[Global_education_committee] Secure Coding Quick Reference

Paulo Coimbra paulo.coimbra at owasp.org
Thu Sep 2 07:10:47 EDT 2010


Keith,

 

The reviewed version of the project presentation has been uploaded. I’ve
quickly glanced at it and, if you allow my comment, it seemed very well
structured to me. I hope and anticipate you will be clapped at AppSec USA
next week.

 

As for the Word version of the guide, it had already been uploaded on the
release page
http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quic
k_Reference_Guide/Releases/Current which appears to me to be the best place
to make it available. Please let me know if you want it uploaded also on the
‘project about’ tab.   

 

Many thanks, best regards,

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: Turpin, Keith N [mailto:keith.n.turpin at boeing.com] 
Sent: quarta-feira, 1 de Setembro de 2010 19:58
To: Paulo Coimbra
Subject: RE: Secure Coding Quick Reference

 

Thanks so much for your help. 

 

I am working and getting the content together for the main tab now and have
reviewed some other project's pages.

 

Please upload the updated presentation for me, if you would. This is the
presentation I will be giving at AppSec USA next week.

 

Also I had originally sent the Word version of the guide, but did not see it
on the "project about" tab. Did I miss it or does it not get posted there. I
can resend if needed.

 

 

Keith Turpin CISSP, CSSLP
The Boeing Company
Information Security
(206) 683-9667 

Email Notice: This communication may contain sensitive information. If you
are not the intended recipient, or believe that you have received this
communication in error, do not print, copy, retransmit, disseminate or
otherwise use the information. Respond to the sender that you have received
this e-mail in error, and delete the copy you received.

 

 

  _____  

From: Paulo Coimbra [mailto:paulo.coimbra at owasp.org] 
Sent: Wednesday, September 01, 2010 10:56 AM
To: Turpin, Keith N
Cc: global-projects-committee at lists.owasp.org; 'OWASP Foundation Board List'
Subject: RE: Secure Coding Quick Reference

Keith,

 

There is no problem at all with your difficulties which are perfectly
understandable given your limited wiki edition experience. 

 

As for your questions, I would say that, even though they were thought to
serve different purposes, you can edit both ‘tabs’. In my perspective the
‘Project About’ tab can be edited either by the Project Leader and the OWASP
Global Projects Committee (GPC) but the ultimate responsible is the latter.
The ‘Project About’ tab was thought to create a certain level of
standardization within OWASP Projects, to make sure that basic info as
project contributors’ contacts and downloadable files etc are constantly
accessible and, the last but not the least, to assure that the GPC has
control over the project assessment/rating.

 

As for the ‘Main’ tab (and others possibly created under the project
leader’s criterion), as long as the OWASP principles & code of ethics are
respected, it can/should be used by the project leader with total freedom. I
suggest you browse through a few OWASP Projects to building an idea about
what the other project leaders’ options were. 

 

In more operational terms, the ‘Project About’ tab is supported by a
template created by the GPC and can be accessed here
http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quic
k_Reference_Guide.

 

I believe the GPC’s documentation, regarding the set of templates currently
in use, will soon be considerably ameliorated but, meanwhile, the info
available can be accessed here
http://www.owasp.org/index.php/Category:GPC_Templates.

 

In addition, to understand how the templates work, I suggest, if I may,
skimming over the Wikimedia ‘Help:Template’ link as follows
http://meta.wikimedia.org/wiki/Help:Template.

 

However, while you don’t feel sufficiently familiarized with the Wiki I will
always be here to assist you. 

 

Being so, regarding the need to upload an updated version of the
presentation it´s up to you and you can try and do it yourself or send it
over.

 

I hope this helps, many thanks, best regards,

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: Turpin, Keith N [mailto:keith.n.turpin at boeing.com] 
Sent: quarta-feira, 1 de Setembro de 2010 16:46
To: Paulo Coimbra
Subject: RE: Secure Coding Quick Reference

 

I am taking a look at the wiki pages and had a couple questions.

 

There are currently two tabs "Main" and "Project About".

