[Owasp-leaders] 2017 Roles and Responsibilities

johanna curiel curiel johanna.curiel at owasp.org
Wed Jan 18 11:57:34 UTC 2017

>>There is a huge disconnect but I am not sure why or how or where it

Thats why I fnid it a priority to have a proper volunteer portal.

Without a way to structure and let potential volunteers connect with the
tasks we have, become quite difficult even when people want to help

I have met many that have asked how they can help. If you look at the
volunteer section on our wiki, this is really poor.

As someone that has been into project reviews for a quite longtime i can
tell you that evaluating projects is a dating tasks.

Matt Tesauro came on board as full time Senior technical project manager to
help assist that. So yes, he did the reviews and I fully trust Matt's
experience in this matter.

Now our major problem is that the community is not participating on
validating the reviews done. A way is to organize tis during a summit which
a fully support, another is like I've been mentioning, creat a proper
volunteer portal not only for project reviews but to help support projects
in general with new volunteers

I'll make an official plan for this part and help execute it. Will send
soon a proposal to be discussed with the community


On Mon, Jan 16, 2017 at 8:09 PM, Larry Conklin <larry.conklin at owasp.org>

> But the is the real issue. We have had already projects trying to help
> with the issue what is a healthy project. We get lots of input. Then it
> dies. We have had this project start-up more than once. On the projects
> just pushed to only two people from the community answered Claudia
> response. I being one of the two responses. There is a huge disconnect but
> I am not sure why or how or where it resides.
> My thoughts on attaching to tom's email thread was I wanted some
> discussion on Staff responsibilities for project promotion. I also posted
> my response on other threads asking why we are not getting community
> involvement.
> We are hurting OWASP and its brand name for source code projects unless we
> get a grasp of what the real issues are.  Zap is good not because of the
> community (while they do help in voting) but because of Simon and we know
> we have other good projects but we really do need a clean up, remove the
> deadwood, provide a throttle so good projects see flagship and not others.
> Personally I think doing things by email and wiki hurts in processes like
> this where we need better interactively between people.
> Larry
> On Sun, Jan 15, 2017 at 12:01 PM, Dinis Cruz <dinis.cruz at owasp.org> wrote:
>> of course, but we need a big push of focus and work to get to that point
>> (which is what the Summit can facilitate)
>> On 12 January 2017 at 18:54, Larry Conklin <larry.conklin at owasp.org>
>> wrote:
>>> Dinis, this seems to be a non-ending conversation. If done at a summit
>>> it needs on how to create a processes and policies that are self
>>> -sustaining. Larry
>>> On Thu, Jan 12, 2017 at 12:50 PM, Dinis Cruz <dinis.cruz at owasp.org>
>>> wrote:
>>>> Hi Larry, I agree with you on the need for OWASP to focus on its
>>>> project's health and I really hope that the environment (villa + meeting
>>>> rooms) that we have created for OWASP projects at the June's Owasp Summit
>>>> 2017 is going to be used to create this global mapping/review of owasp
>>>> projects and its health.
>>>> As we know by experience, it is really hard to review Owasp projects,
>>>> and in my view, the only way to do it, is to create an environment where a
>>>> focused team can work on it (which is the Summit). The idea would be to do
>>>> as much preparation as possible before the Summit, and then use a dedicated
>>>> team of owasp leaders, contributors and employees to create that mapping
>>>> during the Owasp Summit 2017.
>>>> What do you think?
>>>> Dinis
>>>> On 12 Jan 2017 5:19 p.m., "Larry Conklin" <larry.conklin at owasp.org>
>>>> wrote:
>>>> Tom, et-all
>>>> I want to steal your email thread because it does have a common thread
>>>> that I want to explore. We in OWASP proudly keep going down a path we don't
>>>> want to with total disregard to reality.
>>>> OWASP code project health. I have been involved with others trying to
>>>> help with getting our code projects into a healthy state. A hard thing to
