[GPC] [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP TestingGuide: start a new project

Paulo Coimbra paulo.coimbra at owasp.org
Wed Jun 23 18:25:45 EDT 2010


Board, GPC,

In accordance with what had been previously defined when we first built the
unlaunched SoC09 frame, I have agreed with Matteo that the grant can be used
to pay for any project's development related expense with the exception of
the project leader's and the project contributors' time.

http://www.owasp.org/index.php/OWASP_Season_of_Code_2009 

Thanks,

Paulo Coimbra,
OWASP Project Manager

> >-----Original Message-----
> >From: Matteo Meucci [mailto:matteo.meucci at owasp.org]
> >Sent: quarta-feira, 23 de Junho de 2010 23:13
> >To: Paulo Coimbra
> >Cc: Jeff Williams; Global Projects Committee; OWASP Foundation Board
> >List
> >Subject: Re: [GPC] [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP
> >TestingGuide: start a new project
> >
> >Hi,
> >that's ok for me to use the same amount of money used for SoC08. Paulo
> >just explained me all the new rules.
> >Thanks again Paulo for your patience and your great support!
> >
> >Mat
> >
> >On Wed, Jun 23, 2010 at 4:00 PM, Paulo Coimbra
> ><paulo.coimbra at owasp.org> wrote:
> >> Matteo,
> >>
> >>
> >>
> >> It’s your call. Please let us your thoughts.
> >>
> >>
> >>
> >> Thanks,
> >>
> >>
> >>
> >> Paulo Coimbra,
> >>
> >> OWASP Project Manager
> >>
> >>
> >>
> >> From: Jeff Williams [mailto:jeff.williams at owasp.org]
> >> Sent: terça-feira, 22 de Junho de 2010 18:54
> >> To: 'Paulo Coimbra'; 'Jeff Williams'; 'Global Projects Committee';
> >'OWASP
> >> Foundation Board List'
> >> Cc: 'Matteo Meucci'
> >> Subject: RE: [GPC] [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP
> >> TestingGuide: start a new project
> >>
> >>
> >>
> >> Yes.  I was expecting to match the last SOC support to the Testing
> >Guide,
> >> unless there’s a specific request from Matteo for a different
> >budget.
> >>
> >>
> >>
> >> --Jeff
> >>
> >>
> >>
> >> Jeff Williams, Chair
> >>
> >> The OWASP Foundation
> >>
> >> work: 410-707-1487
> >>
> >> main: 301-604-4882
> >>
> >>
> >>
> >> From: global-projects-committee-bounces at lists.owasp.org
> >> [mailto:global-projects-committee-bounces at lists.owasp.org] On Behalf
> >Of
> >> Paulo Coimbra
> >> Sent: Tuesday, June 22, 2010 1:00 PM
> >> To: 'Jeff Williams'; 'Global Projects Committee'; 'OWASP Foundation
> >Board
> >> List'
> >> Cc: 'Matteo Meucci'
> >> Subject: Re: [GPC] [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP
> >> TestingGuide: start a new project
> >>
> >>
> >>
> >> Hello Jeff,
> >>
> >>
> >>
> >> Just to clarify, when you say ‘Yes - absolutely’ answering the
> >questions
> >> I’ve sent, are you also approving the budget I’ve proposed? If yes,
> >would
> >> you mind putting a number on it?
> >>
> >>
> >>
> >> Thanks,
> >>
> >>
> >>
> >> Paulo Coimbra,
> >>
> >> OWASP Project Manager
> >>
> >>
> >>
> >> From: Jeff Williams [mailto:jeff.williams at owasp.org]
> >> Sent: segunda-feira, 21 de Junho de 2010 20:49
> >> To: 'Paulo Coimbra'; 'Global Projects Committee'; 'OWASP Foundation
> >Board
> >> List'
> >> Cc: 'Matteo Meucci'
> >> Subject: RE: [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP Testing
> >Guide:
> >> start a new project
> >>
> >>
> >>
> >> Yes – absolutely. This is one of OWASP’s banner projects and Matteo
> >has done
> >> a masterful job of it.  Keeping this up to date is critical.
> >>
> >>
> >>
> >> --Jeff
> >>
> >>
> >>
> >> Jeff Williams, Chair
> >>
> >> The OWASP Foundation
> >>
> >> work: 410-707-1487
> >>
> >> main: 301-604-4882
> >>
> >>
> >>
> >> From: owasp-board-bounces at lists.owasp.org
> >> [mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Paulo
> >Coimbra
> >> Sent: Monday, June 21, 2010 10:42 AM
> >> To: 'Global Projects Committee'; 'OWASP Foundation Board List'
> >> Cc: 'Matteo Meucci'
> >> Subject: [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP Testing Guide:
> >start a
> >> new project
> >>
> >>
> >>
> >> Board, GPC,
> >>
> >>
> >>
> >> Could you please respond my email below? Do you have any feedback
> >regarding
> >> Matteo’s proposal to create a fourth version of the Testing Guide?
