[Owasp-leaders] OWASP Project Sponsorship - What Model does OWASP want?

Michael Coates michael.coates at owasp.org
Wed Oct 9 22:57:49 UTC 2013


Chris,

I think that is a good point with any guidance/policy. We define the normal
path on how we do things with a realization that we won't be solving for
100% of the scenarios. In the event someone feels they fall outside of the
normal path then we have clear information on the proper way to do it
differently. This could be anything from noting that you are doing
something different to a formal approval process. I should be clear that
I'm for minimum viable red tape to handle those scenarios.

But back to your main point we should definitely realize there will be
exceptions to everything and make sure we clearly address how to handle
those.

Thanks for the feedback!

-Michael


--
Michael Coates | OWASP | @_mwc



On Wed, Oct 9, 2013 at 2:51 PM, Chris Schmidt <chris.schmidt at owasp.org>wrote:

>  I think these are a good starting point, however I think text needs to
> be added to each that allows for amending on a case by case basis. As most
> know, I am a strong advocate for standardization across the entire OWASP
> Projects Portfolio, but I also understand that there is no
> one-size-fits-all solution to issues like this. I leave it up to someone
> smarter than me to word it, but I think it is an important aspect of
> Options 2 and 3.
>
> ~C
>
>
> On 10/9/13 3:08 PM, Michael Coates wrote:
>
>    I noticed we haven't had many emails on this topic. Are people happy
> with the three options? I'd like to make sure we have the positives and
> negatives fully captured.
>
> If we're good then the following will be added to the election ballot.
>
>  Proposed Text:
>
>
>
>  OWASP is defining our project sponsorship and branding model. Which of
> the following model do you want for OWASP? The voice of the community will
> decide this issue.
>
>  Full information and and details for each option is listed here:
> https://www.owasp.org/index.php/Governance/ProjectSponsorship
>  The additional information covers many more elements of each option and
> you're strongly encouraged to review.
>
>  Option 1: *Projects can be sponsored. Project leaders decide all items
> including how all contributors are recognized, location of logos, criteria
> for logos, etc.
>
> *
> Option 2: *Projects can be sponsored. Standard process across OWASP
> projects for items such as **how all contributors are recognized, **location
> of logos, criteria for logos, etc.
>
> *
> Option 3:* **Projects can not be sponsored. Organizations can support the
> foundation and the foundation can support projects through programs (summer
> of code, project reboot etc). OWASP foundation supporters have their logo
> on a dedicated OWASP foundation page.
> *
>
>
> --
> Michael Coates | OWASP | @_mwc
>
>
>
> On Tue, Oct 8, 2013 at 11:02 AM, Michael Coates <michael.coates at owasp.org>wrote:
>
>>  Leaders,
>>
>>  *TLDR -* We want leaders to debate various project sponsorship models
>> (update as necessary) and vote on the one they support in the upcoming
>> annual elections (Oct 14 -25).
>>
>> https://www.owasp.org/index.php/Governance/ProjectSponsorship
>>
>>
>>  *More Info*
>>
>>  Project sponsorship and branding is an item that we've been working on
>> at the board for quite some time. Through discussion we've realized there
>> is not a single right model for OWASP. Instead there is a spectrum of
>> approaches (decentralized decisions on branding vs centralized, logos or no
>> logos, project sponsorship or foundation sponsorship etc). Each of these
>> items have their own positives and negatives.
>>
>>  However, one thing is clear. For OWASP to scale and grow we need to
>> pick an approach and document it. This way everyone understands what the
>> rules are, how to bring in new contributors and how to correctly
>> acknowledge supporters & contributors.
>>
>>  We'd like the OWASP community to cast a vote for the model they believe
>> is best for OWASP. Before we vote on the issue we also want our community
>> to help identify considerations for each model. What are the positives and
>> negatives? Is there another approach that we should consider? Is there
>> something we're not considering?
>>
>>  The 3 approaches are listed here in the wiki
>> https://www.owasp.org/index.php/Governance/ProjectSponsorship
>>
>>  Please update and add additional considerations. Please don't remove
>> existing text. Instead use the comment section at the bottom to explain
>> areas you may disagree with.
>>
>>
>>  Thanks!
>>
>>
>> --
>> Michael Coates | OWASP | @_mwc
>>
>>
>
>
> _______________________________________________
> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131009/01437df4/attachment.html>


More information about the OWASP-Leaders mailing list