Difference between revisions of "GPC/Meetings/2012-07-09"

From OWASP
Jump to: navigation, search
(Created page with "__TOC__ = Agenda = *'''OWASP Project Manager Updates''' **[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 August 2012 Board PM Report] ...")
 
 
(20 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
__TOC__
 
__TOC__
= Agenda =
+
= Project Division Updates =
 
+
*'''OWASP Project Manager Updates'''
+
**[https://www.owasp.org/index.php/OWASP_Project_Manager_Activity_Reports/August_13_2012 August 2012 Board PM Report]
+
  
 
*'''Projects Set Up'''
 
*'''Projects Set Up'''
**[[OWASP Java J2EE Secure Development Curriculum|OWASP Java J2EE Secure Development Curriculum]]
+
**[[OWASP XSSER|OWASP XSSER]]  
**[[OWASP AW00T|OWASP AW00T]]
+
**[[OWASP ONYX|OWASP ONYX]]  
**[[OWASP Passfault|OWASP Passfault]]
+
**[[OWASP Crossword of the Month|OWASP Crossword of the Month]]
**[[OWASP OctoMS|OWASP OctoMS]]
+
 
**[[OWASP OWTF|OWASP OWTF]]
+
*'''Projects Confirmed'''
**[[OWASP Java Uncertain Form Submit Prevention|OWASP Java Uncertain Form Submit Prevention]]
+
**[[OWASP Review BSI IT-Grundschutz Baustein Webanwendungen|OWASP Review BSI IT-Grundschutz Baustein Webanwendungen]]  
**[[OWASP Ecuador|OWASP Ecuador]]
+
**[[OWASP XSSER|OWASP XSSER]]  
**[[OWASP Path Traverser|OWASP Path Traverser]]
+
 
**[[OWASP Watiqay|OWASP Watiqay]]
+
*'''Pending Project Confirmations'''
**[[OWASP Mantra OS|OWASP Mantra OS]]
+
**Forensic Guide: Waiting to hear back from the Project Leader.
**[[OWASP Security Shepherd|OWASP Security Shepherd]]
+
**Xelenium: Waiting to hear back from the Project Leader.
**[[OWASP Xenotix XSS Exploit Framework|OWASP Xenotix XSS Exploit Framework]]
+
**Intelligent Security: Waiting to hear back from the Project Leader.
 +
 
 +
*'''Pending Project Donations'''
 +
**[[OWASP XSSER|OWASP XSSER]]  
 +
**OWASP XSS Cheat Sheet
 +
 
 +
*'''Pending New Project Leader Appointment'''
 +
**[[OWASP Stinger project|OWASP Stinger project]]  
 +
 
 +
* '''Inquiries to the Committee'''
 +
**What is the project donation process? Keith can you elaborate on it?
 +
**I have a volunteer wanting to take over a project that is inactive. We cannot get hold of the previous PL? What is the process to change leaders, if any?
 +
 
 +
 
 +
==Currently Working On==
 +
*'''Projects Communications Restructuring'''
 +
**I have begun to create the wiki template for the new OWASP Projects page.
 +
**I am having a bit of trouble with the tabs, but I am getting help from volunteers on how to do this.
 +
 
 +
*'''Daily Project based queries and requests'''
  
*'''Currently Working On'''
+
*'''[https://docs.google.com/a/owasp.org/document/d/1xek9eZqAAt-koEuhOcXE9PoVCsAZ1WZJJoLzVMVj2Ew/edit AppSec USA OSS]'''
**Projects Communications Restructuring: See Below.
+
**We rolled out the marketing for this recently, and we have received 6 entries.  
**Daily Project based queries and requests
+
**As of today, all 6 entries have been accepted.  
**[https://docs.google.com/a/owasp.org/document/d/1xek9eZqAAt-koEuhOcXE9PoVCsAZ1WZJJoLzVMVj2Ew/edit AppSec USA OSS]
+
**I am drafting acceptance letters with information on what comes next for the attendees.These will be sent out next week. We are now sorting logistics for the accepted project leaders.  
**[https://docs.google.com/a/owasp.org/document/d/13jWO7jFfe9NUVlGIddZRrnLA8G5IOTNPjogb61lbbB0/edit OWASP ZAP Project Marketing Recommendations]
+
**There is the question of travel aid for some of the project leaders. I suggest we set aside $3,000 for those PLs that ask for financial assistance to get to AppSec USA.  
**[https://docs.google.com/a/owasp.org/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit#bookmark=id.ceef3790c8d6 DHS Host Project Funding Proposal]
+
**[https://docs.google.com/a/owasp.org/document/d/12Pn191CMKzrv1M7H2xtqIAN9VKRSGPfG7VkztCugDWU/edit OWASP Grant Recommendations]
+
  
