120329/859e5e7e/attachment-0001.html>


More information about the OWASP-Leaders mailing list