[Owasp-leaders] [Committees-chairs] [Global_chapter_committee] [Global_conference_committee] [owasp-board] Re: 2012 Speaker Agreement Update

Dirk Wetter dirk.wetter at owasp.org
Sun Jan 20 10:57:47 UTC 2013

Hi folks,

as I am just putting a draft for the CfP for AppSecEU 2013 together, I am
just wondering
whether anything has happening since the last discussion.

Specifically there's the question under which licence the slides would be
 IMO it would make sense that a participant is free to choose any
CC-(/BY)-* license. Right now
all published slides don't have any license if I understand this correctly.
So worst case is reader
of slides thinks its cc-zero and reusing that w/o attribution of any kind
for his/her purposes maybe
selling it has his invention, author thinks it's  cc-by-nc-nd.

Another point: /Published/ slides should not contain any copyrighted
materials. In a lot of countries
that might cause legal and financial trouble for OWASP. IMO for shorter
terms it is helpful that the
speaker agreement is just pointing this out in order to avoid most common

Best,  Dirk

On 06/25/2012 01:52 PM, Tom Brennan wrote:
> Did this thread result in a updated speaker agreement or just a
> discussion about it?
> Conferences / Chapters committee owns this - please advise of your
> understanding and URL to current agreement
> On Wed, Mar 28, 2012 at 7:08 PM, Jim Manico <jim.manico at owasp.org
> <mailto:jim.manico at owasp.org>> wrote:
>     Personally, I think we need to enforce, strictly, only 2 points on
>     speakers:
>     1) All presentations must be creative commons.
>     2) No vendor pitches.
>     Number 1 is easy to enforce. Number 2 is very difficult to enforce.
>     WhiteHat Security is very kindly sponsoring me to fly all over the
>     country/world to give vendor-neutral secure-coding creative-commons
>     talks. They asked me, very politely, to brand my PowerPoints as
>     WhiteHat Security. At first, I was really against this. But a few
>     things changed my mind today.
>     1) WhiteHat is paying my salary, which helps support my ability to
>     deliver these talks
>     2) I would not be able to do this if it was  not for their support
>     giving me massive chunks of time to do this
>     3) WhiteHat is also a OWASP corporate sponsor and supports various
>     OWASP conferences
>     4) They are not trying to control ANY of my content; they are even
>     helping me clean up my creative-commons slide decks. 
>     My integrity matters to me. But I am starting to think that a company
>     who supports me giving a whole lot of vendor-neutral creative-commons
>     secure coding talks deserves some recognition.
>     Thoughts, community? Am I off base here?
>     --
>     Jim Manico
>     (808) 652-3805 <tel:%28808%29%20652-3805>
>     On Mar 29, 2012, at 12:40 AM, Thomas Brennan <tomb at owasp.org
>     <mailto:tomb at owasp.org>> wrote:
>>     We want to make a agreement that is acceptable to the goals and
>>     mission of the association in raising application security.  
>>     We don't want to have a paper-tiger agreement that is disregarded as
>>     to complex and not enforced do we?
>>     Revise and alert the speakers for AppSecDC AppSecUSA EMEA, LATAM etc
>>     etc.. If OWASP can't do this with our employees and volunteers then
>>     call it what Seba noted best practice.
>>     Content is content it's either valuable or it's not, I personally
>>     don't care about a logo -- in many cases they paid the airfare,
>>     lodging and salary of the speaker (this includes Government and
>>     other submitters) hence if the preso sucks... It still sucks.  
>>     The agreement is what I am changeling and asking the committees
>>     chapters and conferences trot a health check - and the rest of the
>>     leaders for there input as its their organization and they speak for
>>     the 160 chapters and running conferences.
>>     On Mar 28, 2012, at 6:22 PM, Jim Manico <jim.manico at owasp.org
>>     <mailto:jim.manico at owasp.org>> wrote:
>>>     The speaker agreement is already very clear on the topic of
>>>     presentation branding.
>>>     " Speakers are encouraged to include their contact information when
>>>     introducing themselves, but may NOT include their logo on any
>>>     visual and handout materials. Speakers are to avoid any appearance
>>>     of commercialism in their session and presentations are to be of a
>>>     technical or solutions emphasis."
>>>     At least 50% of all speakers I have seen violate this, including
>>>     board members.
>>>     The question is, do we want to enforce this policy (from Nov 2011)?
>>>     - Jim
>>>>     A general remark from my side: only use the speaker agreement when
>>>>     in doubt.
>>>>     We use this agreement very pragmatically in Belgium and have only
>>>>     pointed to it upfront to speakers when we thought a certain
>>>>     speaker/topic could become a commercial talk.
>>>>     Otherwise: minimize the red tape :-)
>>>>     --seba
>>>>     On Wed, Mar 28, 2012 at 8:22 PM, Teresa Stevens
>>>>     <teresa-ann-stevens at comcast.net
>>>>     <mailto:teresa-ann-stevens at comcast.net>> wrote:
>>>>         I agree with Josh. Thanks,
>>>>         Teresa Stevens, CISSP, MSIA, PMMC
>>>>         Information Security Specialist -- Team Leader
>>>>         San Francisco Bay Area
>>>>         510-842-8868 <tel:510-842-8868> (home), 510-872-2187