*'''Current Projects Communications/Documents'''
+
*'''[https://docs.google.com/a/owasp.org/document/d/13jWO7jFfe9NUVlGIddZRrnLA8G5IOTNPjogb61lbbB0/edit OWASP ZAP Project Marketing Recommendations]'''
**[https://docs.google.com/a/owasp.org/document/pub?id=1ilLGVEM4zWiPgMPDRHe8ARdeLSnoBTUtMq0C-Ta45tc&ndplr=1 Projects Hanbook]
+
**The marketing recommendations have been agreed on by Simon and I.  
**[https://www.owasp.org/index.php/OWASP_Projects_Dashboard_2.0 Projects Dashboard 2.0]
+
**I am currently putting together the projects plan to implement them.  
**[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AhtB029bdcxGdFN1R2NIMTNROXN3dml4ZEcxXzJQYXc#gid=0 OWASP Global Feedback and Inquiry Form]
+
**[https://www.owasp.org/index.php/Category:OWASP_Project OWASP Projects Home Page]
+
**[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdEY5cjQ1ZXByYnBkWTZ4dVNid0V1TXc&pli=1#gid=0 Projects Inventory: What are these non-projects doing in this document?]
+
**[https://www.owasp.org/index.php/OWASP_Reviews_Dashboard OWASP Reviews Dashboards: How does one apply for review?]
+
**[https://www.owasp.org/index.php/OWASP_Project_Reviewers_Database Project Reviewers Database]
+
**[https://www.owasp.org/index.php/OWASP_Projects_Dashboard_2.0/By_Set_Up_Order OWASP Projects Dashboard 2.0/ Set up Order]
+
**[https://www.owasp.org/index.php/OWASP_Training OWASP Training: Promote awareness of projects]
+
**[https://docs.google.com/a/owasp.org/document/d/1Od_6wu8H1fiWlLN9A86NXxQvE1eiEmn4Pp58Y4sbuyI/edit#heading=h.8jvfxkx0l2we OWASP Projects FAQ]
+
  
*'''My Recommendations for a Projects Communication Structure'''
+
*'''[https://docs.google.com/a/owasp.org/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit#bookmark=id.ceef3790c8d6 DHS Host Project Funding Proposal]'''
*[https://www.owasp.org/index.php/AppSecLatam2012 This is what I want it to resemble visually.]
+
**Andrew, Matteo, Eoin and I met to speak about this in more depth. Deborah, the home office representative, had some concerns about PM software and travel expenses in the budget.
*[https://www.owasp.org/images/d/d5/Projects_Communication_Organisation.jpg Organisation of Project Information]  
+
**She would like to know if we are able to re-allocate the PM software and travel expenses to the OWASP portion of the budget. This meeting clarified many of the questions I had about Deborah's concerns.
 +
**The PM software is available as open source to open source projects, and we have applied for a license already. The travel expenses can now come from the OWASP section of the budget.
 +
**Kate, Deborah and I participated in an interview where we discussed DHS concerns. See above. The interview went very well, and we are currently waiting to hear back from her.
 +
**Meeting Outcome: She was going to send us specific instructions on what she needed from us regarding the budget, and she is going to send us an updated proposal form so we can start applying for 2 other OWASP projects she expressed an interest in.
  
* '''Current Project Lifecycle, Reviews and Community Concerns'''
+
*'''[https://docs.google.com/a/owasp.org/document/d/1f83ShmjwLpmybSVJIBhEXDxTrKuNcIPO3ok0ubAs4t8/edit Atlassian Open Source License]'''  
**Needs streamlining: Concerns over unclear process
+
**Andrew and I worked together on this application.
**Lost a project due to complexity of process graduation process
+
**The Atlassian representative has gotten back to us and the company has decided that a community license would be better for this project. We are in the process of writing an application for the new license recommendation.
***“overly complicated, too many reviewers, frustrating” - OWASP Volunteers
+
**Process Forms? Where are they? Ex. Project Donation Form. Where is Project’s Portal?
+
  
* '''PM Inquiries to the Committee'''
 
**Proposal for Next Primary Goal: Organisation and updating of Projects information/communication
 
**Proposal for Third Primary Goal: organise/structure/create project review process
 
**Is this what you are looking for in terms of organisation of information
 
**Shall we update current pages to reflect the current project lifecycle and assessment criteria that has already been agreed to with the understanding that it shall be streamlined in the future?
 
  
 +
==Projects Communication Structure Development Update==
 +
# We agreed to organize our projects communication through the use of Tabs in the OWASP Projects section of the wiki. I am currently developing the tabs structure on my local machine.
 +
# We agreed that all of the projects documentation must either be updated or created and organized in the correct locations on the wiki. I am currently organizing the documentation.
  
==Attendees==
 
* Samantha Groves (OWASP Project Manager)
 
* Justin Searle (Committee Member)
 
* Keith Turpin (Committee Member)
 
  
==Decisions==
+
==AppSec Ireland==
# We will have weekly meetings to discuss updates on projects issues. The meetings will be every Friday at 2pm GMT.  
+
# Have been in Dublin, Ireland for AppSec Ireland: From Monday, September 03 - Thursday, September 06.
# Communications structure has been agreed upon. We will organise our projects communication through the use of Tabs in the OWASP Projects section of the wiki.  
+
# Went to help out with the conference and familiarize myself with the way AppSec events are run.
# Agreement has been made to finish the OWASP Projects Handbook
+
# Sat in on a full day training with Jim Manico: Thank you Jim.
# Committee must re-evaluate the project lifecycle procedure
+
# Helped coordinate the printing and delivery of OWASP branded items.
# All of the Projects documentation must either be updated or created and organised in the correct locations on the wiki. Changes should be agreed upon by the committee before they are made live to the community.
+
# Helped manage the registration and information desk.
  
