Difference between revisions of "Quotes"

From OWASP
Jump to: navigation, search
Line 16: Line 16:
  
 
* Quotes must focus on a topic that significantly affects our mission
 
* Quotes must focus on a topic that significantly affects our mission
* Quotes must represent the "rough consensus" of the OWASP community
+
* Quotes must represent the "rough consensus" of the OWASP community, as decided by the OWASP Board
 
* Quotes must promote application security and OWASP
 
* Quotes must promote application security and OWASP
 
* Quotes must be consistent with our ethics and principles
 
* Quotes must be consistent with our ethics and principles
 
* Quotes must not directly endorse or recommend any vendor
 
* Quotes must not directly endorse or recommend any vendor
* Quotes can be changed or revoked after its publication
 
 
* The quote drafting, discussion, and approval process will be free and open to all
 
* The quote drafting, discussion, and approval process will be free and open to all
  
Line 35: Line 34:
 
Quotes will be drafted by the OWASP Board based on submissions from anyone. All quotes will be listed in the table below and linked to an individual page with an appropriate title starting with "Quote-".  Discussion on the quote should be carried out on the discussion page for that quote.
 
Quotes will be drafted by the OWASP Board based on submissions from anyone. All quotes will be listed in the table below and linked to an individual page with an appropriate title starting with "Quote-".  Discussion on the quote should be carried out on the discussion page for that quote.
  
The comment period will stay open for a week. If a "rough consensus" can be achieved in that time, then the OWASP Board will move the quote to "approved" status and it will be final.  Discussion of the quote can, of course, continue.  Quotes will not be changed once they have been approved.  However, additional quotes can be added to the same page to update the status of the quote as events warrant.
+
The comment period will stay open for a week. If a "rough consensus" can be achieved in that time, then the OWASP Board will move the quote to "approved" status and it will be final.  Discussion of the quote can, of course, continue.  Quotes will not be changed once they have been approved.  However, additional information and quotes can be added to the same page to update the status of the quote as events warrant.
  
  

Revision as of 20:55, 30 July 2010

Experimental Status

The OWASP Quotes project is currently in an experimental status. We are working out the process for generating and promoting quotes that support our mission. The rules and process may and probably will change during this experimental period. If you have comments or ideas about how we can improve this function, please don't hesitate to let us know on the discussion page or email owasp@owasp.org.


OWASP Quotes

From time to time, OWASP needs to speak out about issues that affect our mission. We have done this throughout our history using tools like keynote addresses, open letters, interviews, presentations, and standards. This project is about capturing those thoughts, expressing them in a compelling way, getting our community behind them, and promoting them where they will do some good. Together, the combined voice of OWASP is a powerful force, and one that we can harness to help achieve our mission.

We may create quotes about commercial activities. This is not about OWASP "giving" quotes to companies, but about OWASP controlling the message. OWASP quotes may increase pressure on organizations to do the right thing. Nevertheless, our intent is to focus primarily on recognizing positive behavior in the market. Quotes that are critical will only be created after a reasonable attempt to work with the affected parties without progress.


Rules

The "OWASP Quotes" project creates quotes subject to the following rules:

  • Quotes must focus on a topic that significantly affects our mission
  • Quotes must represent the "rough consensus" of the OWASP community, as decided by the OWASP Board
  • Quotes must promote application security and OWASP
  • Quotes must be consistent with our ethics and principles
  • Quotes must not directly endorse or recommend any vendor
  • The quote drafting, discussion, and approval process will be free and open to all

OWASP is under no obligation to create quotes about anything, particularly commercial ventures. We also have no obligation to use any particular language or focus on any particular topic in our quotes.


Submission

OWASP welcomes the involvement of external companies and organizations. If you are doing something that you believe the OWASP community might be interested in, please don't hesitate to contact us at owasp@owasp.org. We would particularly like to hear if you are doing something innovative that will help us achieve our mission.


Quote Process

Quotes will be drafted by the OWASP Board based on submissions from anyone. All quotes will be listed in the table below and linked to an individual page with an appropriate title starting with "Quote-". Discussion on the quote should be carried out on the discussion page for that quote.

The comment period will stay open for a week. If a "rough consensus" can be achieved in that time, then the OWASP Board will move the quote to "approved" status and it will be final. Discussion of the quote can, of course, continue. Quotes will not be changed once they have been approved. However, additional information and quotes can be added to the same page to update the status of the quote as events warrant.


Draft Quotes

Date Status Discussion Title
July 28, 2010 Draft Discussion Quote-Veracode Provides Visibility into Their Verification Process for the OWASP Top 10


Approved Quotes

Date Status Discussion Title
TBD Approved Discussion TBD