[Global_education_committee] Fwd: [Owasp-board] REQUEST FOR DECISION/CALL FOR CONTRIBUTIONS TO UPDATE THE ASSESSMENT CRITERIA

Seba seba at owasp.org
Mon Mar 2 15:08:14 EST 2009


I have added* 5 slide deck for OWASP Boot Camp project
for everything up from Beta quality
regards

Seba
---------- Forwarded message ----------
From: Paulo Coimbra <paulo.coimbra at owasp.org>
Date: Mon, Mar 2, 2009 at 8:24 PM
Subject: [Owasp-board] REQUEST FOR DECISION/CALL FOR CONTRIBUTIONS TO UPDATE
THE ASSESSMENT CRITERIA
To: OWASP Foundation Board List <owasp-board at lists.owasp.org>,
global_tools_and_project_committee at lists.owasp.org


 Board, Project’s Committee,



Please see below and let me know if you think appropriate we send off this
call for contributions to our leaders’ mailing list. It goes without saying,
feel free to change it as you find best.



Many thanks, regards,



Paulo





Hello Leaders,



I hope you are well.



You better than anyone else know that OWASP as an organization has been
built by your continuous open contributions both by defining its mission,
organizational structure, rules and procedures and by leading the
application security projects that are its core of activity.



In my today’s call for contributions, procedures regarding projects
development’s stage assessment are the main issue.



As you may know, a system to evaluate OWASP projects is already in use and
actually consists in both a set of criteria
http://www.owasp.org/index.php/Category:OWASP_Project_Assessment and a
skeleton/frame to implement it
http://www.owasp.org/index.php/OWASP_Live_CD_2008_Project_-_Assessment_Frame.



With other few subsequent modifications, this set of criteria has mainly
resulted of a vigorous discussion held through this mailing list almost a
year ago and since then it has been used in all newly set up projects.



Since then this issue has been discussed consecutively in several different
contexts. In our Summit, for example, even if we haven’t committed a
specific slot of time to deal with this matter, it has collaterally arisen
throughout many project’s presentations. In addition, I regularly receive
from OWASP Board requests to make modifications, a systemic reflection is
being held within the Project’s Committee and, as result of my daily
handling of projects under review, I am obtaining some feedback from project
leaders and reviewers.



Overall, the people with whom I’ve discussed this issue usually say that the
procedure can be improved and IMHO they are right.



>From these discussions, I’ve retained that a handful of criteria have been
proposed but haven’t been implemented yet as forthcoming:

-          OWASP writing style (Tool projects/Release Quality),

-          Translation (Tools and Documentation/Release Quality),

-          Bi-monthly periodic news (Tools and Documentation/non specified
Quality status),

-          5 slide deck for OWASP Boot Camp project (Tools and
Documentation/Beta status),

-          Attribution rules (Tools and Documentation/non specified Quality
status),

-          Compulsory Project Skeleton/Frame (Tools and Documentation/all
Quality status),

-           Reviewer role - addition and clarification,

http://owaspsoc2008.wordpress.com/2008/07/15/assessment-guidance/

-          Mentor role addition and definition.

In addition, as far as I am concerned, a few more structural comments have
also been made. Even without pointing out alternative technical solutions,
at least a  couple of them have questioned the rationale of working with
tables in wiki text and others have pointed out the willingness of having a
project’s page similar to, for example, this one http://www.hdiv.org/.



Having said all the above with the intention of giving you a picture of the
current situation, I ask for your contribution so as to update the OWASP
Assessment Criteria.



In operational terms, I’ve replicated the Assessment Criteria page
http://www.owasp.org/index.php/Category:OWASP_Project_Assessment_-_Updateand
propose you introduce your changes directly on it. As soon as we
finish
the discussion phase, all the contributions will be moved to the original
wiki page. With the goal of enhancing the discussion, I also propose you use
this mailing list to inform which changes are being proposed and the reason
or goal for doing so.



Please do have into account that you proposals can have implications in the
assessment frame that we are currently using and, if it happens, please
present a compatible solution.



I thank you all in anticipation and look forward to having your
indispensable feedback.

Regards,



Paulo Coimbra,

OWASP Project Manager <https://www.owasp.org/index.php/Main_Page>



_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_education_committee/attachments/20090302/5bb83fdf/attachment.html 


More information about the Global_education_committee mailing list