[Owasp-leaders] OWASP Project Sponsorship - What can we spend money on?

Tobias tobias.gondrom at owasp.org
Mon Oct 14 18:14:36 UTC 2013


+1
It's definitely good to err on the save side when it comes to avoiding
potential conflicts of interest.
All the best, Tobias


On 10/10/13 21:20, Eoin Keary wrote:
> +1
>
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
>
>
> On 9 Oct 2013, at 10:01, psiinon <psiinon at gmail.com
> <mailto:psiinon at gmail.com>> wrote:
>
>> Andrew,
>>
>> I agree - we should have this discussion - I've changed the title so
>> we can use this thread for it if anyone else wants to chip in.
>>
>> I also agree that we should be able to pay people to work on OWASP
>> projects.
>> However we should have checks and balances to ensure that a 'rogue'
>> leader doesnt contrive to appropriate donated money without
>> contributing a suitable amount of effort.
>> Hopefully thats extremely unlikely, but we should aim to be seen as
>> whiter than white.
>>
>> Note that we have actually started down this route - see Abraham's
>> OWTF CFP: http://blog.7-a.org/2013/09/owasp-owtf-cfp-funds-contest.html
>>
>> Abraham - have you had any responses to this?
>>
>> Cheers,
>>
>> Simon
>>
>>
>> On Wed, Oct 9, 2013 at 2:17 AM, vanderaj vanderaj <vanderaj at owasp.org
>> <mailto:vanderaj at owasp.org>> wrote:
>>
>>     This is an excellent discussion. 
>>
>>     However, although it is fine to have this discussion, I think
>>     there is "what can (project leaders)|(or the project)|(or OWASP)
>>     spend raised sponsorship money on". 
>>
>>     I've made it perfectly plain over many years that for whatever
>>     reason, I don't get time off to do my work at OWASP, so
>>     sponsorship for me is about taking a sabbatical to work on
>>     projects. The idea that the only people who can get paid for
>>     OWASP projects are not the people writing them is insane. Our
>>     project is big enough to support a few key individuals to get
>>     things really moving, a la Linux Foundation and their fellowships. 
>>
>>     I'd like for "how can projects spend their money" to be a
>>     separate question to the proposed model question. 
>>
>>     thanks,
>>     Andrew 
>>
>>
>>     On Wed, Oct 9, 2013 at 5:02 AM, Michael Coates
>>     <michael.coates at owasp.org <mailto:michael.coates at owasp.org>> wrote:
>>
>>         Leaders,
>>
>>         _*TLDR -*_ We want leaders to debate various project
>>         sponsorship models (update as necessary) and vote on the one
>>         they support in the upcoming annual elections (Oct 14 -25).
>>
>>         https://www.owasp.org/index.php/Governance/ProjectSponsorship
>>
>>
>>         _*More Info*_
>>
>>         Project sponsorship and branding is an item that we've been
>>         working on at the board for quite some time. Through
>>         discussion we've realized there is not a single right model
>>         for OWASP. Instead there is a spectrum of approaches
>>         (decentralized decisions on branding vs centralized, logos or
>>         no logos, project sponsorship or foundation sponsorship etc).
>>         Each of these items have their own positives and negatives.
>>
>>         However, one thing is clear. For OWASP to scale and grow we
>>         need to pick an approach and document it. This way everyone
>>         understands what the rules are, how to bring in new
>>         contributors and how to correctly acknowledge supporters &
>>         contributors.
>>
>>         We'd like the OWASP community to cast a vote for the model
>>         they believe is best for OWASP. Before we vote on the issue
>>         we also want our community to help identify considerations
>>         for each model. What are the positives and negatives? Is
>>         there another approach that we should consider? Is there
>>         something we're not considering?
>>
>>         The 3 approaches are listed here in the wiki
>>         https://www.owasp.org/index.php/Governance/ProjectSponsorship
>>
>>         Please update and add additional considerations. Please don't
>>         remove existing text. Instead use the comment section at the
>>         bottom to explain areas you may disagree with.
>>
>>
>>         Thanks!
>>
>>
>>         --
>>         Michael Coates | OWASP | @_mwc
>>
>>
>>         _______________________________________________
>>         OWASP-Leaders mailing list
>>         OWASP-Leaders at lists.owasp.org
>>         <mailto:OWASP-Leaders at lists.owasp.org>
>>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>     _______________________________________________
>>     OWASP-Leaders mailing list
>>     OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>>
>> -- 
>> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131014/25f646f9/attachment.html>


More information about the OWASP-Leaders mailing list