[Owasp-leaders] Regular OWASP polls

Tobias tobias.gondrom at owasp.org
Tue Jan 7 14:49:45 UTC 2014


+1 with Fabio
(at least for now)


On 07/01/14 13:57, tonyuv at owasp.org wrote:
> +1 with Fabio.
>
>
>
> *From:* Fabio Cerullo <mailto:fcerullo at owasp.org>
> *Sent:* ?Tuesday?, ?January? ?7?, ?2014 ?8?:?28? ?AM
> *To:* psiinon <mailto:psiinon at gmail.com>
> *Cc:* Kanwal Singh (WebMentors) <mailto:kanwalsb at gmail.com>, Ravdeep
> Sodhi <mailto:ravdeep.sodhi at ecoretechnos.com>, OWASP Leaders
> <mailto:owasp-leaders at lists.owasp.org>, Nishant Johar (EMOBX)
> <mailto:nj at emobx.com>
>
> Simon
>
> To my view the votes should only be casted by people with an owasp.org
> <http://owasp.org> address.
>
> Fabio
>
> El Tuesday, January 7, 2014, psiinon escribió:
>
>     I've started to get requests to share this poll with people
>     without OWASP addresses.
>
>     My initial feeling is that I shouldn't - whoever creates an OWASP
>     poll shouldn't be responsible for working out who is part of the
>     OWASP community, and if people want to take part in an OWASP poll
>     then they need to get an OWASP email address.
>
>     Is that a reasonable position?
>
>     Simon
>
>
>     On Tue, Jan 7, 2014 at 10:34 AM, psiinon <psiinon at gmail.com> wrote:
>
>         As per my comment on the RSA training thread I've created an
>         OWASP Polls page on the wiki:
>         https://www.owasp.org/index.php/Polls and added the first poll.
>
>         Anyone who can update the wiki can edit that page, but I think
>         we should have some control over it, eg to make sure we have a
>         regular drip feed of polls.
>
>         Right now I'm happy to act as the gatekeeper for this but I'm
>         also happy for anyone else to help out with this - any volunteers?
>
>         Note that I'm not planning on creating all the polls, but
>         they're easy to create via Google forms and I can help out
>         with any questions.
>
>         Simon
>
>
>         On Mon, Jan 6, 2014 at 10:32 PM, Michael Coates
>         <michael.coates at owasp.org> wrote:
>
>             On the implementation side - google forms may work well
>             here. The owasp.org <http://owasp.org> accounts are
>             provided to members and we can limit votes and also track
>             results.
>
>
>             --
>             Michael Coates
>             @_mwc
>
>
>
>             On Mon, Jan 6, 2014 at 2:08 PM, Konstantinos
>             Papapanagiotou <konstantinos at owasp.org> wrote:
>
>                 This sound good Simon, ie having polls in order to get
>                 the pulse rather than decide. 
>
>                 For the record I strongly believe that threads like
>                 the previous one are extremely useful for OWASP and
>                 the community. My disagreement was on having what is
>                 practically a referendum for such issues. There are
>                 many issues that need to be taken in consideration if
>                 we go down that way (e.g. How many leaders will
>                 actually participate, how many votes do we need to
>                 have a binding decision, what if the outcome is close
>                 to 50-50, what constitutes a seriously enough issue to
>                 ask for the leaders' opinion, etc.). If we work on
>                 such issues, maybe direct democracy turns out to be a
>                 good idea, but meanwhile what Simon says sounds more
>                 realistic, even though in practice the above issues
>                 remain. 
>                 I also support Dinis idea for open, public votes for
>                 such issues.
>
>                 Kostas
>
>
>                 On 6 ??? 2014, at 11:07, psiinon <psiinon at gmail.com>
>                 wrote:
>
>                     OK, this is in reply to Kostas' comment, but I've
>                     changed the title as I think it deserves a
>                     separate thread.
>
>                     I agree that we have a CEO and BoD for these
>                     decisions, but clearly this is something people
>                     feel very strongly about.
>                     Conversely we also often complain that it seems to
>                     be difficult to get OWASP volunteers engaged :)
>
>                     So how about having regular polls for such questions?
>                     (Note that this is not proposed as an alternative
>                     to the email threads, which are a great way of
>                     exploring the arguments and alternatives).
>
>                     The polls should be restricted, eg to people with
>                     OWASP email addresses to prevent easy abuse.
>                     They would not be 'binding' - they would be a way
>                     of getting the 'pulse' rather than the way we
>                     arrive at decisions.
>                     The board (or whoever makes the final decision)
>                     should take into account the results, but 100%
>                     against a proposal isnt very definitive if only 5
>                     people vote ;)
>
>                     And they wouldnt have to be just for the 'big'
>                     questions, they could be for anything OWASP related.
>                     e.g. "What is the most important feature missing
>                     from ZAP: A) ..."
>
>                     It might take a bit of effort setting up the right
>                     infrastructure, but if that was in place then it
>                     would be much easier to find out how the OWASP
>                     community feels about things like participation in
>                     RSAC.
>
>                     Simon
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140107/dcb0a438/attachment-0001.html>


More information about the OWASP-Leaders mailing list