[Owasp-leaders] Regular OWASP polls

Fabio Cerullo fcerullo at owasp.org
Tue Jan 7 13:28:11 UTC 2014


Simon

To my view the votes should only be casted by people with an owasp.orgaddress.

Fabio

El Tuesday, January 7, 2014, psiinon escribió:

> I've started to get requests to share this poll with people without OWASP
> addresses.
>
> My initial feeling is that I shouldn't - whoever creates an OWASP poll
> shouldn't be responsible for working out who is part of the OWASP
> community, and if people want to take part in an OWASP poll then they need
> to get an OWASP email address.
>
> Is that a reasonable position?
>
> Simon
>
>
> On Tue, Jan 7, 2014 at 10:34 AM, psiinon <psiinon at gmail.com> wrote:
>
> As per my comment on the RSA training thread I've created an OWASP Polls
> page on the wiki: https://www.owasp.org/index.php/Polls and added the
> first poll.
>
> Anyone who can update the wiki can edit that page, but I think we should
> have some control over it, eg to make sure we have a regular drip feed of
> polls.
>
> Right now I'm happy to act as the gatekeeper for this but I'm also happy
> for anyone else to help out with this - any volunteers?
>
> Note that I'm not planning on creating all the polls, but they're easy to
> create via Google forms and I can help out with any questions.
>
> Simon
>
>
> On Mon, Jan 6, 2014 at 10:32 PM, Michael Coates <michael.coates at owasp.org>wrote:
>
> On the implementation side - google forms may work well here. The
> owasp.org accounts are provided to members and we can limit votes and
> also track results.
>
>
> --
> Michael Coates
> @_mwc
>
>
>
> On Mon, Jan 6, 2014 at 2:08 PM, Konstantinos Papapanagiotou <
> konstantinos at owasp.org> wrote:
>
> This sound good Simon, ie having polls in order to get the pulse rather
> than decide.
>
> For the record I strongly believe that threads like the previous one are
> extremely useful for OWASP and the community. My disagreement was on having
> what is practically a referendum for such issues. There are many issues
> that need to be taken in consideration if we go down that way (e.g. How
> many leaders will actually participate, how many votes do we need to have a
> binding decision, what if the outcome is close to 50-50, what constitutes a
> seriously enough issue to ask for the leaders' opinion, etc.). If we work
> on such issues, maybe direct democracy turns out to be a good idea, but
> meanwhile what Simon says sounds more realistic, even though in practice
> the above issues remain.
> I also support Dinis idea for open, public votes for such issues.
>
> Kostas
>
>
> On 6 Ιαν 2014, at 11:07, psiinon <psiinon at gmail.com> wrote:
>
> OK, this is in reply to Kostas' comment, but I've changed the title as I
> think it deserves a separate thread.
>
> I agree that we have a CEO and BoD for these decisions, but clearly this
> is something people feel very strongly about.
> Conversely we also often complain that it seems to be difficult to get
> OWASP volunteers engaged :)
>
> So how about having regular polls for such questions?
> (Note that this is not proposed as an alternative to the email threads,
> which are a great way of exploring the arguments and alternatives).
>
> The polls should be restricted, eg to people with OWASP email addresses to
> prevent easy abuse.
> They would not be 'binding' - they would be a way of getting the 'pulse'
> rather than the way we arrive at decisions.
> The board (or whoever makes the final decision) should take into account
> the results, but 100% against a proposal isnt very definitive if only 5
> people vote ;)
>
> And they wouldnt have to be just for the 'big' questions, they could be
> for anything OWASP related.
> e.g. "What is the most important feature missing from ZAP: A) ..."
>
> It might take a bit of effort setting up the right infrastructure, but if
> that was in place then it would be much easier to find out how the OWASP
> community feels about things like participation in RSAC.
>
> Simon
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140107/d51084ce/attachment-0001.html>


More information about the OWASP-Leaders mailing list