[GPC] Idea for project: Web Application Security AccessiblityProject

Paulo Coimbra paulo.coimbra at owasp.org
Wed Apr 6 14:44:03 EDT 2011


Hello Petr,

 

First of all, I thank you for volunteering to lead an OWASP Project.  It is with volunteers like yourselves that OWASP continues to succeed in making application security visible. 

 

Secondly, here http://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About  is the project’s wiki page which has been placed amongst all the other OWASP Projects http://www.owasp.org/index.php/Category:OWASP_Project#tab=Alpha_Status_Projects. 

 

Please check it out and let me know if you find any problems or mistakes and feel obviously free to add any additional information to the project’s wiki page or to request assistance regarding its edition. 

 

Thirdly, please note that the following basic data is still missing:

 

-        Project leader and contributors wiki username* - https://www.owasp.org/index.php?title=Special:UserLogin <https://www.owasp.org/index.php?title=Special:UserLogin&type=signup> &type=signup, 

 

Fourthly, later on, when your project reaches a point that you'd like OWASP to assist in its promotion, we will need the following to help spread the word about it:

 

-        Project Flyer/Pamphlet (PDF file): http://globalprojectscommittee.wordpress.com/2009/07/21/what-is-this-project-flyerpamphlet-thing/. 

-        Conference style presentation describing the project in at least 3 slides - http://globalprojectscommittee.wordpress.com/2009/07/27/what-is-the-3x-slide-presentation-thing/

 

Fifthly, as work on your project progresses and you are ready to create a new release, please let the Global Projects Committee (GPC) know of the change in status so that we can create the needed template to support it.   

 

The GPC can work with you to get your project assessed and moved up the OWASP quality ladder from Alpha to Beta to Stable.  Not every release requires an assessment - feel free to email the GPC if you are unsure about your project's requirements.  

 

http://www.owasp.org/index.php/Assessment_Criteria_v2.0 

 

That is all for now - I wish you and your project great success.  Thank you for supporting OWASP's mission.

Should you have any questions or require any further information, please do not hesitate to contact me. 

 

Many thanks, best regards,

 

Thanks,

- Paulo

 

* Please fill in your username wiki page with your Resume/Curriculum Vitae, Wiki Contributions and Email Address. Those elements will help us with building a proper idea of your technical profile and will facilitate the contact within OWASP contributors. See http://www.owasp.org/index.php/User:Mtesauro <http://www.owasp.org/index.php/User:Mtesauro>  for an example.

 

 

Thanks,

- Paulo

 

 

Paulo Coimbra,

 <http://www.owasp.org/index.php/User:Paulo_Coimbra> OWASP Project Manager

 

From: Petr Závodský [mailto:petr.zavodsky at owasp-czech-republic.cz] 
Sent: segunda-feira, 4 de Abril de 2011 08:14
To: Paulo Coimbra
Cc: Jason Li; bradcausey at owasp.org
Subject: RE: Re: [GPC] Idea for project: Web Application Security AccessiblityProject

 

Dear colleagues,

 

I rewrote the project Web Application Security Accessiblity (WASA)  Project.

 

Please see:

OWASP Web Application Security Accessiblity Project ENGLISH.pdf

 

Best regards,

 

Petr Zavodsky

 

 

On Wed, 30 Mar 2011 14:35:04 +0100, "Paulo Coimbra"  wrote:

 

Thank you for the update, Petr. We will be interestedly waiting for  your  re-written plan.

 

Best regards,

 

- Paulo

 

Paulo Coimbra,

 

OWASP Project Manager [1]

 

FROM: Petr Závodský [mailto:petr.zavodsky at owasp-czech-republic.cz]

SENT: quarta-feira, 30 de Março de 2011 12:28

TO: jason.li at owasp.org; bradcausey at owasp.org; paulo.coimbra at owasp.org

SUBJECT: Fwd: Re: [GPC] Idea for project: Web Application Security  AccessiblityProject

 

Dear colleagues,

 

I will rewrite the project Web Application Security Accessiblity  Project  and I send you again (next week). For better understanding.

 

Petr Z.

 

P.S.: The project is big challenge to a cooperation with universities  and  organizations (in the Czech Republic Toma Bata University in Zlin,  Masaryk  University, University of Economics, Ministry of the Interior of the  Czech  Republic, Czech Blind United etc. - it is good way for OWASP in the  Czech  Republic.

 

-------- Original Message --------

 

SUBJECT:

 

Re: [GPC] Idea for project: Web Application Security  AccessiblityProject

 

DATE:

 

Mon, 28 Mar 2011 16:40:27 -0400

 

FROM:

 

global-projects-committee-owner at lists.owasp.org

 

TO:

 

petr.zavodsky at owasp-czech-republic.cz

 

Yes, it is wrestling with the full intersection of human factors and  web  security.

 

"Web Application Security Accessiblity Project" (It is correct project

name?)- "Security for All" is security for human diversity, social  inclusion and equality.

 

It is about approach to security that can automatically address the  possible range of human abilities, skills, requirements, and  preferences.

 

"Web Application Security Accessiblity" is a term for describe the  degree  to which a security is available to as many people as possible.

 

Jeff, you're right . We needn't limit to disabled users. (A disabled  users

- it is my specialization. But it isn't problem - "Security for All".)

 

Jason, I talking about creating a guidelines for a web designers, web  developers, web operators, e-government, web entrepreneurs etc. But way  to  creating a guidelines is long.

