[Owasp-leaders] RSA

Ralf Reinhardt ralf.reinhardt at owasp.org
Thu Jan 9 20:10:17 UTC 2014


Eoin and Jim
+1 and thank you.

Just for your information:

Since quite a lot of people in Germany meanwhile feel unhappy and
monitored then using google and other US located or owned services,
large parts of the German OWASP or web application security community
probably does not even have or use an OWASP.org account.

So it was – in my eyes – utterly unfair to exclude them. I did send the
information that there is a poll going on into the German OWASP mailing
list and cloned the poll of Simon into ServeyMonkey (yes, still US owned
and logging IPs, but the world is not perfect).

I asked the owasp.org account holder to use the "official" one and
anybody else to use my cloned version. I did this about 8,5 h before,
and until now 29 persons have voted:

-----8<-----
Should OWASP give a developer training cource at the 2014 RSA
conference? For background info see
http://lists.owasp.org/pipermail/owasp-board/2014-January/thread.html 

- Yes, this should be an official OWASP initiative, 3,45%, 1 person
- Yes, as long as the training is given as individuals an not an
official OWASP initiative, 3,45%, 1 person
- No, OWASP should publicly pull out, 89,66%, 26 persons
- The board should decide, 3,45%, 1 person


Should OWASP make a public statement to the effect that
subverting/weakening crypto is a bad idea 

- Yes, 96,55%, 28 persons
- No, 3,45%, 1 person
-----8<-----


Am Donnerstag, den 09.01.2014, 19:58 +0000 schrieb Dinis Cruz:
> Yeah that RSA answer is quite out of order. Is that published
> somewhere? It would be good to have a public record of how they
> reacted 
> 
> On 9 Jan 2014 19:43, "Jim Manico" <jim.manico at owasp.org> wrote:
>         OWASP Leaders,
>         
>         Among many reasons, one being that Eoin and I are co-authors,
>         I am going to follow his lead and pull way from the RSA
>         conference training.
>         
>         This was a difficult decision and I am not happy at how this
>         all went down. Again, I think we need to apply this same kind
>         of judgement evenly.
>         
>         Frankly, I was very positive on doing the RSA training up
>         until we received their response asking us to cease-and-desist
>         from talking to BSsides and asking Eoin for a retraction. I
>         can't say that I blame them, but it made it clear to me that
>         we we either need to do the co-marketing and training, or walk
>         away from both.
>         
>         Aloha,
>         Jim Manico
>         OWASP Board Member
>         @Manicode
>         (808) 652-3805
>         
>         
>         
>         
>         > OWASP leaders,
>         >
>         > I've decided to pull my delivery of training from the RSA
>         conference.
>         >
>         > I don't believe supporting in organisation who tries to
>         control other organisations (whom they talk to) or is
>         allegedly involved with weak crypto/NSA conspiracy is good for
>         the foundation.
>         >
>         > I also request that OWASP pull the plug on any involvement
>         with RSA for 2014.
>         >
>         > Sorry I this upsets some people. I was voted (as a board
>         member)  to lead by you and I am trying to do just that.
>         >
>         >
>         >
>         >
>         > Eoin Keary
>         > Owasp Global Board
>         > +353 87 977 2988
>         >
>         > _______________________________________________
>         > OWASP-Leaders mailing list
>         > OWASP-Leaders at lists.owasp.org
>         > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>         >
>         
>         _______________________________________________
>         OWASP-Leaders mailing list
>         OWASP-Leaders at lists.owasp.org
>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders




More information about the OWASP-Leaders mailing list