PHP Security Consortium Charter
The PHP Security Consortium (PHPSC) promotes secure programming practices within the PHP community through education and exposition while maintaining high ethical standards.
The PHP Security Consortium operates on a two tier membership scheme to ensure that only those willing to put in the effort are allowed to decide the Consortium’s affairs.
- Associate Members – Principals can invite people to participate in technical discussions on the internal mailing list. By joining the mailing list, subscribers become associate members of the Consortium. They also gain a right to participate in Consortium projects.
- Principals – Associate members that have made significant contributions to the Consortium by participating in one or more projects may be invited to become Principals. Their membership must be confirmed by a majority vote of the current Principals.
PHP Security Consortium work is organized into projects. Before work on a project begins, the project lead must prepare a proposal and submit the project for a vote.
- Each project must be approved by a majority vote before it becomes an official project of the Consortium.
- Each project must have a lead.
- Each project can have one or more team members whose work is coordinated by the project lead.
- Projects will not be publicized before the first development phase is completed (to avoid bad publicity from failed projects).
- Projects that fail to deliver are cancelled. Alternatively, the Consortium may assign a new project lead in an attempt to revive the project.