[Owasp-leaders] Proposal: Remove all commercial/non-OWASP logos from OWASP.org

Lucas Ferreira lucas.ferreira at owasp.org
Thu Apr 4 13:32:54 UTC 2013


I would be against any proposal that once again favors chapters and reduces
the freedom of project leaders. I already feel that OWASP allows for more
revenue generation for chapters than projects and this would be one more
change in this direction.

We need a proposal which empowers projects leaders or restricts both
chapters and projects the same way.



On Thursday, April 4, 2013, Jim Manico wrote:

> The only other place Apache allows for corporate logos is for conference
> sponsorships.
> Example: http://na.apachecon.com/sponsors/
> I'm not a fan of logos on chapter pages, but my opinion aside, many
> organizations sponsor a location for chapter meetings as well as food and
> drink. We need these locations for chapters to thrive.
> So perhaps logos only go in three locations:
> 1) Wiki dedicated sponsorship page
> 2) Chapter wiki pages
> 3) Conference pages
> And let those be the only allowed locations.
> This means that we remove logos from the homepage, project pages and
> project deliverables. (But we link to the main sponsorship pages from these
> locations).
> Fair?
> --
> Jim Manico
> @Manicode
> (808) 652-3805
> On Apr 4, 2013, at 6:56 PM, Seba <seba at owasp.org> wrote:
> how about the sponsor logos on the conference / chapter pages?
> they represent a significant budget to keep our events afloat
> regards
> Seba
> On Thu, Apr 4, 2013 at 12:00 PM, Dinis Cruz <dinis.cruz at owasp.org> wrote:
> *(Resending this email, since for some reason I got a bounce from the
> email I sent to owasp-leaders a couple days ago).*
>  *(I also blogged this at
> http://blog.diniscruz.com/2013/04/proposal-remove-all-commercialnon-owasp.html, and there are already a couple good comments in there from Michael and
> Mark)*
> Following the recent threads about the commercialization of OWASP, I think
> the time as come for a simple move, that will be a little bit painful, but
> will clear the water and send a nice big message of what OWASP stands for.
> *Remove all commercial/non-owasp-projects logos from OWASP.org*
> This move has a log of advantages:
>    - it is generic so it doesn't single out anybody
>    - it can be done since there are no 'real' contractual obligations for
>    OWASP to put company's XYZ logo on the OWASP site
>       - note that OWASP can change the content of any content hosted on
>       owasp.org , as long as the changed content is released in an
>       compatible license :)
>       - in fact anybody can start the http://owasp-without-logos.org site
>       with all content from owasp.org, expect the 3rd party logos
>    - it will push the cases where sponsor-logos are expected to exist, to
>    be placed in separate/dedicated 3rd party websites (like what happens with
>    AppSec conferences)
>       - and if there ARE execptions, they should be treated as one-of
>       exceptions (and be fully documented)
>    - it will stop the current *'F1/NASCAR logo parade'* that is the OWASP
>    main page, and some of its projects
>    - it will stop the nasty and non-productive *"hey that
>    company shouldn't have their logo in that project"* threads
>    - it will send a strong message that OWASP is about sharing
>    information and all information/tools/projects that are 'donated' to owasp
>    are supposed to be shared in a no-strings/logos attached mode
>    - it will clarify that *the OWASP logo, name, tools and content CAN be
>    used in commercial situations, as long as it is done outside of
>    OWASP.org*
>    - it shows a sign of maturity for OWASP, where OWASP doesn't need
>    (anymore) to sell a bit of its soul in exchange for good content and tools
>    - it shows that OWASP's value to the corporate sponsors, is NOT a logo
>    on owasp.org, but the amazing value provided by the multiple OWASP
>    activities, events and projects.
>    - it shows that OWASP can learn from others, and in this case, follow
>    (as Jim recommended) the Apache foundation example (see
>    http://www.apache.org/foundation/marks/responsibility.html )
> There are a couple disadvantages:
>    - Some OWASP leaders and supporting companies will be annoyed and fell
>    that *'OWASP changed the value-added they would get by contributing to
>    OWASP'*
>    - Some OWASP corporate sponsors might even be so angry that they don't
>    renew their anual membership
>    - Some OWASP leaders might be so annoyed that they stop contributing
>    at all to OWASP
>    - This is one of those issues that has the potential to generate a
>    gazilion of emails, with lots of opinions and no decisions in the end. Btw,
>    the faster 'a' decision is made the better (Yes or No).
> I believe that OWASP today (April 2013) is in the perfect situation to
> make this move. There is enough money to sustain any financial loss (which
> I don't think will happen) and the OWASP projects are still in a state
> where a drop of a couple OWASP leaders wouldn't have a dramatic effect
> (which again i don't think will happen)

Homo sapiens non urinat in ventum.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130404/b3859f07/attachment.html>

More information about the OWASP-Leaders mailing list