[Owasp-leaders] [Owasp-community] IAB Statement on the Trade in Security Technologies
lucas.ferreira at owasp.org
Tue Jun 23 17:39:01 UTC 2015
thanks for you kind words. I have almost no knowledge of US legislation, so
I cannot comment about specifics. But I know legislators need help in
understanding more technical and specialized topics and we need to find a
way to educate them.
Unfortunately the line between educating and lobbying can be blurry...
On Tue, Jun 23, 2015 at 1:16 PM Jim Manico <jim.manico at owasp.org> wrote:
> This is very well done and I'm glad you are taking such a sensible and
> education-centric position here.
> Lucas, the more I think about this and research this topic the more I
> realize my position was wrong.
> 1) There is plenty of room for us to influence legislation up to a certain
> 2) The board should be very accommodating in encouraging experimentation
> A little warning is reasonable, but this thread got out of hand.
> I get it now and will be certain to encourage more of these activities in
> the future.
> Aloha Lucas,
> Jim Manico
> Global Board Member
> OWASP Foundation
> Join me at AppSecUSA <http://appsecusa.org/> 2015!
> On Jun 23, 2015, at 3:57 AM, Lucas Ferreira <lucas.ferreira at owasp.org>
> not exactly what you are looking for, I guess:
> From my understanding of the whole discussion, our manifesto is Jim's
> nightmare come true... :-)
> On Mon, Jun 22, 2015 at 4:16 PM Jonathan Carter <jonathan.carter at owasp.org>
>> On a slightly related note, are there any OWASP projects that focus on
>> law? It would be interesting to have a project that focuses on current
>> legislation and makes authoritative statements on the efficacy /
>> ramifications of law.
>> On Fri, Jun 19, 2015 at 11:38 PM, Jim Manico <jim.manico at owasp.org>
>>> One of the very few ways we can lose our tax exempt 501(c)3 status - the
>>> status of a charity - is to engage in lobbying activities.
>>> These activities are loosely defined, but we have a responsibility to
>>> avoid trying to influence legislation at OWASP •if• we wish to maintain our
>>> tax exempt status.
>>> It is a core part of the boards fiduciary duty to protect the foundation
>>> from losing its tax exempt status.
>>> However, we can as a foundation and as a community still participate in
>>> this issue by serving our shared mission with care. Let our sword be open
>>> source solutions that help achieve these important security goals. Let our
>>> shields be powerful free documentation that helps inform all about
>>> application security.
>>> Jim Manico
>>> (808) 652-3805
>>> On Jun 19, 2015, at 6:49 PM, Kristian Erik Hermansen <
>>> kristian.hermansen at gmail.com> wrote:
>>> +1000...with NSA Bullrun and other secret programs known to weaken
>>> crypto around the world to a similar end, it is our responsibility as a
>>> community to stand up and say no. As many of us have the power to vote in
>>> the USA, we also have the ability to act as agents for the remainder of the
>>> world that doesn't have such a privilege to influence US policy. So we need
>>> to take that role and responsibility very seriously and make sure that U.S.
>>> policymakers understand crypto weakening proposals and actions are
>>> unacceptable for the greater health of the Internet and autonomy of its
>>> On Fri, Jun 19, 2015 at 9:08 PM Jeff Williams <jeff.williams at owasp.org>
>>>> Thanks for pointing this out. Totally agree and I wish OWASP had come
>>>> out with a similar statement of values.
>>>> Jeff Williams | CTO
>>>> Contrast Security
>>>> @planetlevel @contrastsec
>>>> From: Tobias <tobias.gondrom at owasp.org>
>>>> Sent: Sunday, June 14, 2015 4:44 AM
>>>> Subject: [Owasp-community] IAB Statement on the Trade in Security
>>>> To: <owasp-community at lists.owasp.org>
>>>> I thought this is noteworthy.
>>>> *IAB Statement on the Trade in Security Technologies*
>>>> And I am in strong agreement with the above statement.
>>>> What do you think?
>>>> Best regards,
>>>> Owasp-community mailing list
>>>> Owasp-community at lists.owasp.org
>>> Owasp-community mailing list
>>> Owasp-community at lists.owasp.org
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders