[Owasp-board] FW: OWASP / W3C liaison

Dave Wichers dave.wichers at owasp.org
Mon Jul 21 14:30:08 UTC 2008


Sounds reasonable to me.

-----Original Message-----
From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Sebastien
Deleersnyder
Sent: Saturday, July 19, 2008 2:11 PM
To: owasp-board at lists.owasp.org
Cc: 'Arshan Dabirsiaghi'
Subject: [Owasp-board] FW: OWASP / W3C liaison

Hi,

I don't seem to find an affiliation page on OWASP. This is not the same
thing as member.

To add W3C, I suggest adding a new page with affiliations / liaisons to the
wiki.
To be linked to from http://www.owasp.org/index.php/About_OWASP and
http://www.owasp.org/index.php/Membership

Regards

Seba

-----Original Message-----
From: Dave Wichers [mailto:dave.wichers at aspectsecurity.com] 
Sent: vrijdag 11 juli 2008 16:42
To: Thomas Roessler
Cc: Arshan Dabirsiaghi; Kate Hartmann; Sebastien Deleersnyder
Subject: RE: OWASP / W3C liaison

Thanks Thomas. We will do the same (regarding the liason notice).

Kate - can you work with Thomas on the swapping of logos and such, and
getting something up on our site.

Arshan - can you work with Thomas (and keep Seba and me informed) about
how to get attached to and spun up on these 2 working groups?

Thanks, Dave

-----Original Message-----
From: Thomas Roessler [mailto:tlr at w3.org] 
Sent: Friday, July 11, 2008 10:24 AM
To: Dave Wichers
Cc: Sebastien Deleersnyder; jeff.williams at owasp.org; Arshan Dabirsiaghi;
Kate Hartmann; mike at w3.org; w3t-archive at w3.org
Subject: Re: OWASP / W3C liaison

(Changing the CC list a bit.)

Dave,

we'll be adding OWASP to our list of liaisons shortly.

In terms of relevant work items, I'd suggest that the HTML and Web
Applications Working Groups are the ones which are most likely to be
of interest to OWASP (and would benefit most from more participants
with a useful security background):

  http://www.w3.org/2008/webapps/charter/
  http://www.w3.org/2007/03/HTML-WG-charter