==Action Items==
 
# Jason Li and Samantha will meet next week, Tues 28th August 2012, to discuss items in more detail.
 
# Justin will work on the Project's Handbook before our next GPC meeting
 
# Samantha will add Project Lifecycle recommendations before our next GPC meeting
 
# Find out what is Jason's availability to participate in the GPC
 
# What is the availability of other GPC members?
 
  
 +
==Important Meeting Outcomes and Discussion Points==
 +
# We will have weekly meetings to discuss updates on projects issues. The next meeting will be held on Friday, September 14th 2012 at 2pm BST.
 +
# Jason Li has expressed concern over his minimal availability to represent the GPC as Chair of the Committee.
 +
# Discussion on the availability of all members.
 +
# Larry Casey has resigned his post on the GPC.
 +
# Welcome Nishi Kumar, our newest member!
 +
# Apologize for cancelling today's meeting due to illness.
  
 
[[Category:GPC_Meetings]]
 
[[Category:GPC_Meetings]]
 
[[Category:GPC_Meetings/2011]]
 
[[Category:GPC_Meetings/2011]]

Latest revision as of 17:48, 7 September 2012

Project Division Updates

  • Pending Project Confirmations
    • Forensic Guide: Waiting to hear back from the Project Leader.
    • Xelenium: Waiting to hear back from the Project Leader.
    • Intelligent Security: Waiting to hear back from the Project Leader.
  • Pending Project Donations
  • Inquiries to the Committee
    • What is the project donation process? Keith can you elaborate on it?
    • I have a volunteer wanting to take over a project that is inactive. We cannot get hold of the previous PL? What is the process to change leaders, if any?


Currently Working On

  • Projects Communications Restructuring
    • I have begun to create the wiki template for the new OWASP Projects page.
    • I am having a bit of trouble with the tabs, but I am getting help from volunteers on how to do this.
  • Daily Project based queries and requests
  • AppSec USA OSS
    • We rolled out the marketing for this recently, and we have received 6 entries.
    • As of today, all 6 entries have been accepted.
    • I am drafting acceptance letters with information on what comes next for the attendees.These will be sent out next week. We are now sorting logistics for the accepted project leaders.
    • There is the question of travel aid for some of the project leaders. I suggest we set aside $3,000 for those PLs that ask for financial assistance to get to AppSec USA.
  • DHS Host Project Funding Proposal
    • Andrew, Matteo, Eoin and I met to speak about this in more depth. Deborah, the home office representative, had some concerns about PM software and travel expenses in the budget.
    • She would like to know if we are able to re-allocate the PM software and travel expenses to the OWASP portion of the budget. This meeting clarified many of the questions I had about Deborah's concerns.
    • The PM software is available as open source to open source projects, and we have applied for a license already. The travel expenses can now come from the OWASP section of the budget.
    • Kate, Deborah and I participated in an interview where we discussed DHS concerns. See above. The interview went very well, and we are currently waiting to hear back from her.
    • Meeting Outcome: She was going to send us specific instructions on what she needed from us regarding the budget, and she is going to send us an updated proposal form so we can start applying for 2 other OWASP projects she expressed an interest in.
  • Atlassian Open Source License
    • Andrew and I worked together on this application.
    • The Atlassian representative has gotten back to us and the company has decided that a community license would be better for this project. We are in the process of writing an application for the new license recommendation.


Projects Communication Structure Development Update

  1. We agreed to organize our projects communication through the use of Tabs in the OWASP Projects section of the wiki. I am currently developing the tabs structure on my local machine.
  2. We agreed that all of the projects documentation must either be updated or created and organized in the correct locations on the wiki. I am currently organizing the documentation.


AppSec Ireland

  1. Have been in Dublin, Ireland for AppSec Ireland: From Monday, September 03 - Thursday, September 06.
  2. Went to help out with the conference and familiarize myself with the way AppSec events are run.
  3. Sat in on a full day training with Jim Manico: Thank you Jim.
  4. Helped coordinate the printing and delivery of OWASP branded items.
  5. Helped manage the registration and information desk.


Important Meeting Outcomes and Discussion Points

  1. We will have weekly meetings to discuss updates on projects issues. The next meeting will be held on Friday, September 14th 2012 at 2pm BST.
  2. Jason Li has expressed concern over his minimal availability to represent the GPC as Chair of the Committee.
  3. Discussion on the availability of all members.
  4. Larry Casey has resigned his post on the GPC.
  5. Welcome Nishi Kumar, our newest member!
  6. Apologize for cancelling today's meeting due to illness.