[Owasp-board] [Owasp-leaders] RFC: OWASP COMMERCIAL SERVICES REGISTRY
eoin.keary at owasp.org
Mon Apr 26 14:43:01 UTC 2010
This really is a leaders (everyone on this list) decision in terms of
direction of this project! anyone else have any ideas?
It will also be the closest OWASP has ever been to embracing/aligning to the
commercial app sec industry so it is important to hammer this out.
On 26 April 2010 14:51, Boberski, Michael [USA] <boberski_michael at bah.com>wrote:
> so given this is a list of orgs "who claim" they provide such services,
> are we delivering the information as such, ie, organisations "who claim",
> and it is clear OWASP does not endorse or verify any of these claims.
> - Can we have this made very clear on the site please.
> *[Mike] I’ve added just now bold and italic emphasis to the existing
> disclaimer on each tab.*
> Again re passing and failing applications for registration we need a number
> of individuals to assess each application. This can not be left to one
> individual, this avoids any difficult potential commercial conflicts of
> interest arising or even the perception of one.
> *[Mike] This is an item which I think needs further discussion. *
> * *
> *I’d be happy not to spend cycles managing the registry, there are no
> special skills required to do so, but that assumes one or a group of people
> can provide equivalent service. It’s not really OK for this to have requests
> take a month or three, that would cause perception problems as well. *
> * *
> *Perhaps, creating a mail list and having requests sent to that, and then
> serviced by me, would be sufficient. Or e.g., have requests go to the
> Industry (or Connections?) Committee list, and then serviced by me. Either
> way the point would be that a record would be generated were disputes to
> arise, and of course the criteria for listing is duplicated on each tab.*
OWASP Global Board Member
OWASP Code Review Guide Lead Author
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board