[Owasp-leaders] [Owasp-board] Public Comment

Jim Manico jim.manico at owasp.org
Fri Dec 12 19:01:07 UTC 2014


Bev,

The board does indeed set the vision for the organization. But project 
oversight responsibility has been passed to the project committee, and 
overall compliance issues are lead by our ombudsman (compliance officer) 
Martin Knoblock.

Aloha,
Jim


On 12/11/14 10:28 AM, Bev Corwin wrote:
> Thanks Josh, Doesn't the board have "oversight" and "compliance" 
> responsibilities to the OWASP Community? Best wishes, Bev
>
> On Thu, Dec 11, 2014 at 12:57 PM, Josh Sokol <josh.sokol at owasp.org 
> <mailto:josh.sokol at owasp.org>> wrote:
>
>     It's a good point and I've definitely seen examples in the past of
>     where a project has made significant decisions in a relative
>     bubble before publishing it as an "open" document.  Honestly, I
>     think to some extent that boils down to the project
>     leadership/management and how they choose to run things.  Not that
>     it makes it right or wrong.  I do agree with Simon in that this is
>     not a Board decision though.  If for some reason people felt like
>     project leaders are incapable of doing this, or that rules need to
>     be put in place to enforce it, then that's something I would look
>     to the Project Committee to establish.
>
>     ~josh
>
>     On Thu, Dec 11, 2014 at 11:51 AM, Bev Corwin <bev.corwin at owasp.org
>     <mailto:bev.corwin at owasp.org>> wrote:
>
>         PS: Your reference was for "free" not "open". Do you have
>         something that would be a good reference for "open"? How about
>         free and open? Thank you!
>
>         On Thu, Dec 11, 2014 at 12:50 PM, Bev Corwin
>         <bev.corwin at owasp.org <mailto:bev.corwin at owasp.org>> wrote:
>
>             Dear Simon,
>
>             Thank you. Good info, very much appreciate it. Where are
>             you pulling your assumptions from? Is there a definition
>             of "open" somewhere that could be referenced? So many
>             organizations claim to be "open", however, very few
>             actually "manifest" it well. Would be nice to see some
>             kind of guidelines somewhere. That would be a board policy
>             issue to recommend such things, wouldn't it?
>
>             Best wishes,
>             Bev
>
>
>             On Thu, Dec 11, 2014 at 12:36 PM, psiinon
>             <psiinon at gmail.com <mailto:psiinon at gmail.com>> wrote:
>
>                 I'm not sure this is a board matter, although board
>                 members should definitely speak up if they disagree :)
>                 I think this is more a matter of 'good open source
>                 leadership/management' as it applies to all open
>                 source projects and not just OWASP ones.
>                 But its something we can all learn from each other and
>                 so I think this list is a good place to discuss it.
>
>                 Can you explain in a bit more detail which project(s)
>                 you are referring to, what stage they are at and what
>                 you hope to get out of such consultations?
>                 I think the approaches for well established projects
>                 are likely to be very different from ones that are
>                 just starting out.
>
>                 There are online resources like this which might help
>                 you: http://producingoss.com/
>
>                 Any others people can recommend?
>
>                 Cheers,
>
>                 Simon
>
>                 On Thu, Dec 11, 2014 at 5:26 PM, Bev Corwin
>                 <bev.corwin at owasp.org <mailto:bev.corwin at owasp.org>>
>                 wrote:
>
>                     Thanks Simon, Yes, that is what I thought as well.
>                     Has the board made official recommendations about
>                     these things? Are they documented somewhere? As a
>                     practice, are there any guidelines for how to best
>                     do this in the community? Do we have a mailing
>                     list of interested public contributors that we can
>                     submit requests for comments to, etc.? Best
>                     wishes, Bev
>
>                     On Thu, Dec 11, 2014 at 12:20 PM, psiinon
>                     <psiinon at gmail.com <mailto:psiinon at gmail.com>> wrote:
>
>                         Hi Bev,
>
>                         I'm confused :/
>                         All OWASP projects are open source and should
>                         therefore be open for public comment at all times.
>                         All projects must have public lists that are
>                         clearly discoverable via the project page.
>                         You can ask for specific feedback from other
>                         leaders / your users / the general public at
>                         specific times as well of course.
>
>                         Cheers,
>
>                         Simon
>
>                         On Thu, Dec 11, 2014 at 5:05 PM, Bev Corwin
>                         <bev.corwin at owasp.org
>                         <mailto:bev.corwin at owasp.org>> wrote:
>
>                             Dear OWASP Board and Leaders,
>
>                             Is it possible for OWASP projects and
>                             initiatives to open up for public comment
>                             at various stages in our projects and
>                             initiatives development processes? Do we
>                             have any board or leader level
>                             recommendations, policies / best practices
>                             for this kind of thing?
>
>                             Best wishes,
>                             Bev
>
>
>                             _______________________________________________
>                             OWASP-Leaders mailing list
>                             OWASP-Leaders at lists.owasp.org
>                             <mailto:OWASP-Leaders at lists.owasp.org>
>                             https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>
>                         -- 
>                         OWASP ZAP
>                         <https://www.owasp.org/index.php/ZAP> Project
>                         leader
>
>
>
>
>
>                 -- 
>                 OWASP ZAP <https://www.owasp.org/index.php/ZAP>
>                 Project leader
>
>
>
>
>         _______________________________________________
>         Owasp-board mailing list
>         Owasp-board at lists.owasp.org <mailto:Owasp-board at lists.owasp.org>
>         https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141212/3a623f8c/attachment-0001.html>


More information about the OWASP-Leaders mailing list