[Owasp-leaders] OWASP Access Management Policy

Larry Conklin larry.conklin at owasp.org
Thu Nov 10 19:54:26 UTC 2016


I should have wrote "Doesn't sound like an open organization to me"

On Thu, Nov 10, 2016 at 2:52 PM, Larry Conklin <larry.conklin at owasp.org>
wrote:

> Elizabeth
> Who came up with this rule?....and why is it necessary?...Does sound like
> an open organization to me. Is this a world-wide rule?
> *For the on-site events attendance, OWASP members and non-members may be
> asked to present their state issued photo identification card (passport,
> driver license, e.g.).*
>
> Larry
>
> On Thu, Nov 10, 2016 at 10:16 AM, Elizabeth Belousov <
> elizabeth.belousov at owasp.org> wrote:
>
>> It was a long overdue on my part. Last night at NY chapter meeting the
>> topic was brought up to the discussion, which spurred me to think of OWASP
>> Top 10 Compliance.
>>
>> Below:
>>
>> -- The background of the proposal
>>
>> -- OWASP Access Management Policy
>> <https://drive.google.com/a/owasp.org/file/d/0B2w4JBsaD0LFTDYzSlk2WFNnelk/view?usp=sharing>
>> (also linked via Google drive)
>>
>> *****************************
>>
>> Dear OWASP leaders:
>>
>>
>>
>> I’m writing you to solicit your feedback about the OWASP Access
>> Management Policy that I recommend for adoption.
>>
>>
>>
>> Background. Earlier this year, there were several graphic
>> violence/hatred content incidents on NY/NJ Meetup page. In order to monitor
>> OWASP social media pages for inappropriate profile images, I proposed
>> adopting the OWASP access management policy that would allow profile
>> reconciliation based on the truthful information provided by OWASP
>> followers and members.
>>
>>
>>
>> The access management policy would allow to:
>>
>>
>>
>> - Minimize or eliminate the presence of synthetic or anonymous OWASP
>> followers;
>>
>> - Facilitate to physical access according to security standards of the
>> hosting sites;
>>
>> - Drive meeting attendance by collaborating with real people.
>>
>>
>>
>> Looking forward to your feedback!
>>
>>
>> *****************************
>> Regards,
>>
>> *Liz Belousov*
>> NYC chapter Volunteer* | *OWASP Foundation
>>
>>
>>
>> *OWASP Access Management Policy*
>>
>>
>>
>> The OWASP members or non-members that would like to participate in the
>> OWASP chapter activities (events, webinars, onsite and online forums [e.g.
>> by posting comments]) must use their real identities: first name, last
>> name, and an image that corresponds to that identity [a headshot image].
>>
>>
>>
>> For the on-site events attendance, OWASP members and non-members may be
>> asked to present their state issued photo identification card (passport,
>> driver license, e.g.).
>>
>>
>>
>> The OWASP local chapters reserve a right to exclude from event
>> registration and consequently the onsite or online participation those
>> individuals who do not comply with the OWASP Access Management requirement.
>>
>>
>>
>> The OWASP maintains privacy of chapter members and meeting attendees
>> according to the Mandatory Chapter Rules (cited below).
>>
>>
>>
>> [“The privacy of chapter members and meeting attendees should be
>> protected at all times. You should not disclose names, email addresses, or
>> other identifying information about OWASP members or meeting attendees.
>> Only aggregate statistics can be referenced. Sponsors should not have
>> access to member lists; however, they may ask attendees to share contact
>> information voluntarily, for example via submitting business cards
>> voluntarily for a raffle.”]
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20161110/b284bd79/attachment.html>


More information about the OWASP-Leaders mailing list