[Owasp-board] URGENT - Fwd: [WebSand] Letter of Interest from OWASP

Jeff Williams jeff.williams at owasp.org
Tue Oct 20 21:27:47 UTC 2009


Will what they produce be free and open source? I take it that it's  
not for profit for now?  But is that guaranteed?

If so, then a letter is fine.  Thanks.

--Jeff

Jeff Williams
Aspect Security
work: 410-707-1487
main: 301-604-4882



On Oct 20, 2009, at 12:19 PM, Seba <seba at owasp.org> wrote:

> Jeff,
>
> This is academic research from the University of Leuven, not an  
> OWASP project (details in the attached documentation).
> They are an educational supporter, hosted several meetings and  
> Lieven Desmet is part of the Belgium chapter board.
>
> They share their research during chapter meetings and ask for a  
> letter to support their EU funding request.
> It makes sense for us to support this as the "Foundation" as several  
> seperate chapters already do.
>
> Let me know if it is ok for you that I sign a letter in name of the  
> board.
> Deadline is tommorow
>
> Thx
>
> Seba
>
> On Tue, Oct 20, 2009 at 12:47 AM, Jeff Williams <jeff.williams at owasp.org 
> > wrote:
> Seba,
>
>
>
> Can you explain this more?  Why all the cloak-and-dagger?  Is this  
> an OWASP Project?  Or do they just want our logo?  Will it be open  
> source and consistent with our other principles?
>
>
>
> I think exploring sandbox technology is a good idea and something  
> OWASP can get behind, but I have to point out that every time people  
> implement a fine-grained access control mechanism (CMW, Java  
> sandbox, .NET sandbox, lots of others) – the problem is managing com 
> plexity, not the security mechanism.
>
>
>
> --Jeff
>
>
>
>
>
> From: owasp-board-bounces at lists.owasp.org [mailto:owasp-board- 
> bounces at lists.owasp.org] On Behalf Of Seba
> Sent: Monday, October 19, 2009 1:19 AM
> To: OWASP Foundation Board List
> Subject: [Owasp-board] URGENT - Fwd: [WebSand] Letter of Interest  
> from OWASP
>
>
>
> Gents,
>
>
>
> We are supporting this research from different chapters. I will also  
> synch this with GEC and GIC.
>
> Can I create a letter that supports the research from OWASP  
> Foundation Board?
>
>
>
>
>
> regards
>
>
>
> Seba
>
> ---------- Forwarded message ----------
> From: Lieven Desmet <Lieven.Desmet at cs.kuleuven.be>
> Date: Sun, Oct 18, 2009 at 11:01 PM
> Subject: [WebSand] Letter of Interest from OWASP
> To: Seba <seba at owasp.org>, Sebastien Deleersnyder <seba at deleersnyder.eu 
> >
>
>
> Seba,
>
> As I informed you on Friday, the WebSand consortium (consisting of the
> Katholieke Universiteit Leuven, Chalmers University, the University of
> Passau, Siemens AG and SAP) is currently submitting a research  
> proposal
> to improve web application security by adopting a server-driven
> sandboxing approach. More information about the project is included in
> attachment.
>
> Each of the participating countries has already ongoing collaborations
> with the local OWASP chapters: KUL with OWASP Belgium, Chalmers with
> OWASP Sweden and Passau and Siemens with OWASP Germany.
>
> I would like to ask the support of OWASP as well as of the Belgium  
> OWASP
> chapter by means of a letter of interest. (The other partners will do
> the same for OWASP Sweden and OWASP Germany.) In this letter, OWASP
> could express their interest in the projects results, and explains
> possible dissemination cooperation. For inspiration, I already  
> included
> a possible template.
>
> Because of a tight submission schedule, I would need your letters on
> Wednesday the latest to ensure a timely submission. I'm very sorry for
> this late rush.
>
> Kind regards,
>
> Lieven
> --
> Lieven Desmet
> Research Manager Secure Software
> DistriNet, Katholieke Universiteit Leuven
>
> Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20091020/6073140a/attachment-0002.html>


More information about the Owasp-board mailing list