[Owasp-leaders] Suggestion of better brand guidelines

Dirk Wetter dirk at owasp.org
Mon Jun 6 15:33:36 UTC 2016


Hi Liam and all,

Am 05/20/2016 um 06:38 PM schrieb Liam Smit:
> Hi Dirk
> 
> On Fri, May 20, 2016 at 5:57 PM, Dirk Wetter <dirk at owasp.org <mailto:dirk at owasp.org>> wrote:
> 
> 
>     Am 05/20/2016 um 05:07 PM schrieb johanna curiel curiel:
> 
> 
> <snip> 
> 
>     > Abuses will happen where financial gain is.If putting this logo can help me sell...well you bet the first ones happy will be the vendors.
>     > Contrast did that with OWASP benchmark publicising OWASP logo 'sponsored by' even the DHS logo.
>     > https://twitter.com/jctechno/status/672079500033814528
> 
>     Ok, a TM would have helped here maybe.
> 
> 
>     But in general this is why I think giving away a supporter logo is not good either -- the
>     only point where we have
>     a different stance so far:
> 
>     My firm belief is if you give a away a logo you can't control the usage. It's like putting
>     a vulnerable
>     web application in the internet. Somebody will find and hack/abuse it. It also doesn't
>     matter if a law is
>     saying that it shouldn't been hacked [1]. Same with the logo. Giving a logo away is like
>     announcing
>     a vulnerable web app to all bad guys. So a supporter logo could be an invitation to abuse
>     (ideas see my first mail).
> 
>     Also I do not understand the point in the first place: Why do we want to give a away a
>     logo? What's
>     our added benefit?
> 
>     Thus I find a very strict logo policy accompanied with a proper TM the right thing to do.
>     There's
>     still potential for abuse but at least you did the best reasonably possible..
> 
>     Look at ISACA. You can't use the logo without written consent by ISACA.
> 
> 
> Why don't you put forward a strict logo use policy?
> 
> Obviously it might not be adopted if most people prefer a looser logo usage policy but if you
> don't put anything forward then I highly doubt anything will come of you merely stating your
> preference for a strict usage policy.

fair enough.

Not so many people responded, so I wanted to limit my investment in terms of time.

Suggestion:

--snip

The OWASP logo (future: is a trademark and) is the property of the OWASP Foundation.

* OWASP logos must not be used by individuals or organizations to promote commercial products,
services, or events such as conferences, courses.
* OWASP logos must not be used in a manner that suggests that The OWASP Foundation supports,
advocates, endorses, or recommends any particular product, services or technology.
* OWASP logos must not be used in a manner that suggests that a product or technology is
compliant with any OWASP Materials
* OWASP logos must not be used in a manner that suggests that a product or technology can
enable compliance with any OWASP Materials
* OWASP logos may be used by special arrangement with The OWASP Foundation. Requests to use
OWASP logos should be directed in writing to
  <fillinmailaddresshere>. Requests will be evaluated on a case-by-case basis by a compliance team.
* The special arrangement can be withdrawn by OWASP at any point of time.

--snap

I was replacing brand by logo. I haven't seen @
https://www.owasp.org/index.php/Marketing/Resources#tab=BRAND_GUIDELINES
any definition of the term "brand". If that would be clarified we could swap that back.




Cheers, Dirk


-- 
German OWASP Chapter Lead
Send me encrypted mails (Key ID 0xB818C039)



More information about the OWASP-Leaders mailing list