[Owasp-leaders] Regular OWASP polls

Fabio Cerullo fcerullo at owasp.org
Tue Jan 7 11:17:43 UTC 2014


Great stuff Simon... You effectively created the OWASP Community vote :-)

Fabio

El Tuesday, January 7, 2014, psiinon escribió:

> As per my comment on the RSA training thread I've created an OWASP Polls
> page on the wiki: https://www.owasp.org/index.php/Polls and added the
> first poll.
>
> Anyone who can update the wiki can edit that page, but I think we should
> have some control over it, eg to make sure we have a regular drip feed of
> polls.
>
> Right now I'm happy to act as the gatekeeper for this but I'm also happy
> for anyone else to help out with this - any volunteers?
>
> Note that I'm not planning on creating all the polls, but they're easy to
> create via Google forms and I can help out with any questions.
>
> Simon
>
>
> On Mon, Jan 6, 2014 at 10:32 PM, Michael Coates <michael.coates at owasp.org>wrote:
>
> On the implementation side - google forms may work well here. The
> owasp.org accounts are provided to members and we can limit votes and
> also track results.
>
>
> --
> Michael Coates
> @_mwc
>
>
>
> On Mon, Jan 6, 2014 at 2:08 PM, Konstantinos Papapanagiotou <
> konstantinos at owasp.org> wrote:
>
> This sound good Simon, ie having polls in order to get the pulse rather
> than decide.
>
> For the record I strongly believe that threads like the previous one are
> extremely useful for OWASP and the community. My disagreement was on having
> what is practically a referendum for such issues. There are many issues
> that need to be taken in consideration if we go down that way (e.g. How
> many leaders will actually participate, how many votes do we need to have a
> binding decision, what if the outcome is close to 50-50, what constitutes a
> seriously enough issue to ask for the leaders' opinion, etc.). If we work
> on such issues, maybe direct democracy turns out to be a good idea, but
> meanwhile what Simon says sounds more realistic, even though in practice
> the above issues remain.
> I also support Dinis idea for open, public votes for such issues.
>
> Kostas
>
>
> On 6 Ιαν 2014, at 11:07, psiinon <psiinon at gmail.com> wrote:
>
> OK, this is in reply to Kostas' comment, but I've changed the title as I
> think it deserves a separate thread.
>
> I agree that we have a CEO and BoD for these decisions, but clearly this
> is something people feel very strongly about.
> Conversely we also often complain that it seems to be difficult to get
> OWASP volunteers engaged :)
>
> So how about having regular polls for such questions?
> (Note that this is not proposed as an alternative to the email threads,
> which are a great way of exploring the arguments and alternatives).
>
> The polls should be restricted, eg to people with OWASP email addresses to
> prevent easy abuse.
> They would not be 'binding' - they would be a way of getting the 'pulse'
> rather than the way we arrive at decisions.
> The board (or whoever makes the final decision) should take into account
> the results, but 100% against a proposal isnt very definitive if only 5
> people vote ;)
>
> And they wouldnt have to be just for the 'big' questions, they could be
> for anything OWASP related.
> e.g. "What is the most important feature missing from ZAP: A) ..."
>
> It might take a bit of effort setting up the right infrastructure, but if
> that was in place then it would be much easier to find out how the OWASP
> community feels about things like participation in RSAC.
>
> Simon
>
> On Sun, Jan 5, 2014 at 5:59 PM, Konstantinos Papapanagiotou <
> konstantinos at owasp.org> wrote:
>
> This kind of democracy might have worked in ancient Athens (with pros and
> cons) but nowadays we have a BoD and a CEO for such kind of decisions.
>
> Kostas
>
>
> On Sunday, January 5, 2014, L. Gustavo C. Barbato wrote:
>
> Keeping discussing philosophy and high ideals, we will never reach a
> consensus in the time frame we need, so let's let democracy wins the debay.
>
> On 05/01/2014, at 11:38, Josh Sokol <josh.sokol at owasp.org> wrote:
>
> A key differentiator when we did this free training at AppSecUSA in Austin
> and LASCON 2013
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140107/272d7341/attachment.html>


More information about the OWASP-Leaders mailing list