Regards,
-- 
Thomas Roessler, W3C  <tlr at w3.org>  +33-4-89063488







On 2008-07-07 09:14:03 -0400, Dave Wichers wrote:
> From: Dave Wichers <dave.wichers at aspectsecurity.com>
> To: Thomas Roessler <tlr at w3.org>
> Cc: Sebastien Deleersnyder <seba at deleersnyder.eu>,
jeff.williams at owasp.org,
> 	Arshan Dabirsiaghi <arshan.dabirsiaghi at aspectsecurity.com>,
> 	team-liaisons at w3.org, t-and-s at w3.org,
> 	Kate Hartmann <kate.hartmann at owasp.org>
> Date: Mon, 7 Jul 2008 09:14:03 -0400
> Subject: RE: OWASP / W3C liaison
> X-Spam-Level: 
> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.1.6
> 
> This seems good to me. OWASP agrees to these terms. Thanks for
arranging
> all this.
> 
> Seba will be the OWASP POC. I think this will be easier for you since
> you are both in the same time zone.  Once OWASP is aware of a W3C
effort
> that we should be working with, we will then identify the OWASP person
> or persons that we'd like to have participate in that effort.
> 
> At this moment, can you provide us with a list of the W3C efforts that
> you think OWASP might or should be interested in. We heard from you
> about HTML 5 in Belgium but I didn't know if there were other efforts
we
> should be following as well. I seem to recall that there were some
more,
> but a specific list would be helpful.
> 
> Thanks, Dave
> 
> p.s. Kate - Can you work with Thomas to provide him with what he needs
> to list our affiliation, like the OWASP Logo or whatever he needs?
> 
> Thomas - Kate is 1 of only 2 OWASP full time employees. She is the
OWASP
> Operations Director, taking care of managing, organizing, and
> facilitating most of OWASP's day to day activities.
> 
> -----Original Message-----
> From: Thomas Roessler [mailto:tlr at w3.org] 
> Sent: Friday, July 04, 2008 10:04 AM
> To: Dave Wichers
> Cc: Sebastien Deleersnyder; jeff.williams at owasp.org; Arshan
Dabirsiaghi;
> team-liaisons at w3.org; t-and-s at w3.org
> Subject: OWASP / W3C liaison
> 
> Dave, Sebastien,
> 
> apologies, again, that things have taken a while on our side; thanks
> for your patience.
> 
> W3C staff internal discussions have basically concluded, and we're
> ready to officially offer you a liaison relationship along the lines
> of what I had previously outlined:
> 
> - W3C and OWASP mutually exchange information when projects, working
>   groups, and similar entities of interest are launched, and of
>   deliverables reaching important milestones.
> 
> - Participation of OWASP volunteers in W3C Working Groups is
>   possible at the discretion of the W3C, under the rules that
>   usually apply to invited experts.
> 
> - We'll list OWASP on the list of liaisons that we entertain with
>   other entities:
>   
>   http://www.w3.org/2001/11/StdLiaison
> 
> I'll be the point person for this liaison on the W3C side.
> 
> Please indicate by e-mail that you agree to these terms, and let me
> know who the point person on the OWASP side will be.
> 
> I look forward to working together in the future.
> 
> Regards,
> -- 
> Thomas Roessler, W3C  <tlr at w3.org>  +33-4-89063488
> 
> 
> 
> 
> 
> 
> On 2008-06-13 16:28:14 +0200, Thomas Roessler wrote:
> > From: Thomas Roessler <tlr at w3.org>
> > To: Dave Wichers <dave.wichers at aspectsecurity.com>
> > Cc: Sebastien Deleersnyder <seba at deleersnyder.eu>,
> jeff.williams at owasp.org,
> > 	Arshan Dabirsiaghi <arshan.dabirsiaghi at aspectsecurity.com>
> > Date: Fri, 13 Jun 2008 16:28:14 +0200
> > Subject: Re: OWASP AppSecEU HTML5 Follow-Up
> > X-Spam-Level: 
> > X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.1.6
> > 
> > Hi Dave,
> > 
> > thanks for your note, and thanks Sebastien for calling this morning.
> > 
> > Sorry that it's taken a bit for me to respond; there's some ongoing
> > discussion internally.  It looks as though we'll propose a liaison
> > style arrangement, in which W3C and OWASP would regularly exchange
> > news about upcoming projects and work items; I'd be the likely
> > candidate to be the point person for that on the W3C side.
> > 
> > Under such an arrangement, participation of OWASP volunteers in W3C
> > Working Groups would be handled on a case-by-case basis, mostly
> > through the invited expert process, to avoid conflicts with our
> > participation requirements which might arise when, e.g., a member
> > company's employee would work through OWASP.
> > 
> > Please let me know whether, in rough term, that sounds like the kind
> > of arrangement that would serve OWASP's needs; I'll continue the
> > internal discussions on our own side.
> > 
> > Regards,
> > -- 
> > Thomas Roessler, W3C  <tlr at w3.org>  +33-4-89063488
> > 
> > 
> > 
> > 
> > 
> > On 2008-06-06 12:42:19 -0400, Dave Wichers wrote:
> > > From: Dave Wichers <dave.wichers at aspectsecurity.com>
> > > To: Thomas Roessler <tlr at w3.org>
> > > Cc: Sebastien Deleersnyder <seba at deleersnyder.eu>,
> jeff.williams at owasp.org,
> > > 	Arshan Dabirsiaghi <arshan.dabirsiaghi at aspectsecurity.com>
> > > Date: Fri, 6 Jun 2008 12:42:19 -0400
> > > Subject: RE: OWASP AppSecEU HTML5 Follow-Up
> > > X-Spam-Level: 
> > > X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000,
version=1.1.6
> > > 
> > > Thomas,
> > > 
> > > I wanted to thank you again for coming to speak at our conference
> and
> > > inviting OWASP to participate in the HTML 5 working group.
> > > 
> > > Thanks for putting that page up on our wiki. That's very helpful.
> > > 
> > > What do we have to do to get the ball rolling on this?
> > > 
> > > If I understand things correctly we have to:
> > > 
> > > 1) Become a member of W3C, and
> > > 2) Start attending (virtual) meetings.
> > > 
> > > Is there more to it than that?
> > > 
> > > Regarding membership, would W3C be able to work out an arrangement
> where
> > > both organizations trade memberships with the other. I suspect W3C
> has
> > > lots more funding that OWASP does so hopefully something like that
> could
> > > be arranged. It appears that OWASP would have to pay $6350 to
join,
> > > which is a lot of $ for OWASP.
> > > 
> > > It looks like most of the 'work' is participating in the virtual
> > > meetings, and maybe weekly calls. I assume that means we have to
do
> a
> > > bit of work to get a good understanding of what is currently
> proposed
> > > and then work on developing some constructive feedback.
> > > 
> > > Does this sound like the right approach to you?
> > > 
> > > Thanks, Dave
> > > 
> > > -----Original Message-----
> > > From: Thomas Roessler [mailto:tlr at w3.org] 
> > > Sent: Tuesday, May 27, 2008 6:58 AM
> > > Cc: tlr at w3.org
> > > Subject: OWASP AppSecEU HTML5 Follow-Up
> > > 
> > > The slides from my OWASP AppSecEU talk on HTML 5 and surrounding
> > > developments are now online, and linked from the conference
agenda:
> > > 
> > >   http://www.owasp.org/index.php/AppSecEU08_HTML5
> > > 
> > > I've used that opportunity to drop a bit of a link list into the
> > > OWASP wiki.  From there, you should be able to quickly find recent
> > > developments and recent editor's drafts of the things that I
talked
> > > about; mostly various parts of HTML5 and the specs that are
relevant
> > > to cross-domain requests.  I've also taken the liberty to add in
> > > some links to information about W3C itself.
> > > 
> > > If you have any questions, or want to talk more, please feel free
to
> > > drop me a line.
> > > 
> > > Regards,
> > > -- 
> > > Thomas Roessler, W3C  <tlr at w3.org>  +33-4-89063488
> > > 
> > > 
> > 
> > 
> 
> 

No virus found in this incoming message.
Checked by AVG - http://www.avg.com 
Version: 8.0.138 / Virus Database: 270.4.8/1547 - Release Date: 11/07/2008
18:05

_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board




More information about the Owasp-board mailing list