[Owasp-leaders] AppSec EU

Frank Catucci frank.catucci at owasp.org
Wed Jan 17 20:00:43 UTC 2018


I am with Rory on this perspective and mail list use and the lack of
communications.

On Wed, Jan 17, 2018 at 2:33 PM, Rory McCune <rory.mccune at owasp.org> wrote:

> Hi All,
>
> So I'll add one point here, to provide some perspective of where people
> may be feeling a lack of messaging from the board.  I (and perhaps others)
> tend to use the mailing lists as a means to periodically catch up with
> what's happening with various parts of OWASP.
>
> So I'll look at the OWASP board mailing list if I want to get information
> about the board's deliberations on a particular topic.
>
> At the moment (and I'm not sure if this is a technical issue or perhaps a
> decision to deprecate its use) there don't appear to be any messages on the
> OWASP board mailing list for this year?  Lacking that windows into the
> board's operations could lead to people feeling somewhat more out of the
> loop than in previous years, so it might be an idea to make more of use of
> that.
>
> Cheers
>
> Rory
>
>
> On Wed, Jan 17, 2018 at 6:22 PM, Sherif Mansour <sherif.mansour at owasp.org>
> wrote:
>
>> Thanks Bjoern,
>>
>> I hear you loud and clear.
>>
>> I think the foundation is learning about managing the message with the
>> community & that its a conversation.
>> I have made a note of it here
>> <https://docs.google.com/document/d/1HZFGkLBbbLRhhVh0DAcSS8flWOKSu0gJOui9J_PdSn4/edit?usp=sharing>
>> .
>>
>> Equally if anyone has other improvements they would like to see from
>> OWASP I (personally) added the following google document to discuss.
>> <https://docs.google.com/document/d/16z59SKXbNEwDi1bLobswye1QxryNNdjOdGHdqZ4t-wQ/edit?usp=sharing>
>>
>> On Wed, Jan 17, 2018 at 5:35 PM, Bjoern Kimminich <
>> bjoern.kimminich at owasp.org> wrote:
>>
>>> Hi Sherif,
>>>
>>> I think the major point is, that exactly this "we are working on it
>>> together, please be patient" note should simply have been supplied from the
>>> board to the community much earlier and deliberately.
>>>
>>> Instead, some of us had to keep asking - at least on the mailing list
>>> and on Slack #appseceu - continously and effortlessly for quite a while
>>> until this information was "passed down to the people".
>>>
>>> That was just an unnecessary delay of information (or at least status
>>> update) flow for an organization that considers itself open and transparent.
>>>
>>> Cheers,
>>> Björn
>>>
>>> Am 18. Januar 2018 00:30:35 GMT+08:00 schrieb Sherif Mansour <
>>> sherif.mansour at owasp.org>:
>>>>
>>>> Hi Patrick,
>>>>
>>>> We are close to a way forward, one of the reasons why we haven't
>>>> responded to individual points is that it's the foundation and the chapters
>>>> genuinely want to resolve this issue and work as one.
>>>> Some of the communication (and lack there of) wasn't helpful, but we
>>>> are choosing to work together on this and have something out fairly soon
>>>> (this month).
>>>>
>>>> -Sherif
>>>>
>>>> On Wed, Jan 17, 2018 at 2:18 PM, Patrick Laverty <
>>>> patrick.laverty at owasp.org> wrote:
>>>>
>>>>> Thank you for a response Sherif, but it isn't answering the important
>>>>> questions. The Israel chapter of OWASP leveled some pretty big accusations
>>>>> at the board and the executive director. There has been no response to
>>>>> those accusations. Why? Back on December 26th, Andrew van der Stock said
>>>>> that the board would likely be meeting within the next day, and have a
>>>>> response after that. I don't think there has been anything from the board
>>>>> about this matter.
>>>>>
>>>>> In case there is confusion, the accusations are here:
>>>>> https://www.peerlyst.com/posts/owasp-you-keep-saying-t
>>>>> hat-word-i-do-not-think-it-means-what-you-think-it-means-avid  I also
>>>>> see that the http://2018.appsec.eu site still shows the conference
>>>>> happening in Israel, but the upcoming events page (
>>>>> https://www.owasp.org/index.php/OWASP_Events/upcoming_events) says
>>>>> the location is TBA.
>>>>>
>>>>> Will there be a response to the statements made in the blog post
>>>>> linked above?
>>>>>
>>>>> Thank you.
>>>>>
>>>>> Patrick Laverty
>>>>> OWASP Rhode Island
>>>>>
>>>>> On Wed, Jan 17, 2018 at 1:02 AM, Sherif Mansour <
>>>>> sherif.mansour at owasp.org> wrote:
>>>>>
>>>>>> Hi Everyone,
>>>>>>
>>>>>> The foundation and the board has been regularly communicating with
