[Esapi-user] ESAPI changing of the guard

Matt Seil mseil at acm.org
Sat Dec 17 22:38:52 UTC 2016

On Fri, Dec 16, 2016 at 9:18 PM Kevin W. Wall <kevin.w.wall at gmail.com>

> [NOTE: Apologies in advance for cross-posting this
> to 3 OWASP mailing lists at once. If you decide
> you want to Reply-All, make sure you are
> subscribed to all the groups or delete from the
> To:/Cc: lines to those that you are not subscribed
> to. If you fail to do so, you will get your email
> bounced from whatever mailing lists that you have
> not subscribed to.]
> All,
> It is with mixed emotions that I am making this
> announcement, that Chris Schmidt is stepping down
> as long-time ESAPI co-leader and that Matt Seil will be
> taking over that position and attempting to fill
> Chris' shoes.
> On one hand, I'm saddened because Chris was such a
> great leader and contributor for ESAPI. Chris took
> over as co-leader sometime in May 2011, at the same
> time that I did, when Jim Manico handed over us the reigns,
> but Chris' contributions to ESAPI go back way before my
> involvement and his contributions are much broader than mine.
> While I focused mostly on ESAPI's crypto and provided some
> occasional general ESAPI  bug zapping, Chris had his hands
> in almost everything ESAPI (and I mean that in a good way).
> For instance, he single-handedly created the ESAPI for
> JavaScript and the ESAPI Spring Authenticator mini-projects.
> Chris also played the major role in the ESAPI 2.x's
> release management as well as creating the outline
> for the ESAPI 3.x interfaces. His wisdom, insigh, and
> broad experience will be sorely missed by ESAPI.
> However, Chris should be admired in admitting that
> as of late, because of job and personal
> obligations, he has lacked the "time to really
> provide any value to the ESAPI team" and therefore
> is stepping down in the best interest of ESAPI.
> I personally have enjoyed working with Chris for
> these past 5.5 years and have learned a lot from
> him. I hope that he periodically finds time to
> continue to contribute ESAPI in whatever way
> possible.
> On the other hand, I am eagerly looking forward to
> working with Matt Seil as the new ESAPI co-lead.
> Matt was a major contributor to bug fixes for the
> ESAPI release last February. He and I
> worked well together and I think he is highly
> respected in the OWASP community by those who
> know him.
> Shortly after this New Years, Matt and I hope to get
> together and discuss future plans for ESAPI, both
> short-term and long-term goals. Once we have the
> initial groundwork for that recorded in electrons
> somewhere, we will share them with the broader
> ESAPI community to get feedback and then revise
> them as needed. (In the meantime, if you have some
> suggestions that you would like us to potentially
> consider, please email them to Matt and I. [And please
> do so under a new, separate thread! Thanks])
> As I am not sure how to "formalize" this changing
> of the guard from Chris to Matt, I have updated
> the main OWASP wiki pages and GitHub pages and
> added Matt as an "owner" of the ESAPI GitHub
> repo. (If there's anyone on the OWASP Global Project
> Committee [do we still even have that?] or the OWASP
> staff who is reading this and knows of some other
> specific step(s) I need to take to affect this transition
> in a more formal manner, please contact  me privately
> to follow up. Thanks.)
> In the meantime, I hope that along with me, you will
> extend your thanks and appreciation to Chris for his
> labor of love on ESAPI and extend your welcome to
> Matt as the new ESAPI project co-lead.
> Thanks for listening,
> -kevin
> --
> Blog: http://off-the-wall-security.blogspot.com/    | Twitter: @KevinWWall
> NSA: All your crypto bit are belong to us.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20161217/3c1f7420/attachment.html>

More information about the Esapi-user mailing list