[Owasp-board] Vote: Jeff gets Fortify membership money for newESAPI project

Sebastien Deleersnyder Sebastien.Deleersnyder at telindus.be
Tue Jan 8 10:13:17 UTC 2008


YES

It would be nice (as side project?) to have a 'standard XML' way of
representing these rules?

Regards

Seba
-----Original Message-----
From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dinis Cruz
Sent: 08 January 2008 02:47
To: jeff.williams at owasp.org
Cc: OWASP Board
Subject: Re: [Owasp-board] Vote: Jeff gets Fortify membership money for
newESAPI project

My vote is YES

I have no problems with this sponsorship and I am sure Jeff will
deliver.

This sponsorship is different from the ones in the Seasons Of Code
(WoC and SpoC) since the sponsor wants a specific project, and it
makes total sense that it should go to that project's leader (in this
case Jeff).

Apart of being a bit careful (as we are currently) and make sure we
announce it properly, I have no issues with this sponsorship.

It is in fact a good endorsement of Jeff's work on ESAPI and there are
potential good synergies if Fortify's rules can be reuse by LAPSE or
ORIZON project;s.

Dinis Cruz


On 1/7/08, Jeff Williams <jeff.williams at owasp.org> wrote:
>
>
>
>
> Hi Board,
>
>
>
> Brian Chess of Fortify is renewing their membership, and he wants to
fund an
> ESAPI-related project described below.
>
>
>
> I'd like to take on Brian's project personally (and accept the money
> personally), but I want to avoid even the appearance of impropriety.
I can
> promise excellent results though.
>
>
>
> Can the board take up this question?  Dave and I will both recuse
ourselves
> from any vote.
>
>
>
>
> --Jeff
>
>
>
>
>
>
>
> From: Brian Chess [mailto:brian at fortify.com]
>  Sent: Monday, December 31, 2007 2:22 PM
>  To: Dave Wichers; Alison McNamee; jeff.williams at owasp.org;
> dinis.cruz at owasp.net
>  Subject: Re: Fortify OWASP Corporate Membership?
>
>
>
> Jeff, the next season of code project I'm interested in is this:
Developing
> a set of coding guidelines for using ESAPI.  We would encode the
guidelines
> as source code analysis rules, and make the sca rules open source so
that
> they could be adapted to other tools or used as a template for
encoding
> rules for other libraries.
>
>  Brian
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board



More information about the Owasp-board mailing list