[Owasp-leaders] 2017 Roles and Responsibilities

johanna curiel curiel johanna.curiel at owasp.org
Thu Jan 19 02:01:51 UTC 2017

Hi Bev

Thank you so much for clarifying that
 when I said "Now our major problem is that the community is not
participating on validating the reviews done."

I have not mentioned the reason.
Fact: community is not participating
Reasons: the ones you have mentioned among others

A proper Volunteer management program including a portal a a tool should
address these issues. We do not have one, we are not managing volunteer
participation properly, that I totally agree with you


On Wed, Jan 18, 2017 at 2:31 PM, Bev Corwin <bev.corwin at owasp.org> wrote:

> Dear Johanna, I agree with everything except your final paragraph. Our
> major problem is not that the community is not participating. The major
> problem is that when they do participate either a) the technology is poorly
> designed and does not work, and/or b) they receive no response and are
> often ignored, no status updates, timelines of when to expect updates, just
> silence. This is a poor workflow model, non responsive and broken. Thank
> you and best wishes, Bev
> On Wed, Jan 18, 2017 at 6:57 AM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>> >>There is a huge disconnect but I am not sure why or how or where it
>> resides.
>> Thats why I fnid it a priority to have a proper volunteer portal.
>> Without a way to structure and let potential volunteers connect with the
>> tasks we have, become quite difficult even when people want to help
>> I have met many that have asked how they can help. If you look at the
>> volunteer section on our wiki, this is really poor.
>> As someone that has been into project reviews for a quite longtime i can
>> tell you that evaluating projects is a dating tasks.
>> Matt Tesauro came on board as full time Senior technical project manager
>> to help assist that. So yes, he did the reviews and I fully trust Matt's
>> experience in this matter.
>> Now our major problem is that the community is not participating on
>> validating the reviews done. A way is to organize tis during a summit which
>> a fully support, another is like I've been mentioning, creat a proper
>> volunteer portal not only for project reviews but to help support projects
>> in general with new volunteers
>> I'll make an official plan for this part and help execute it. Will send
>> soon a proposal to be discussed with the community
>> Cheers
>> On Mon, Jan 16, 2017 at 8:09 PM, Larry Conklin <larry.conklin at owasp.org>
>> wrote:
>>> But the is the real issue. We have had already projects trying to help
>>> with the issue what is a healthy project. We get lots of input. Then it
>>> dies. We have had this project start-up more than once. On the projects
>>> just pushed to only two people from the community answered Claudia
>>> response. I being one of the two responses. There is a huge disconnect but
>>> I am not sure why or how or where it resides.
>>> My thoughts on attaching to tom's email thread was I wanted some
>>> discussion on Staff responsibilities for project promotion. I also posted
>>> my response on other threads asking why we are not getting community
>>> involvement.
>>> We are hurting OWASP and its brand name for source code projects unless
>>> we get a grasp of what the real issues are.  Zap is good not because of the
>>> community (while they do help in voting) but because of Simon and we know
>>> we have other good projects but we really do need a clean up, remove the
>>> deadwood, provide a throttle so good projects see flagship and not others.
>>> Personally I think doing things by email and wiki hurts in processes
>>> like this where we need better interactively between people.
>>> Larry
>>> On Sun, Jan 15, 2017 at 12:01 PM, Dinis Cruz <dinis.cruz at owasp.org>
>>> wrote:
>>>> of course, but we need a big push of focus and work to get to that
>>>> point (which is what the Summit can facilitate)
>>>> On 12 January 2017 at 18:54, Larry Conklin <larry.conklin at owasp.org>
>>>> wrote:
>>>>> Dinis, this seems to be a non-ending conversation. If done at a summit
>>>>> it needs on how to create a processes and policies that are self
>>>>> -sustaining. Larry
>>>>> On Thu, Jan 12, 2017 at 12:50 PM, Dinis Cruz <dinis.cruz at owasp.org>
>>>>> wrote:
>>>>>> Hi Larry, I agree with you on the need for OWASP to focus on its
>>>>>> project's health and I really hope that the environment (villa + meeting
>>>>>> rooms) that we have created for OWASP projects at the June's Owasp Summit
>>>>>> 2017 is going to be used to create this global mapping/review of owasp
>>>>>> projects and its health.
>>>>>> As we know by experience, it is really hard to review Owasp projects,
>>>>>> and in my view, the only way to do it, is to create an environment where a
>>>>>> focused team can work on it (which is the Summit). The idea would be to do
>>>>>> as much preparation as possible before the Summit, and then use a dedicated
>>>>>> team of owasp leaders, contributors and employees to create that mapping
