[Owasp-leaders] Proposal: Remove all commercial/non-OWASP logos from OWASP.org

psiinon psiinon at gmail.com
Thu Apr 4 11:26:11 UTC 2013

That sounds good to me.
Can projects still refer to their sponsors by name without using their logo?
Eg is this allowed:



On Thu, Apr 4, 2013 at 12:20 PM, Jim Manico <jim.manico at owasp.org> wrote:

> The only other place Apache allows for corporate logos is for conference
> sponsorships.
> Example: http://na.apachecon.com/sponsors/
> I'm not a fan of logos on chapter pages, but my opinion aside, many
> organizations sponsor a location for chapter meetings as well as food and
> drink. We need these locations for chapters to thrive.
> So perhaps logos only go in three locations:
> 1) Wiki dedicated sponsorship page
> 2) Chapter wiki pages
> 3) Conference pages
> And let those be the only allowed locations.
> This means that we remove logos from the homepage, project pages and
> project deliverables. (But we link to the main sponsorship pages from these
> locations).
> Fair?
> --
> Jim Manico
> @Manicode
> (808) 652-3805
> On Apr 4, 2013, at 6:56 PM, Seba <seba at owasp.org> wrote:
> how about the sponsor logos on the conference / chapter pages?
> they represent a significant budget to keep our events afloat
> regards
> Seba
> On Thu, Apr 4, 2013 at 12:00 PM, Dinis Cruz <dinis.cruz at owasp.org> wrote:
>> *(Resending this email, since for some reason I got a bounce from the
>> email I sent to owasp-leaders a couple days ago).*
>>  *(I also blogged this at
>> http://blog.diniscruz.com/2013/04/proposal-remove-all-commercialnon-owasp.html, and there are already a couple good comments in there from Michael and
>> Mark)*
>> Following the recent threads about the commercialization of OWASP, I
>> think the time as come for a simple move, that will be a little bit
>> painful, but will clear the water and send a nice big message of what OWASP
>> stands for.
>> *Remove all commercial/non-owasp-projects logos from OWASP.org*
>> This move has a log of advantages:
>>    - it is generic so it doesn't single out anybody
>>    - it can be done since there are no 'real' contractual obligations
>>    for OWASP to put company's XYZ logo on the OWASP site
>>       - note that OWASP can change the content of any content hosted on
>>       owasp.org , as long as the changed content is released in an
>>       compatible license :)
>>       - in fact anybody can start the http://owasp-without-logos.orgsite with all content from
>>       owasp.org, expect the 3rd party logos
>>    - it will push the cases where sponsor-logos are expected to exist,
>>    to be placed in separate/dedicated 3rd party websites (like what happens
>>    with AppSec conferences)
>>       - and if there ARE execptions, they should be treated as one-of
>>       exceptions (and be fully documented)
>>    - it will stop the current *'F1/NASCAR logo parade'* that is the
>>    OWASP main page, and some of its projects
>>    - it will stop the nasty and non-productive *"hey that
>>    company shouldn't have their logo in that project"* threads
>>    - it will send a strong message that OWASP is about sharing
>>    information and all information/tools/projects that are 'donated' to owasp
>>    are supposed to be shared in a no-strings/logos attached mode
>>    - it will clarify that *the OWASP logo, name, tools and content CAN
>>    be used in commercial situations, as long as it is done outside of
>>    OWASP.org*
>>    - it shows a sign of maturity for OWASP, where OWASP doesn't need
>>    (anymore) to sell a bit of its soul in exchange for good content and tools
>>    - it shows that OWASP's value to the corporate sponsors, is NOT a
>>    logo on owasp.org, but the amazing value provided by the multiple
>>    OWASP activities, events and projects.
>>    - it shows that OWASP can learn from others, and in this case, follow
>>    (as Jim recommended) the Apache foundation example (see
>>    http://www.apache.org/foundation/marks/responsibility.html )
>> There are a couple disadvantages:
>>    - Some OWASP leaders and supporting companies will be annoyed and
>>    fell that *'OWASP changed the value-added they would get by
>>    contributing to OWASP'*
>>    - Some OWASP corporate sponsors might even be so angry that they
>>    don't renew their anual membership
>>    - Some OWASP leaders might be so annoyed that they stop contributing
>>    at all to OWASP
>>    - This is one of those issues that has the potential to generate a
>>    gazilion of emails, with lots of opinions and no decisions in the end. Btw,
>>    the faster 'a' decision is made the better (Yes or No).
>> I believe that OWASP today (April 2013) is in the perfect situation to
>> make this move. There is enough money to sustain any financial loss (which
>> I don't think will happen) and the OWASP projects are still in a state
>> where a drop of a couple OWASP leaders wouldn't have a dramatic effect
>> (which again i don't think will happen)
>> So what do you say, fellow OWASP friends, should we make this jump?
>> *My vote is YES, lets get rid of the commercial logos in OWASP and start
>> a new generation of OWASP content and tools*
>> Dinis Cruz
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130404/ce7c800e/attachment.html>

More information about the OWASP-Leaders mailing list