 

If I log in and go to the project page it appears that I can edit the "Main"
tab, but can I edit the "Project About" tab? I have an updated version of
the presentation to upload.

 

I have seen that some projects have multiple tabs. I don't see a need for
this at the moment, but I was wondering if this is something I do myself or
ask to have created for me.

 

Sorry if these are silly questions, but this is my first time working on the
site or using this wiki system.

 

 

Keith Turpin CISSP, CSSLP
The Boeing Company
Information Security
(206) 683-9667 

Email Notice: This communication may contain sensitive information. If you
are not the intended recipient, or believe that you have received this
communication in error, do not print, copy, retransmit, disseminate or
otherwise use the information. Respond to the sender that you have received
this e-mail in error, and delete the copy you received.

 

 

  _____  

From: Paulo Coimbra [mailto:paulo.coimbra at owasp.org] 
Sent: Tuesday, August 31, 2010 12:29 PM
To: Turpin, Keith N; 'Matt Tesauro'
Cc: 'OWASP Foundation Board List'; global-projects-committee at lists.owasp.org
Subject: RE: Secure Coding Quick Reference

Hello Keith,

 

First of all I apologise for my delayed response. Not deferrable personal
issues have kept me out of work for a considerable period of time and
consequently I haven’t been able to seasonably deal with my OWASP duties. I
thank in advance your understanding.

 

Secondly, thank you for volunteering to lead an OWASP Project.  It is with
volunteers like yourselves that OWASP continues to succeed in making
application security visible. 

 

Thirdly, as requested, I’ve created
http://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Referen
ce_Guide wiki page and placed it amongst all the other OWASP Projects
http://www.owasp.org/index.php/Category:OWASP_Project#tab=Alpha_Status_Proje
cts 

 

Please check it out and let me know if you find any problems or mistakes. 

 

Feel free to add any additional information to the project’s wiki page or to
request assistance regarding its edition.

 

Fourthly, the OWASP Global Projects Committee (GPC) will look at the roadmap
and provide feedback on your project:  suggesting projects which are closely
related, resources and contacts which may assist your efforts and any other
suggestions to increase your project's success.

 

Fifthly, the GPC will announce your project to the OWASP community and will
seek a First Reviewer to hopefully assess the Stable Quality Status of your
Release V1.0.

 

I will keep you updated and let you know whenever we have one or a pool of
volunteers ready for you to pick up. 

 

You can follow this recruitment process here
http://www.owasp.org/index.php/OWASP_Project_Reviewers_Database#tab=Project_
Reviewers.2FVolunteers 

 

Meanwhile, I suggest you make your self-assessment.

 

http://www.owasp.org/index.php/Projects/OWASP_Secure_Coding_Practices_-_Quic
k_Reference_Guide/Releases/SCP_v1/Assessment 


That is all for now - I wish you and your project great success.  Thank you
for supporting OWASP's mission.

Should you have any questions or require any further information, please do
not hesitate to contact me. 

Many thanks, best regards,

 

PS. Please let me know whether or not you wish an OWASP email address. 

 

Paulo Coimbra,

OWASP Project Manager <https://www.owasp.org/index.php/Main_Page> 

 

From: Turpin, Keith N [mailto:keith.n.turpin at boeing.com] 
Sent: segunda-feira, 30 de Agosto de 2010 18:29
To: Matt Tesauro; Paulo Coimbra
Subject: Secure Coding Quick Reference

 

I have not heard anything back since sending in the various project
documents. I just want to check status and verify that this will be up on
the site before AppSec USA, since I am planning to do a talk introducing it
there.

 

 

 

Keith Turpin CISSP, CSSLP 

The Boeing Company 

Information Security 

(206) 683-9667 

 

Email Notice: This communication may contain sensitive information. If you
are not the intended recipient, or believe that you have received this
communication in error, do not print, copy, retransmit, disseminate or
otherwise use the information. Respond to the sender that you have received
this e-mail in error, and delete the copy you received.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_education_committee/attachments/20100902/f4aab435/attachment-0001.html 


More information about the Global_education_committee mailing list