>>>>>> during the Owasp Summit 2017.
>>>>>> What do you think?
>>>>>> Dinis
>>>>>> On 12 Jan 2017 5:19 p.m., "Larry Conklin" <larry.conklin at owasp.org>
>>>>>> wrote:
>>>>>> Tom, et-all
>>>>>> I want to steal your email thread because it does have a common
>>>>>> thread that I want to explore. We in OWASP proudly keep going down a path
>>>>>> we don't want to with total disregard to reality.
>>>>>> OWASP code project health. I have been involved with others trying to
>>>>>> help with getting our code projects into a healthy state. A hard thing to
>>>>>> accomplish and even much harder than it really should be.
>>>>>> Recently Claudia put out an email asking the community to help
>>>>>> validate OWASP code projects for promotion. First as a community, we drop
>>>>>> the ball in a big way. While everyone seems to have opinions about how
>>>>>> projects will be maintain, be in github under what ownership/account, what
>>>>>> constitutes a healthy project. Reading the feedback from Claudia only two
>>>>>> people actually went thru the process of validating the projects. That is
>>>>>> not good for an active community.
>>>>>> Second, I took the time to add comments to my validation. I made the
>>>>>> comment projects needed to use badges. Please, look at Zap and see how it
>>>>>> Zap project uses badges. Yes, they are the gold standard for other projects
>>>>>> in OWASP to strive too. I also made a comment about ownership in GitHub.
>>>>>> Was any of my feedback sent to the project managers of these
>>>>>> projects? Can my feedback stop a promotion?
>>>>>> Third, I would like to know what the staffs (Claudia and Matt) roles
>>>>>> are and responsibilities for promotion of a project. I think Claudia email
>>>>>> sent out graduating the projects for promotion was ill advised.  While
>>>>>> I am in total agreement these, are great projects and add value to OWASP I
>>>>>> would like to see things like at what project level should the project
>>>>>> owner be OWASP or for it to be clearly stated for all projects not to be
>>>>>> under the OWASP account in github. At this point, I don’t have a preference
>>>>>> other than to say I am tired of reading the same old arguments again and
>>>>>> again on the OWASP leaders list. We need agree on things and go from there.
>>>>>> All, we seem to confuse progress as a circular path. We need true
>>>>>> benchmarks, that are agreed on than we need to have sure we live up to
>>>>>> these agreements. We need active staff and community involvement.
>>>>>> Right now, the OWASP project health is broken. To fix it needs
>>>>>> community and staff. Matt my assumption is when you took the position on
>>>>>> technical leader this was to be a primary focus for that position. Now is
>>>>>> your time to rise and shine. Good luck!
>>>>>> Community, we all need to get behind this. If ever a topic needed to
>>>>>> be feted at an OWASP summit this is it.
>>>>>> On Thu, Jan 12, 2017 at 7:13 AM, Tom Brennan <tomb at owasp.org> wrote:
>>>>>>> Matt congratulations on your 2017 confirmation to OWASP Foundation
>>>>>>> Chairman.
>>>>>>> Johanna congratulations on your confirmation on Vice Chairperson and
>>>>>>> to Andrew on the confirmation of Treasurer. Tobias, Michael and Josh are
>>>>>>> recognized as members at large in 2017.
>>>>>>> As I embark on the Secretary role I want to call ALL officers
>>>>>>> attention to the attached OWASP document for your review, signature and
>>>>>>> return to me by Friday the 13th 2017.  For reference please find details on
>>>>>>> the functional purpose of the secretary role
>>>>>>> http://www.diycommitteeguide.org/resource/what-role-of-secretary
>>>>>>> Matt I am also requesting of you that as part of the administrative
>>>>>>> process that we update and file IRS for 8822B and file within 60 days as
>>>>>>> required and I will file it.  Please click on below complete, scan and
>>>>>>> return too.
>>>>>>> https://www.irs.gov/pub/irs-pdf/f8822b.pdf
>>>>>>> Look forward to working to improve OWASP's operational logistics,
>>>>>>> record keeping and ultimately accountability. If anyone has any questions
>>>>>>> please self schedule time on my calendar by simply clicking below and if
>>>>>>> needed we will conference in our retained legal council who currently is
>>>>>>> Perlman and Perlman http://www.perlmanandperlman.com/ when required
>>>>>>> on issues that are out of my area of expertise and require a letter of
>>>>>>> advisory on topics that are to be determined.
>>>>>>> Semper Fi,
>>>>>>> *Tom Brennan | Mobile:* 973-506-9304  *|* *Schedule vMeeting*: Click
>>>>>>> Here <http://www.meetme.so/tombrennan>
>>>>>>> *Tom Brennan | Mobile:* 973-506-9304  *|* *Schedule vMeeting*: Click
>>>>>>> Here <http://www.meetme.so/tombrennan>
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> --
>> Johanna Curiel
>> OWASP Volunteer
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders

Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170118/663fc320/attachment-0001.html>

More information about the OWASP-Leaders mailing list