>>>>>> the chapters and the summit team through out this period, and the new board
>>>>>> will have their first session at the end of January which is as always open
>>>>>> to everyone and the recording is made public. In the meantime the
>>>>>> foundation and our new executive director are working to present 2017
>>>>>> Year End in Review and a strategy for 2018 during that board meeting
>>>>>> at the end of January (a couple of weeks away).
>>>>>>
>>>>>> Kind regards
>>>>>>
>>>>>> On Tue, Jan 16, 2018 at 11:55 PM, Brett Gravois <
>>>>>> brett.gravois at owasp.org> wrote:
>>>>>>
>>>>>>> Just to follow up on this, we as leaders and OWASP have been asked
>>>>>>> about "our response".
>>>>>>> The post is now almost a month old (since Dec 24th) and it seems
>>>>>>> like leadership has remained silent on this.
>>>>>>>
>>>>>>> Has one been issued and I am not seeing it?
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Jan 5, 2018 at 3:53 PM, Patrick Laverty <
>>>>>>> patrick.laverty at owasp.org> wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> Have there been any updates about this? Does the board have an
>>>>>>>> approximate idea on when a response may be available?
>>>>>>>>
>>>>>>>> Thank you.
>>>>>>>>
>>>>>>>> Patrick Laverty
>>>>>>>> OWASP Rhode Island
>>>>>>>>
>>>>>>>> On Dec 26, 2017 5:52 PM, "Andrew van der Stock" <vanderaj at owasp.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> As a Board member, we have to speak with one voice, and we are
>>>>>>>>> about to transition Boards. It would be wrong for us to have 7 or 11
>>>>>>>>> different positions as it would be very confusing to all.
>>>>>>>>>
>>>>>>>>> We are likely to have a call tomorrow (time zones are hard) and
>>>>>>>>> will likely make a statement after that.
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Andrew
>>>>>>>>>
>>>>>>>>> On Dec 26, 2017, at 12:46, Patrick Laverty <
>>>>>>>>> patrick.laverty at owasp.org> wrote:
>>>>>>>>>
>>>>>>>>> I ask this in the literal sense, not in they "why haven't you done
>>>>>>>>> it already" sense. Will there be an official response from OWASP board
>>>>>>>>> about the allegations made here:
>>>>>>>>>
>>>>>>>>> https://www.peerlyst.com/posts/owasp-you-keep-saying-that-wo
>>>>>>>>> rd-i-do-not-think-it-means-what-you-think-it-means-avid
>>>>>>>>>
>>>>>>>>> It seems some strong allegations are made and I personally never
>>>>>>>>> like to make a judgement without hearing from at least both sides.
>>>>>>>>>
>>>>>>>>> I understand we're in the midst of a holiday season, so there may
>>>>>>>>> not have been an opportunity for the board to officially respond just yet,
>>>>>>>>> so I just wanted to inquire as to whether the board does plan to.
>>>>>>>>>
>>>>>>>>> Thank you.
>>>>>>>>>
>>>>>>>>> Patrick Laverty
>>>>>>>>> OWASP Rhode Island
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>
>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Sherif Mansour
>>>>>> OWASP Global Board Member & OWASP London Chapter Leader
>>>>>> Site: https://www.owasp.org/index.php/London
>>>>>> Email: sherif.mansour at owasp.org
>>>>>> Follow OWASP London Chapter on Twitter: @owasplondon  <https://twitter.com/OWASPLondon>
>>>>>> "Like" us on Facebook: https://www.facebook.com/OWASPLondon
>>>>>> Subscribe to our (lightweight) mailing list: https://lists.owasp.org/mailman/listinfo/owasp-london
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> Sherif Mansour
>>>> OWASP Global Board Member & OWASP London Chapter Leader
>>>> Site: https://www.owasp.org/index.php/London
>>>> Email: sherif.mansour at owasp.org
>>>> Follow OWASP London Chapter on Twitter: @owasplondon  <https://twitter.com/OWASPLondon>
>>>> "Like" us on Facebook: https://www.facebook.com/OWASPLondon
>>>> Subscribe to our (lightweight) mailing list: https://lists.owasp.org/mailman/listinfo/owasp-london
>>>>
>>>>
>>
>>
>> --
>>
>> Sherif Mansour
>> OWASP Global Board Member & OWASP London Chapter Leader
>> Site: https://www.owasp.org/index.php/London
>> Email: sherif.mansour at owasp.org
>> Follow OWASP London Chapter on Twitter: @owasplondon  <https://twitter.com/OWASPLondon>
>> "Like" us on Facebook: https://www.facebook.com/OWASPLondon
>> Subscribe to our (lightweight) mailing list: https://lists.owasp.org/mailman/listinfo/owasp-london
>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180117/aa4e367e/attachment-0001.html>


More information about the OWASP-Leaders mailing list