>>>> accomplish and even much harder than it really should be.
>>>> Recently Claudia put out an email asking the community to help validate
>>>> OWASP code projects for promotion. First as a community, we drop the ball
>>>> in a big way. While everyone seems to have opinions about how projects will
>>>> be maintain, be in github under what ownership/account, what constitutes a
>>>> healthy project. Reading the feedback from Claudia only two people actually
>>>> went thru the process of validating the projects. That is not good for an
>>>> active community.
>>>> Second, I took the time to add comments to my validation. I made the
>>>> comment projects needed to use badges. Please, look at Zap and see how it
>>>> Zap project uses badges. Yes, they are the gold standard for other projects
>>>> in OWASP to strive too. I also made a comment about ownership in GitHub.
>>>> Was any of my feedback sent to the project managers of these projects?
>>>> Can my feedback stop a promotion?
>>>> Third, I would like to know what the staffs (Claudia and Matt) roles
>>>> are and responsibilities for promotion of a project. I think Claudia email
>>>> sent out graduating the projects for promotion was ill advised.  While
>>>> I am in total agreement these, are great projects and add value to OWASP I
>>>> would like to see things like at what project level should the project
>>>> owner be OWASP or for it to be clearly stated for all projects not to be
>>>> under the OWASP account in github. At this point, I don’t have a preference
>>>> other than to say I am tired of reading the same old arguments again and
>>>> again on the OWASP leaders list. We need agree on things and go from there.
>>>> All, we seem to confuse progress as a circular path. We need true
>>>> benchmarks, that are agreed on than we need to have sure we live up to
>>>> these agreements. We need active staff and community involvement.
>>>> Right now, the OWASP project health is broken. To fix it needs
>>>> community and staff. Matt my assumption is when you took the position on
>>>> technical leader this was to be a primary focus for that position. Now is
>>>> your time to rise and shine. Good luck!
>>>> Community, we all need to get behind this. If ever a topic needed to be
>>>> feted at an OWASP summit this is it.
>>>> On Thu, Jan 12, 2017 at 7:13 AM, Tom Brennan <tomb at owasp.org> wrote:
>>>>> Matt congratulations on your 2017 confirmation to OWASP Foundation
>>>>> Chairman.
>>>>> Johanna congratulations on your confirmation on Vice Chairperson and
>>>>> to Andrew on the confirmation of Treasurer. Tobias, Michael and Josh are
>>>>> recognized as members at large in 2017.
>>>>> As I embark on the Secretary role I want to call ALL officers
>>>>> attention to the attached OWASP document for your review, signature and
>>>>> return to me by Friday the 13th 2017.  For reference please find details on
>>>>> the functional purpose of the secretary role http://www.diycommitteegu
>>>>> ide.org/resource/what-role-of-secretary
>>>>> Matt I am also requesting of you that as part of the administrative
>>>>> process that we update and file IRS for 8822B and file within 60 days as
>>>>> required and I will file it.  Please click on below complete, scan and
>>>>> return too.
>>>>> https://www.irs.gov/pub/irs-pdf/f8822b.pdf
>>>>> Look forward to working to improve OWASP's operational logistics,
>>>>> record keeping and ultimately accountability. If anyone has any questions
>>>>> please self schedule time on my calendar by simply clicking below and if
>>>>> needed we will conference in our retained legal council who currently is
>>>>> Perlman and Perlman http://www.perlmanandperlman.com/ when required
>>>>> on issues that are out of my area of expertise and require a letter of
>>>>> advisory on topics that are to be determined.
>>>>> Semper Fi,
>>>>> *Tom Brennan | Mobile:* 973-506-9304  *|* *Schedule vMeeting*: Click
>>>>> Here <http://www.meetme.so/tombrennan>
>>>>> *Tom Brennan | Mobile:* 973-506-9304  *|* *Schedule vMeeting*: Click
>>>>> Here <http://www.meetme.so/tombrennan>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders

Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170118/8fa67e7a/attachment.html>

More information about the OWASP-Leaders mailing list