>>>>         <tel:510-872-2187> (cell)
>>>>         From: Josh Sokol <josh.sokol at owasp.org
>>>>         <mailto:josh.sokol at owasp.org>>
>>>>         Date: Wed, 28 Mar 2012 11:13:22 -0500
>>>>         To: Mark Bristow <mark.bristow at owasp.org
>>>>         <mailto:mark.bristow at owasp.org>>
>>>>         Cc: "owasp-board at owasp.org <mailto:owasp-board at owasp.org>"
>>>>         <owasp-board at owasp.org <mailto:owasp-board at owasp.org>>,
>>>>         "committees-chairs at lists.owasp.org
>>>>         <mailto:committees-chairs at lists.owasp.org>"
>>>>         <committees-chairs at lists.owasp.org
>>>>         <mailto:committees-chairs at lists.owasp.org>>,
>>>>         global_conference_committee
>>>>         <global_conference_committee at lists.owasp.org
>>>>         <mailto:global_conference_committee at lists.owasp.org>>,
>>>>         global_chapter_committee Committee
>>>>         <global_chapter_committee at lists.owasp.org
>>>>         <mailto:global_chapter_committee at lists.owasp.org>>, Eoin
>>>>         <eoin.keary at owasp.org <mailto:eoin.keary at owasp.org>>
>>>>         Subject: Re: [Global_chapter_committee]
>>>>         [Global_conference_committee] [owasp-board] Re:
>>>>         [Committees-chairs] 2012 Speaker Agreement Update
>>>>         I agree with what Jason said.  I see no reason why a person
>>>>         should not be able to include a company logo in a slide deck
>>>>         regardless of whether they are a corporate member or not.  My
>>>>         $0.02:
>>>>         * If the event has a presentation template, then corporate
>>>>         logos should be limited to only the "About Me" page of the
>>>>         presentation.
>>>>         ~josh
>>>>         On Wed, Mar 28, 2012 at 9:20 AM, Mark Bristow
>>>>         <mark.bristow at owasp.org <mailto:mark.bristow at owasp.org>> wrote:
>>>>             I think these are reasonable changes except the no-logo on
>>>>             the "about me" slide.  I think that's fine if we put a
>>>>             boundry on the size.  The GCC is in the final process of
>>>>             selecting a new presentation template, so this will be
>>>>             easy to add.
>>>>             On Tue, Mar 27, 2012 at 12:29 PM, Eoin
>>>>             <eoin.keary at owasp.org <mailto:eoin.keary at owasp.org>> wrote:
>>>>                 I am happy with vendor logo as long as content isn't a
>>>>                 vendor pitch or vendor bespoke (ip) and covers off an
>>>>                 issue which is in the open  body of knowledge.
>>>>                 Eoin Keary
>>>>                 BCC Risk Advisory
>>>>                 Owasp Global Board
>>>>                 +353 87 977 2988 <tel:%2B353%2087%20977%202988>
>>>>                 On 27 Mar 2012, at 16:13, Jason Li <jason.li at owasp.org
>>>>                 <mailto:jason.li at owasp.org>> wrote:
>>>>>                 Agreed on the use of the template.
>>>>>                 What's the purpose of the restriction on the company
>>>>>                 logo?
>>>>>                 Is it an attempt to spur corporate membership? Is it
>>>>>                 meant to remove the "vendor"-ness of a talk?
>>>>>                 If the former, I think it actually comes across as
>>>>>                 off-putting and might have the opposite effect... If
>>>>>                 the latter, then the inclusion of the company logo if
>>>>>                 and only if they are an OWASP supporter seems overly
>>>>>                 restrictive IMHO in comparison to the goal.
>>>>>                 What about updating the template to include a
>>>>>                 specific place and limited small size for a logo and
>>>>>                 mandating the use of the template? That would limit
>>>>>                 how much a presenter could plaster their logo across
>>>>>                 a presentation.
>>>>>                 -Jason
>>>>>                 On Tue, Mar 27, 2012 at 9:35 AM, Tom Brennan
>>>>>                 <tomb at owasp.org <mailto:tomb at owasp.org>> wrote:
>>>>>                     Committee(s);
>>>>>                     Today OWASP utilizes a Speaker Agreement that
>>>>>                     outlines the rules for compensation of speakers,
>>>>>                     required templates, audio/visual, vulnerabilities
>>>>>                     disclosure and a laundry list of other terms.
>>>>>                     The Document:
>>>>>                      https://www.owasp.org/index.php/Speaker_Agreement
>>>>>                     With the upcoming long list of AppSec<Regional>,
>>>>>                     AppSec<Global> and chapter events  globally
>>>>>                     happening weekly enforcement of this policy or
>>>>>                     event policing of this policy is difficult
>>>>>                     however the spirit of the speaker agreement in
>>>>>                     keeping OWASP pure to technical, 
>>     _______________________________________________
>>     Committees-chairs mailing list
>>     Committees-chairs at lists.owasp.org
>>     <mailto:Committees-chairs at lists.owasp.org>
>>     https://lists.owasp.org/mailman/listinfo/committees-chairs
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

skype: drwetter.de 
tel:   +49-40-2442035-1
German OWASP Board, Conference Chair AppSec EU 2013

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130120/b5d6f928/attachment-0001.html>

More information about the OWASP-Leaders mailing list