[Owasp-leaders] OWASP Project Sponsorship - What Model does OWASP want?

Dennis Groves dennis.groves at owasp.org
Thu Oct 10 00:27:52 UTC 2013

It is my personal belief that everybody is here for altruistic reasons. 

However, some are fortunate and are able to contribute freely. Others, 
are fortunate to be able to give freely because they belong to 
altruistic organisations. And other are giving up their vacations 
because their employers not altruistic. And I have heard many times that 
people would like to attend but due to various life circumstances are 
not able to even attend meetings…

Indeed, my take is that number 2 is the road to nascar but has some 
things I like about it. And while number 3 is preferred, but I am not 
certain it sweetens the pie enough for corporate participation.

It is my humble opinion that the source of the controversy is that some 
members feel that everybody should be here for altruistic reasons and 
that allowing corporations renumeration 'contaminates' their good will 
and the brand of OWASP. Others, want to be altruistic but can not do so 
without their employers support, and their employers are not altruistic.

So the question is: "How can OWASP create an environment where everybody 
can contribute and participate?"

Michael has already identified that by 'formalising the approach' 
everyone can get back to creating awesome, as the rules of engagement 
are understood in advance and are as fair as possible to all interests 

I wish I had an answer, and my personal opinion is likely to be 
seemingly extreme to many in the community, as I value people over 



On 9 Oct 2013, at 15:57, Michael Coates wrote:

> Chris,
> I think that is a good point with any guidance/policy. We define the 
> normal
> path on how we do things with a realization that we won't be solving 
> for
> 100% of the scenarios. In the event someone feels they fall outside of 
> the
> normal path then we have clear information on the proper way to do it
> differently. This could be anything from noting that you are doing
> something different to a formal approval process. I should be clear 
> that
> I'm for minimum viable red tape to handle those scenarios.
> But back to your main point we should definitely realize there will be
> exceptions to everything and make sure we clearly address how to 
> handle
> those.
> Thanks for the feedback!
> -Michael
> --
> Michael Coates | OWASP | @_mwc

[Dennis Groves](http://about.me/dennis.groves), MSc
[Email me](mailto:dennis.groves at owasp.org) or [schedule a 

     Unless someone like you...cares a whole awful lot...
     nothing is going to get better...It's not."
                                             -- The Lorax

More information about the OWASP-Leaders mailing list