[Owasp-leaders] OWASP "branded" apps in application stores

Jim Manico jim.manico at owasp.org
Tue Apr 2 14:30:45 UTC 2013

I *really* like how Apache handles this. They really thought this through and spent years battling the same issues regarding vendor neutrality.

Here are the basics:

1) Sponsors of Apache and recognized on ONE page only: http://www.apache.org/foundation/thanks.html
2) All Apache projects link back to this sponsorship page.
3) Corporate logos are not allowed on any Apache project
4) All project contributors are recognized as *individuals only* in a tabular list (without logos) which can include the company name they work for. For example: http://hadoop.apache.org/who.html

This seems to be a great way to fully recognize sponsors while still remaining neutral on a per-project basis.

- Jim

PS: See http://www.apache.org/foundation/marks/pmcs and http://www.apache.org/foundation/marks/responsibility.html (particularly the section on "Present an independent fact to your project")

> On 02/04/2013 14:48, Dinis Cruz wrote:
>> There is nothing wrong with using OWASP materials for financial gain,
>> in fact our licenses encourage that.
>> The only issue is if the material created are not public/open, which
>> in some cases is against the licence of the original material (Apache
>> 2 allows closing but GPL doesn't)
>> Now on the 'TOP 10 LogoGate thread' it is an issue of 'who put the
>> work in' and 'what is accepted by the community' :)
> The NASCAR like corporate branding of OWASP materials is both ugly, and
> unnecessary. There must be a better way forward. Branding is offensive
> and aggressive.
> OWASP is a charity - you don't feed children in Africa by first making
> them watch Monsanto, Kellog's and McDonald's advertisements so they know
> who their 'food' was provided by. Instead you tell people who care by
> pointing out your charity work.
> Dennis

More information about the OWASP-Leaders mailing list