[GPC] Idea for project: Web Application Security AccessiblityProject

Jeff Williams jeff.williams at aspectsecurity.com
Mon Mar 28 11:23:34 EDT 2011

I'm hoping that this meant wrestling with the full intersection of human factors and web security.  Personally I don't see why we should limit this to disabled users.  Not that they're not important, but there are many ordinary users that have extreme difficulty with web app security.  


Issues like...

·        Can blind people use CAPTCHA?

·        Are browser warning popups understandable?

·        Are there better ways of leveraging "something you know" in a way that isn't brute forceable?

·        How can we manage entitlements (like delegated access to accounts)

·        Software security labels!!!

·        Lots, lots more





From: global-projects-committee-bounces at lists.owasp.org [mailto:global-projects-committee-bounces at lists.owasp.org] On Behalf Of Jason Li
Sent: Monday, March 28, 2011 10:40 AM
To: petr.zavodsky at owasp-czech-republic.cz
Cc: Brad Causey; Global Projects Committee
Subject: Re: [GPC] Idea for project: Web Application Security AccessiblityProject


Hi Petr,


Thanks for your enthusiasm in starting an OWASP Project.


I'm don't quite understand what you would like to accomplish with the project and I was wondering if you could clarify.


Are you talking about creating guidelines for publishing that ensures that our documentation projects are accessible to disabled readers?


What exactly do you mean by "Web Application Security Accessibility"?


Thanks for the clarification!




2011/3/27 Petr Zavodsky - OWASP <petr.zavodsky at owasp-czech-republic.cz>

I have idea for a project.

Project name: Web Application Security Accessiblity Project
Project purpose / Overview: Evalution and enhancement of web application security especially for persons with disabilities. / Web Application Security Accessibility is to which degree a security is accessible to the largest possible range of people, especially for persons with disabilities.

Web Application Security Accessibility defines up to what extent a security is accessible to the largest possible number of people (to the wides possible range of people), especially to persons with disabilities.

Project Roadmap:
1) Situation Monitoring
2) Conception Delimitation
3) Monitoring of Legislation reffering Web Application Security Accessibility
4) User Testing of Web Application Security Accessibility
5) Web Application Security Accessibility Guidelines

Project License: Creative Commons Attribution ShareAlike 3.0 license
Project Leader name: Petr Závodský
Projec Leader email address: petr.zavodsky at owasp-czech-republic.cz
Project Leader wiki acount: http://www.owasp.org/index.php/User:Petr_Závodský <http://www.owasp.org/index.php/User:Petr_Z%C3%A1vodsk%C3%BD> 
Project Contributors:
- TEREZA - Centre for Support of Visual Impaired Students at Universities Department of Mathematics, FNSPE CTU in Prague
- Tomas Bata Univerzity in Zlin (Czech Republic), Faculty of Applied Informatics

Please, send me info about project wiki page and about project mailing list.

Thank you,

Petr Zavodsky
OWASP - Czech Republic
Petr Zavodsky
Homesite: www.polytechnic.name
Web: www.owasp-czech-republic.cz
Web: www.owasp.org/index.php/Czech_Republic
Web: www.owasp.org/index.php/User:Petr_Z%C3%A1vodsk%C3%BD


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global-projects-committee/attachments/20110328/cbfa61f8/attachment.html 

More information about the Global-projects-committee mailing list