[Owasp-leaders] OWASP Top 10 - 2013 Release Candidate Now Available

Jeff Williams jeff.williams at owasp.org
Tue Feb 19 14:31:38 UTC 2013


I agree with a lot of the comments that have been made on both sides of
this discussion.  Vendor neutrality is important.  Vendor *involvement* is
also really important to OWASP.  In fact, I tend to agree with Dinis that
what OWASP needs most is *more* "abuse" of our brands.

I think we should be very careful to distinguish:

   1) When the rules are clear and there has been a violation
   2) When the rules are unclear or wrong and need to be changed

In cases where the rules are unclear or wrong, we have always tried to give
OWASP participants the benefit of the doubt.  Particularly when volunteers
are doing their best to make an OWASP undertaking successful, I think
assuming good intentions is always the best policy, and changes can be made
going forward.

If you have specific changes that you'd like to make about the use of
brands on projects/email/presentations/etc.... then just propose the rule
and let's discuss that.  Reasonable?

--Jeff


On Tue, Feb 19, 2013 at 8:48 AM, Jim Manico <jim.manico at owasp.org> wrote:
> Tom,
>
> I've personally seen you abuse OWASP rules as you see fit on a number of
> occasions. This note from you is disingenuous as best.
>
> Again, when you use an OWASP list in a way that leads to financial
> gain for a company you work for, you are out of line.
>
> If you would like me to start cherry picking situations where you have
been
> abusive of OWASP brand and chapter guidelines, I'd be happy to.
>
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On Feb 19, 2013, at 10:34 PM, Tom Brennan <tomb at owasp.org> wrote:
>
>
> Here let me help you Dennis/Jim with intent.
>
> https://www.owasp.org/index.php/How_to_Start_an_OWASP_Project
>
> If this linked procedure outlined the process and what is acceptable then
> expectations and examples
> can be managed to.
>
> The email question sent to Jim off-list (not the 700+ folks on this thread
> now)
> was to identify where we could reference the proper attribution and
> acknowledgement
> prior to such harsh slamming of long time other volunteers that I see as
> destructive and manic behavior
>
> As always your welcomed to your opinion on the role of a
> elected board member, I disagree with your police comment.
> The primary purposes of the board of directors (all of them)
> is to ensure the organization is on track with regard to meeting its
goals,
> as well as to craft policies in support of those goals.
> Nonprofit organizations are operated by two distinct groups: the board of
> directors,
> which determines policies and plans, and the organization staff, which
> carries out plans and implements policies.
>
> Or perhaps I just prefer not to be harsh with people over email
> to people out of professional courtesy
>
https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Core_Values
> as we are all on the same team if we really
> want to get anything constructive accomplished.
>
>
>
> On Feb 19, 2013, at 10:00 PM, "Dennis Groves" <dennis.groves at owasp.org>
> wrote:
>
> On 19 Feb 2013, at 21:28, Jim Manico wrote:
>
> Common decency, ethics and reason, Tom. That's what policy I am
>
> referring to, pal.
>
>
> On Feb 19, 2013, at 5:54 PM, Tom Brennan <tomb at owasp.org> wrote:
>
>
> What written owasp project policy are you attempting to manage to?
>
>
>
> Tom, I am a bit concerned that you have such a question. How can you serve
> on the board and have so little knowledge of the organisations missions
and
> ethics? How can you serve the community when you have so little connection
> with the mission? Like a police man you should be protecting and serving
the
> community as a board member.
>
>
> Dennis
>
> --
> [Dennis Groves](http://about.me/dennis.groves), MSc
> [Email me](mailto:dennis.groves at owasp.org) or [schedule a
> meeting](http://goo.gl/8sPIy).
>
> *This email is licensed under a [CC BY-ND
> 3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*
>
> **Please do not send me Microsoft Office/Apple iWork documents.**
> Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
> Stand up for your freedom to install [free
> software](http://www.fsf.org/campaigns/secure-boot/statement).
>
> The idea that some lives matter less is the root of all that’s wrong with
> the world. -- Paul Farmer
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130219/df189758/attachment-0001.html>


More information about the OWASP-Leaders mailing list