Friday, March 22, 2019
Tuesday, March 12, 2019
Friday, March 8, 2019
Thursday, March 7, 2019
Greetings. I am Mike McCamon the new Interim Executive Director for OWASP. For the past eight weeks I've been getting up to speed and learning about the culture and potential of OWASP and our extended community.Last month I approved a project to move forward with the retirement of mailman. I myself have been a longtime fan of this open source mail list manager, however it is creating a good number of challenges for our community. Several notable points include:
- mailman sends password requests in plain-text email,
- requires additional spam filtering services to manage inbound unwanted email,
- requires knowledgeable sysadmin expertise to manage,
- and there are free alternatives that provide near identical user story functionality.
As I've been told, this retirement/migration has been discussed on/off since October 2016 when it was first suggested to the OWASP Board. It was a topic at the Leaders Meetings of 2018 and more recently in our blog, Connector, and emails to list owners and other members of the community. There is likely no volume of communication that will satisfy every community members' thirst for notice on these types of decisions.
While staff has been getting some negative feedback about this decision, it is also noteworthy we have also been getting a great number of praise and thanks from others - and on balance the positives outweigh the negatives. I take full responsibility for the decision and see this as a unexpected opportunity to learn about decision-making culture of the OWASP community. I am sorry if I have frustrated you. Our staff is already brainstorming ways we can make future policy/process changes more open and predictable. One first step is that we now host Staff Project Plans on the wiki. This project can be reviewed at https://www.owasp.org/index.php/Staff-Projects/Mailman-EOL
In a perfect world we would have extended this migration out over several months time ensuring better community awareness and more opportunities for feedback along the way. Unfortunately recent licensing changes with a service provider, and the impending cancellation of that service on March 22nd, we believe would have rendered our mailing lists on mailman unusable and therefore warranted swift action on a very accelerated timeline. I'm sure in your own work you have faced similar challenging decisions.
Together we are in an enviable position - our community is growing, our work is more relevant than ever, and we have thousands of passionate volunteers working for our cause. However, we cannot sit still. We must look to continuously improve and change to fit our times. It is my most sincere commitment that I, our staff, and the Board does everything in our power to enable the mission of OWASP and showcase your hard work. Thank you for your ongoing commitment toward that endeavor.