[Owasp-leaders] Common numbering
Nam Nguyen
namn at bluemoon.com.vn
Thu Jan 14 22:59:17 EST 2010
Congrats, Mike and Brad! This is a huge leap forward.
By the way, has anyone thought of ensuring the numbering scheme is "machine parsable"? As in, there's only one straight way to parse those numbers, and make sense of them. This could make it easy for tools to generate and read reports that use OWASP numbers.
Cheers
Nam
On Thu, 14 Jan 2010 09:10:30 -0500
"Boberski, Michael [USA]" <boberski_michael at bah.com> wrote:
> Hi,
>
> I'm pleased to report the results of the recent initiative to establish a common numbering scheme across OWASP guides based on the ASVS numbering. Please see the wiki page here: http://www.owasp.org/index.php/Common_OWASP_Numbering
>
> Managing numbers themselves separately from ASVS and the guides going forward will require some care and feeding, so towards that end Brad Causey (co-chair of the GPC) has volunteered to carry the ball from here and turn the wiki page into a proper project and act as its lead.
>
> The project will act as a clearing house and centralized registry for numbers based on ASVS numbering, for example keeping track of deprecated requirements from ASVS and the guides, providing detailed information about how the numbering works, perhaps also publishing and maintaining mapping data sheets to things like WASC.
>
> Please contact affected guide project leads if there are questions about schedules or plans for incorporating the new numbers in future versions of their respective documents. Please contact Brad with any questions related to the new project.
>
> Happy common numbering,
>
> Best,
>
> Mike B.
>
--
Nam Nguyen, CISA, CISSP, CSSLP
Blue Moon Consulting Co., Ltd
http://www.bluemoon.com.vn
More information about the OWASP-Leaders
mailing list