> >Can he
> >> start the works to produce the new edition? Do you agree with my
> >proposal to
> >> budget this Guide’s improvement?
> >>
> >>
> >>
> >> Thanks,
> >>
> >>
> >>
> >> Paulo Coimbra,
> >>
> >> OWASP Project Manager
> >>
> >>
> >>
> >> From: Paulo Coimbra [mailto:paulo.coimbra at owasp.org]
> >> Sent: quinta-feira, 17 de Junho de 2010 16:40
> >> To: 'Global Projects Committee'
> >> Cc: 'Matteo Meucci'
> >> Subject: RE: OWASP Testing Guide: start a new project
> >>
> >>
> >>
> >> Board, Committee,
> >>
> >>
> >>
> >> As you can see below, Matteo Meucci is willing to create the fourth
> >version
> >> of the Testing Guide and has kindly sent us his idea for
> >approval/feedback.
> >>
> >>
> >>
> >> As we haven’t opened the new season of code still, I propose we make
> >> available a budget to support expenses with language review,
> >pagination
> >> (graphical arrangement of pages) and marketing.
> >>
> >>
> >>
> >> Please let us know your thoughts.
> >>
> >>
> >>
> >> Thanks,
> >>
> >>
> >>
> >> Paulo Coimbra,
> >>
> >> OWASP Project Manager
> >>
> >>
> >>
> >> From: Matteo Meucci [mailto:matteo.meucci at owasp.org]
> >> Sent: segunda-feira, 24 de Maio de 2010 11:37
> >> To: Paulo Coimbra
> >> Subject: OWASP Testing Guide: start a new project
> >>
> >>
> >>
> >> Hi Paulo,
> >>
> >> here is my idea for the new Testing Guide.
> >>
> >>
> >>
> >> (0) Project Name: OWASP Testing Guide (v4?)
> >>
> >>
> >>
> >> (1) Project purpose / overview
> >>
> >> - Review all the control numbers to adhere to the OWASP Common
> >>
> >> numbering: http://www.owasp.org/index.php/Common_OWASP_Numbering
> >>
> >> - Review all the sections in v3
> >>
> >> - Create a more readable guide, eliminating some sections that are
> >not
> >> really usefull
> >>
> >> - Insert new testing techniques: HTTP Verb tampering, HTTP Parameter
> >> Pollutions, ecc
> >>
> >> - Rationalize some sections as Session Management Testing
> >>
> >> - Create a new section: Client side security and firefox extensions
> >testing
> >>
> >>
> >>
> >> (2) Project Roadmap (as mentioned above)
> >>
> >> - Introduce the new project to the testing Guide mailing list
> >>
> >> - Involve the contributors: we need to involve also the final users
> >of the
> >> Testing Guide (for example Banking to understand how they would like
> >to
> >> improve that).
> >>
> >> - 1st June 2010: Start a brainstorming for the new index starting
> >from (1)
> >>
> >> - 1st July 2010: Create the new index and the new team
> >>
> >> - 15th July 2010: Starting writing articles
> >>
> >> - 15th September 2010: Starting the first review phase
> >>
> >> - 15th October 2010: Starting writing articles II phase
> >>
> >> - 15th November 2010: Starting the second review phase
> >>
> >> - 15th December 2010: Create the RC1
> >>
> >> - 15th January 2011: Release the version 4
> >>
> >>
> >>
> >> (3) Project links (if any) to external sites,
> >>
> >> - no
> >>
> >>
> >>
> >> (4) Project License
> >>
> >>
> >(http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_
> >Licensing),
> >>
> >> Creative Commons Attribution Share Alike 3.0 as usal :)
> >>
> >>
> >>
> >> (5) Project Leader name,
> >>
> >> Matteo Meucci
> >>
> >>
> >>
> >> (6) Project Leader email address
> >>
> >> matteo.meucci at owasp.org
> >>
> >>
> >>
> >> (7) Project Leader wiki account - the username (you'll need this to
> >edit the
> >> wiki) Mmeucci
> >>
> >>
> >>
> >> (8) Project Maintainer (if any)  - name, email and wiki account (if
> >any)
> >> Matteo Meucci
> >>
> >>
> >>
> >> (9) Project Contributor(s) (if any) - name email and wiki account
> >(if any) A
> >> short list of contributors that would like to improve the guide:
> >>
> >> - Roberto Suggi Liverani
> >>
> >> - Nick Freeman
> >>
> >> - Stefano Di Paola
> >>
> >> - Marco Morana
> >>
> >> - Giorgio Fedon
> >>
> >> - Kevin Horvath
> >>
> >>
> >>
> >> Thanks,
> >>
> >> Mat
> >
> >
> >
> >--
> >Matteo Meucci
> >OWASP-Italy Chair, CISSP, CISA
> >http://www.owasp.org/index.php/Italy
> >OWASP Testing Guide lead
> >http://www.owasp.org/index.php/Testing_Guide
> >Cell: +393283019559



More information about the Global-projects-committee mailing list