[Esapi-dev] [GPC] Fwd: .NET and Java WAF
Calderon, Juan Carlos (GE, Corporate, consultant)
juan.calderon at ge.com
Mon Aug 8 09:22:21 EDT 2011
It is pretty much fine, just 2 comments
1. A little more specific description
The OWASP Java WAF Project, is an embeddable Application Firewall for
Java Web applications and a ModSecurity port with support for
ModSecurity Language Specification Level 1.
2. not big deal at all but just filling in the spaces, my wiki username
is jcmax.
Regards :)
Juan C Calderon
-----Original Message-----
From: Jim Manico [mailto:jim.manico at owasp.org]
Sent: Monday, August 08, 2011 12:18 AM
To: Christian Heinrich
Cc: Calderon, Juan Carlos (GE, Corporate, consultant); ESAPI-Developers
Subject: Re: [GPC] Fwd: .NET and Java WAF
Looks good and I'm very pleased to see this underway!
- Jim Manico
On Aug 8, 2011, at 12:54 AM, Christian Heinrich
<christian.heinrich at owasp.org> wrote:
> I quickly brought this together, did I miss anything?
>
> <GPC>
> PROJECT NAME:
>
> OWASP Java WAF
>
> PROJECT PURPOSE / OVERVIEW
>
> The OWASP Java WAF Project is the Java Port of the ModSecurity
> Language Specification.
>
> PROJECT ROADMAP
>
> 1. Fork from ESAPI - Completed
> 2. Port ModSecurity Language
> 3. Test Backward Compatibility with ESAPI 4. Release at LATAM
>
> PROJECT LINKS TO EXTERNAL SITES
>
> PROJECT LICENSE
>
> http://www.opensource.org/licenses/bsd-license.php
>
> PROJECT LEADER NAME
>
> Juan Calderon
>
> PROJECT LEADER E-MAIL ADDRESS
>
> juan.calderon at owasp.org
>
> PROJECT LEADER WIKI ACCOUNT
>
> [INSERT]
>
> PROJECT CONTRIBUTORS
>
> Arshan Dabirsiaghi, arshan.dabirsiaghi at owasp.org,
> https://www.owasp.org/index.php/User:Arshan
> Christian Heinrich, christian.heinrich at owasp.org,
> https://www.owasp.org/index.php/User:cmlh
> Jim Manico, jim.manico at owasp.org,
> https://www.owasp.org/index.php/User:Jmanico
>
> PROJECT MAIN LINKS
>
> https://www.owasp.org/images/f/fb/The_ESAPI_Web_Application_Firewall-A
> rshan_Dabirsiaghi.pdf
>
> http://code.google.com/p/owasp-java-waf/
> </GPC>
>
> On Wed, Jul 27, 2011 at 11:51 AM, Jason Li <jason.li at owasp.org> wrote:
>> Christian,
>>
>> There's no need to "escalate" for recognition.
>>
>> Any idea can always be submitted to the GPC and they will be
>> processed by Paulo Coimbra like all other requests.
>>
>> I would encourage the group to read the wiki article on starting an
>> OWASP project
>> (https://www.owasp.org/index.php/How_to_Start_an_OWASP_Project)
>> and ensure that the group submits the necessary information.
>>
>> -Jason
>>
>> On Tue, Jul 26, 2011 at 8:23 PM, Christian Heinrich
>> <christian.heinrich at owasp.org> wrote:
>>> GPC,
>>>
>>> Please consider this notice that "we" intend to escalate for
>>> recognition as an OWASP Project by the GPC shortly after BlackHat
>>> and DefCon.
>>>
>>> Hence I have CC ESAPI Mailing List for discussion in the interim
>>> until the @owasp.org Mailing Lists are created.
>>>
>>> Juan, Ryan, Jason and Jason have been BCC.
>>>
>>> ---------- Forwarded message ----------
>>> From: Christian Heinrich <christian.heinrich at owasp.org>
>>> Date: Tue, Jul 26, 2011 at 8:33 AM
>>> Subject: Re: [Esapi-user] WAF 2.0? alpha on repository
>>> To: "Calderon, Juan Carlos (GE, Corporate, consultant)"
>>> <juan.calderon at ge.com>
>>> Cc: Jim Manico <jim.manico at owasp.org>, Ryan Barnett
>>> <ryan.barnett at owasp.org>
>>>
>>>
>>> Juan,
>>>
>>> On Tue, Jul 26, 2011 at 6:02 AM, Calderon, Juan Carlos (GE,
>>> Corporate,
>>> consultant) <juan.calderon at ge.com> wrote:
>>>> What do you mean closing this off? Having it ready or defining is
>>>> an OWASP project?
>>>
>>> I was referring too having it listed as an OWASP Project, such as an
>>> associated mailing list, etc.
>>>
>>> On Tue, Jul 26, 2011 at 6:02 AM, Calderon, Juan Carlos (GE,
>>> Corporate,
>>> consultant) <juan.calderon at ge.com> wrote:
>>>> Just as a small update, Aldo Salas a certified Java developer is
>>>> helping me out to finish this project, we have a progress meeting
>>>> this Thursday, also I sent a paper proposal to OWASP LATAM to
>>>> present a course on Mod_security for Java this October (that is it
>>>> should be well tested and finished by then) :)
>>>
>>> I can note this milestone in the Project Plan - I will list it for
>>> November to account for the unlikely event that the deadline slips
>>> or to demonstrate that we ship it earlier then expected :)
>>>
>>>
>>> --
>>> Regards,
>>> Christian Heinrich
>>> http://www.owasp.org/index.php/user:cmlh
>>> _______________________________________________
>>> Global-projects-committee mailing list
>>> Global-projects-committee at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/global-projects-committee
>>>
>>
>
>
>
> --
> Regards,
> Christian Heinrich
> http://www.owasp.org/index.php/user:cmlh
More information about the Esapi-dev
mailing list