<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">+1<div class=""><br class=""></div><div class="">At the beginning OWASP was a good home for ZAP providing a spot in the security world, a brand name from a well known organisation, right now OWASP is getting more visibility every day thanks to ZAP, in my view the focus should be “what is better for the community” instead of “what is better for OWASP”</div><div class=""><br class=""></div><div class="">I prefer to see ZAP growing with the support from a more mature software based open source org (resources, budget, processes) than limit or slow its progress trying to stick it into an OWASP project process that we all know it’s not working very well these days, however OWASP will always be a home for ZAP, I don’t see any reason why ZAP could break the relationship with OWASP, both can continue supporting each other in my view even if ZAP is part of another organisation </div><div class=""><br class=""></div><div class=""><div><blockquote type="cite" class=""><div class="">On Dec 2, 2015, at 07:24, Dinis Cruz <<a href="mailto:dinis.cruz@owasp.org" class="">dinis.cruz@owasp.org</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><p dir="ltr" class="">Small clarification, in my mind 'leaving owasp' is more like a 'child leaving home' vs a divorce</p><p dir="ltr" class="">I wouldn't expect ZAP to be suddenly completely divorced from Owasp or its community. There would always be a connection and collaboration between them. I would also expect ZAP to show it's roots and connection to OWASP (especially in integrations with other Owasp projects).Simon would still be an Owasp leader</p><p dir="ltr" class="">Ironically if ZAP was much widely used by developers , it would expose Owasp to a much wider audience</p>
<div class="gmail_quote">On 2 Dec 2015 9:38 am, "Christo" <<a href="mailto:christo.goosen@owasp.org" class="">christo.goosen@owasp.org</a>> wrote:<br type="attribution" class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  

    
  
  <div text="#000000" bgcolor="#FFFFFF" class="">
    <br class="">
    <div class="">
      
      Hi<br class="">
      <br class="">
      I would hate to see the ZAP project go.<br class="">
      <br class="">
      Its been one of the success stories of OWASP. Gives OWASP a lot of
      recognition considering how often it rates top 5 in Security
      scanner tool surveys.<br class="">
      <br class="">
      Thanks for the hard work Simon, but you must do what is best for
      the project.<br class="">
      <br class="">
      If possible keep it in OWASP<br class="">
      <br class="">
      CG<br class="">
      <br class="">
      <div class="">On 02/12/2015 11:29, Jim Manico
        wrote:<br class="">
      </div>
      <blockquote type="cite" class="">
        
        Simon,<br class="">
        <br class="">
        I am just glad that ZAP is out there in the open source world. <br class="">
        <br class="">
        And frankly, I do not see OWASP doing a lot of support it. If
        you moved it to Mozilla, especially if Mozilla was willing to
        provide resources to continue making it stronger, I would
        support such a move and continue to promote it.<br class="">
        <br class="">
        Respectfully,<br class="">
        Jim<br class="">
        <br class="">
        <br class="">
        <div class="">On 12/2/15 11:05 AM, psiinon wrote:<br class="">
        </div>
        <blockquote type="cite" class="">
          <div dir="ltr" class="">
            <div class="">
              <div class="">
                <div class="">
                  <div class="">
                    <div class="">In a <a href="http://lists.owasp.org/pipermail/owasp-leaders/2015-December/015726.html" target="_blank" class="">recent


                        thread</a> Dinis stated:<br class="">
                      <br class="">
                      "all Owasp projects should be seen as research
                      projects. The moment they are big enough (i.e. big
                      team, support, deliverables) and wish to move
                      beyond the 'research label' , is the moment where
                      they need to leave the 'Owasp nest' and face the
                      real world by themselves"<br class="">
                      <br class="">
                    </div>
                    I have a lot of sympathy for this perspective, and
                    have indeed been wondering if now is the right time
                    for ZAP to "go it alone".<br class="">
                    <br class="">
                  </div>
                  I'd like to stress that this is not just because of
                  recent controversies, so I'd like to discuss these as
                  general principals rather than in relation to recent
                  events.<br class="">
                  <br class="">
                </div>
                <div class="">I believe that OWASP has been very beneficial to
                  ZAP, but I'm not sure that OWASP is really set up to
                  support projects that have grown to ZAP's size.<br class="">
                </div>
                <br class="">
              </div>
              So, the 2 questions I'd be very interested in feedback on:<br class="">
            </div>
            <ul class="">
              <li class="">Should OWASP projects aim to stand on their own
                outside of OWASP?</li>
              <li class="">Is this the right time for ZAP to do so?<br class="">
              </li>
            </ul>
            <div class="">
              <div class="">
                <div class="">
                  <div class="">
                    <div class="">Many thanks,<br class="">
                      <br class="">
                    </div>
                    <div class="">Simon<br class="">
                    </div>
                    <div class=""><br class="">
                      -- <br class="">
                      <div class=""><a href="https://www.owasp.org/index.php/ZAP" target="_blank" class="">OWASP ZAP</a> Project leader<br class="">
                      </div>
                    </div>
                  </div>
                </div>
              </div>
            </div>
          </div>
          <br class="">
          <fieldset class=""></fieldset>
          <br class="">
          <pre class="">_______________________________________________
OWASP-Leaders mailing list
<a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank" class="">OWASP-Leaders@lists.owasp.org</a>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank" class="">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a>
</pre>
        </blockquote>
        <br class="">
        <br class="">
        <fieldset class=""></fieldset>
        <br class="">
        <pre class="">_______________________________________________
OWASP-Leaders mailing list
<a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank" class="">OWASP-Leaders@lists.owasp.org</a>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank" class="">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a>
</pre>
      </blockquote>
      <br class="">
      <div class="">-- <br class="">
        
        
        <span id="cid:part7.06090505.02010205@owasp.org"><Mail Attachment.png></span><br class="">
        <pre cols="72" class=""> 
Christo Goosen
OWASP Cape Town Chapter Leader
OWASP Foundation
<a href="https://www.owasp.org/" target="_blank" class="">https://www.owasp.org</a></pre>
      </div>
      <br class="">
    </div>
    <br class="">
  </div>

<br class="">_______________________________________________<br class="">
OWASP-Leaders mailing list<br class="">
<a href="mailto:OWASP-Leaders@lists.owasp.org" class="">OWASP-Leaders@lists.owasp.org</a><br class="">
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" target="_blank" class="">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br class="">
<br class=""></blockquote></div>
_______________________________________________<br class="">OWASP-Leaders mailing list<br class=""><a href="mailto:OWASP-Leaders@lists.owasp.org" class="">OWASP-Leaders@lists.owasp.org</a><br class="">https://lists.owasp.org/mailman/listinfo/owasp-leaders<br class=""></div></blockquote></div><br class=""></div></body></html>