[Owasp-leaders] Seeking Your Feedback on OWASP Participation

Thu Feb 20 18:45:34 UTC 2014

Hi Josh,
Even though that non-members don't know our 'code', that doesn't free them
from it. Especially if the code is an extension on 'social behaviour'.
I see a similarity in law, where you as an individual living in a country
have to live by that law, even if you don't know the exact writing of it.
This is a universal principle within communities and OWASP should be no
exception to that.

Steven.
On 20 Feb 2014 17:22, "Josh Sokol" <josh.sokol at owasp.org> wrote:

> I appreciate your feedback Steven.  For those who haven't read it, the
> OWASP Code of Ethics that Steven is referring to can be found here:
>
>
> https://www.owasp.org/index.php/About_The_Open_Web_Application_Security_Project#Code_of_Ethics
>
> I most certainly agree that this document dictates expectations on how
> those in our community should behave.  The real questions are how do we
> respond to those who do not follow this code.  You bring up an interesting
> point as well about the member vs non-member aspect of this.  I'd guess
> that the majority of non-members who attend meetings haven't read that Code
> of Ethics.  Heck, I'd guess that the majority of members haven't.  Is this
> equivalent to "you didn't read the fine print" or do we have an obligation
> to be more explicit here?
>
> As you can imagine, this is far from a purely hypothetical situation and
> I'm very interested to hear what our leaders think particularly about
> preaching "openness" while at the same time closing the door on those who
> don't conform to our Ethics.  Thank you.
>
> ~josh
>
>
> On Thu, Feb 20, 2014 at 11:03 AM, Steven van der Baan <
> steven.van.der.baan at owasp.org> wrote:
>
>>  Hi Josh,
>>
>> this is a big problem.
>> I personally would refuse that person entrance to the meetings based on
>> the code of conduct, even if he/she is not a (paying) member.
>> I believe that anybody who is attending an OWASP meeting is bound by our
>> principles and code of ethics  And the behaviour that you described is in
>> clear violation of that.
>> However, there should be a possibility for the person to demonstrate the
>> willingness of abiding to the principles and be able to attend the meetings
>> again.
>>
>> But that is just my point of view.
>>
>> Good luck with it,
>> Steven.
>>
>>
>> On 20/02/14 16:34, Josh Sokol wrote:
>>
>>    OWASP Leaders,
>>
>>  Let's say that there is an individual in your local security community
>> who is routinely feuding with other security professionals in the area.  No
>> physical violence, but fairly frequent name calling, negative insinuations,
>> etc.  Their attendance at your OWASP functions (metings, happy hours,
>> conferences, etc) makes other people uncomfortable due to their tendency to
>> cause problems and perhaps these people have even said that they will not
>> attend these events if this individual is also in attendance.  Attempts to
>> seek peace with the individual have failed and the behavior will not
>> change.  What do you do?  Is it acceptable to ban them from these events?
>> Do you allow this one rotten apple to spoil the bunch because OWASP policy
>> says that we are free and open to all?  Is there a point where an
>> individual becomes enough of a distraction that we should consider banning
>> them from OWASP altogether?
>>
>>  A couple of points of reference:
>>
>> Our mission statement says "everyone is free to participate in OWASP" (
>> http://www.owasp.org).
>>
>>  Our Chapter Handbook says "Local chapter meetings must be free for
>> everyone to attend, regardless of whether the attendee is a paid member,
>> and open to anyone." (
>> https://www.owasp.org/index.php/Chapter_Handbook/Chapter_2:_Mandatory_Chapter_Rules#Organize_free_and_open_meetings<https://www.owasp.org/index.php/Chapter_Handbook/Chapter_4:_Chapter_Administration#Mailing_Lists>
>> )
>>
>>  Your feedback is greatly appreciated.
>>
>>  ~josh
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140220/11f0be40/attachment.html>