 

Petr

 

Dne 28.3.2011 17:23, Jeff Williams napsal(a):

 

I'm hoping that this meant wrestling with the full intersection of  human  factors and web security. Personally I don't see why we should limit  this  to disabled users. Not that they're not important, but there are many  ordinary users that have extreme difficulty with web app security.

 

Issues like…

 

·  Can blind people use CAPTCHA?

 

·  Are browser warning popups understandable?

 

·  Are there better ways of leveraging "something you know" in a way  that  isn't brute forceable?

 

·  How can we manage entitlements (like delegated access to accounts)

 

·  Software security labels!!!

 

·  Lots, lots more

 

--Jeff

 

FROM: global-projects-committee-bounces at lists.owasp.org [2]  [mailto:global-projects-committee-bounces at lists.owasp.org [3] <mailto:[mailto:global-projects-committee-bounces at lists.owasp.org%20[3]> ] ON  BEHALF OF  Jason Li

SENT: Monday, March 28, 2011 10:40 AM

TO: petr.zavodsky at owasp-czech-republic.cz [4]

CC: Brad Causey; Global Projects Committee

SUBJECT: Re: [GPC] Idea for project: Web Application Security  AccessiblityProject

 

Hi Petr,

 

Thanks for your enthusiasm in starting an OWASP Project.

 

I'm don't quite understand what you would like to accomplish with the  project and I was wondering if you could clarify.

 

Are you talking about creating guidelines for publishing that ensures  that  our documentation projects are accessible to disabled readers?

 

What exactly do you mean by "Web Application Security Accessibility"?

 

Thanks for the clarification!

 

-Jason

 

2011/3/27 Petr Zavodsky - OWASP

 

Heelo,

I have idea for a project.

 

Project name: Web Application Security Accessiblity Project  Project purpose / Overview: Evalution and enhancement of web  application  security especially for persons with disabilities. / Web Application  Security Accessibility is to which degree a security is accessible to  the  largest possible range of people, especially for persons with  disabilities.

 

Web Application Security Accessibility defines up to what extent a  security  is accessible to the largest possible number of people (to the wides  possible range of people), especially to persons with disabilities.

 

Project Roadmap:

1) Situation Monitoring

2) Conception Delimitation

3) Monitoring of Legislation reffering Web Application Security  Accessibility

4) User Testing of Web Application Security Accessibility

5) Web Application Security Accessibility Guidelines

 

Project License: Creative Commons Attribution ShareAlike 3.0 license  Project Leader name: Petr Závodský  Projec Leader email address: petr.zavodsky at owasp-czech-republic.cz [6]  Project Leader wiki acount:

http://www.owasp.org/index.php/User:Petr_Závodský [7]  Project Contributors:

- TEREZA - Centre for Support of Visual Impaired Students at  Universities  Department of Mathematics, FNSPE CTU in Prague

- Tomas Bata Univerzity in Zlin (Czech Republic), Faculty of Applied  Informatics

 

Please, send me info about project wiki page and about project mailing  list.

 

Thank you,

 

Petr Zavodsky

--

OWASP - Czech Republic

Petr Zavodsky

Homesite: www.polytechnic.name [8]

Web: www.owasp-czech-republic.cz [9]

Web: www.owasp.org/index.php/Czech_Republic [10]

Web: www.owasp.org/index.php/User:Petr_Z%C3%A1vodsk%C3%BD [11]

 

-- 

 

OWASP - Czech Republic

 

Petr Zavodsky

 

Homesite: www.polytechnic.name [12]

 

Web: www.owasp-czech-republic.cz [13]

 

Web: www.owasp.org/index.php/Czech_Republic [14]

 

Web: www.owasp.org/index.php/User:Petr_Z%C3%A1vodsk%C3%BD [15]

 

-- 

 

Petr Zavodsky

 

OWASP - Czech Republic

 

E-mail: petr.zavodsky at owasp-czech-republic.cz

 

Web: www.owasp-czech-republic.cz

 

Osobni web: www.polytechnic.name

 

Mobil: +420 790 382791

 

ICQ: 551 - 999 - 206

 

--

Petr Zavodsky

OWASP - Czech Republic

E-mail: petr.zavodsky at owasp-czech-republic.cz

Web: www.owasp-czech-republic.cz

Osobni web: www.polytechnic.name

Mobil: +420 790 382791

ICQ: 551 - 999 - 206

 

Links:

------

[1] http://www.owasp.org/index.php/User:Paulo_Coimbra

[2] mailto:global-projects-committee-bounces at lists.owasp.org

[3] mailto:global-projects-committee-bounces at lists.owasp.org

[4] mailto:petr.zavodsky at owasp-czech-republic.cz

[5] mailto:petr.zavodsky at owasp-czech-republic.cz

[6] mailto:petr.zavodsky at owasp-czech-republic.cz

[7] http://www.owasp.org/index.php/User:Petr_Z%C3%A1vodsk%C3%BD

[8] http://www.polytechnic.name

[9] http://www.owasp-czech-republic.cz

[10] http://www.owasp.org/index.php/Czech_Republic

[11] http://www.owasp.org/index.php/User:Petr_Z%C3%A1vodsk%C3%BD

[12] http://www.polytechnic.name

[13] http://www.owasp-czech-republic.cz

[14] http://www.owasp.org/index.php/Czech_Republic

[15] http://www.owasp.org/index.php/User:Petr_Z%C3%A1vodsk%C3%BD

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global-projects-committee/attachments/20110406/c3e9b2c9/attachment-0001.html 


More information about the Global-projects-committee mailing list