[Owasp-guide] 1300 Chapter

Fri Mar 12 12:40:52 EST 2010

Hi Pierre. Thanks for checking in, and for the update!

Regarding "if we find more worksheets themes to work on", yes as you suggest, mark them as a proposed addition/refinement of ASVS. Undoubtedly there will be many proposed additions/refinements as all of the Guides are aligned with ASVS.

Best,

Mike B.

-----Original Message-----
From: Pierre Parrend [mailto:parrend at fzi.de] 
Sent: Friday, March 12, 2010 3:20 AM
To: Boberski, Michael [USA]
Cc: Akash
Subject: 1300 Chapter

Hi Mike

The weekly status for the 1300 chapter 'search malicious code'

- we had a meeting with akash to plan and share the work
- we have sum up the writen content of the chapter, which contrary to other is still to be written afaik
- we should have today the first draft of the 2 worksheets identified in the ASVS

A question: if we find more worksheets themes to work on, is it possible to extend the list, or do we aim at precisely keeping being compliant with the ASVS?
In the 2. case we will probably have update propositions for the ASVS.

Best,
Pierre

Boberski, Michael [USA] wrote:
>
> Hi,
>
> A gentle reminder:
>
> *Step 6: Email the list weekly with your status *
>
> Mike sends out a project status email once a week. Please email the 
> OWASP Development Guide with a brief summary of what you worked on 
> during the past week, what you plan on working on the next, and any 
> issues or requests for assistance. Please try to email your status by 
> COB Thursday Eastern time (Mike is located in the greater Washington 
> DC area).
>
> Tough for me to e.g. help anyone or to help folks understand what each 
> other is up to without doing this, since the team is so distributed.
> Please see the following for more information: 
> http://owasp-development-guide.googlecode.com/files/development-guide-
> contributing.pdf
>
>
> Additional project controls can (and will) be added if necessary, but 
> I'm trying to slow-roll such things, to give teams a chance to 
> self-organize and take ownership of their sections and their efforts, 
> and to carve out some time out of their schedules to work on this.
>
> E.g., I see for example some good work on OWASP-0800 based on SVN 
> updates. I'd love to hear what's the latest for this! Couple 
> sentences, not a dissertation, although I am one who appreciates detail.
>
> Best,
>
> Mike B.
>
> *_A postscript, less gentle:_** DO NOT WORRY ABOUT "SPAMMING" THE 
> LIST. I AM SPECIFICALLY ASKING YOU AS CONTRIBUTORS TO EMAIL IT WITH 
> NEWS ABOUT YOUR GOOD WORKS AND TO USE THE LIST FOR DISCUSSIONS!! HOW 
> YOU HANDLE SOMETHING IN ONE SECTION MAY NOT BE IMMEDIATELY OBVIOUS TO 
> YOU HOW IT MAY BE RELEVANT TO SOMEONE ON ANOTHER SECTION, BUT SOMEONE 
> WORKING ON THE OTHER SECTION MAY THEMSELVES SEE HOW YOUR GOOD WORK 
> COULD HELP THEM OUT.*
>
> ----------------------------------------------------------------------
> --
>
> _______________________________________________
> Owasp-guide mailing list
> Owasp-guide at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-guide
>   

--
==============================================================
Dr. Pierre Parrend
Project Manager, Software Engineering (SE)
Tel: +49 721 9654 - 620
Fax: +49 721 9654 - 621
E-Mail: parrend at fzi.de

==============================================================

FZI Forschungszentrum Informatik an der Universität Karlsruhe Haid-und-Neu-Str. 10-14, 76131 Karlsruhe
Tel.: +49 721 9654 - 0, Fax: +49 721 9654 - 959

Stiftung des bürgerlichen Rechts
Stiftung Az: 14-0563.1 Regierungspräsidium Karlsruhe

Vorstand:
Prof. Dr.-Ing. Rüdiger Dillmann
Dipl. Wi.-Ing. Michael Flor
Prof. Dr. rer. nat. Dr. h.c. Wolffried Stucky Prof. Dr. rer. nat. Rudi Studer

Vorsitzender des Kuratoriums:
Ministerialdirigent Günther Leßnerkraus

==============================================================