[Owasp-board] [GPC] REQUEST FOR COMMENTS/RE: OWASP TestingGuide: start a new project

Paulo Coimbra paulo.coimbra at owasp.org
Thu Jun 24 15:14:10 UTC 2010


Eoin,

 

In accordance with what had been previously defined when we first built the
unlaunched SoC09 frame, “these expenses include things like marketing our
best projects, printing promotional samples of our best OWASP documents,
graphic design, travel expenses to hold mini-summits, etc.”

 

Thanks,

 

Paulo Coimbra,

 <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager

 

From: eoinkeary at gmail.com [mailto:eoinkeary at gmail.com] On Behalf Of Eoin
Sent: quinta-feira, 24 de Junho de 2010 10:31
To: Paulo Coimbra
Cc: OWASP Foundation Board List; Global Projects Committee; Matteo Meucci
Subject: Re: [Owasp-board] [GPC] REQUEST FOR COMMENTS/RE: OWASP
TestingGuide: start a new project

 

Fine by me,

but with any of the guides what else is there to pay for apart from
individuals time and imparting of knowledge?



 

On 23 June 2010 23:25, Paulo Coimbra <paulo.coimbra at owasp.org> wrote:

Board, GPC,

In accordance with what had been previously defined when we first built the
unlaunched SoC09 frame, I have agreed with Matteo that the grant can be used
to pay for any project's development related expense with the exception of
the project leader's and the project contributors' time.

http://www.owasp.org/index.php/OWASP_Season_of_Code_2009


Thanks,

Paulo Coimbra,
OWASP Project Manager

> >-----Original Message-----
> >From: Matteo Meucci [mailto:matteo.meucci at owasp.org]

> >Sent: quarta-feira, 23 de Junho de 2010 23:13
> >To: Paulo Coimbra
> >Cc: Jeff Williams; Global Projects Committee; OWASP Foundation Board
> >List

> >Subject: Re: [GPC] [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP
> >TestingGuide: start a new project
> >

> >Hi,
> >that's ok for me to use the same amount of money used for SoC08. Paulo
> >just explained me all the new rules.
> >Thanks again Paulo for your patience and your great support!
> >
> >Mat

> >
> >On Wed, Jun 23, 2010 at 4:00 PM, Paulo Coimbra
> ><paulo.coimbra at owasp.org> wrote:
> >> Matteo,
> >>
> >>
> >>
> >> It’s your call. Please let us your thoughts.
> >>
> >>
> >>
> >> Thanks,
> >>
> >>
> >>
> >> Paulo Coimbra,
> >>
> >> OWASP Project Manager
> >>
> >>
> >>
> >> From: Jeff Williams [mailto:jeff.williams at owasp.org]
> >> Sent: terça-feira, 22 de Junho de 2010 18:54
> >> To: 'Paulo Coimbra'; 'Jeff Williams'; 'Global Projects Committee';
> >'OWASP
> >> Foundation Board List'
> >> Cc: 'Matteo Meucci'
> >> Subject: RE: [GPC] [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP
> >> TestingGuide: start a new project
> >>
> >>
> >>
> >> Yes.  I was expecting to match the last SOC support to the Testing
> >Guide,
> >> unless there’s a specific request from Matteo for a different
> >budget.
> >>
> >>
> >>
> >> --Jeff
> >>
> >>
> >>
> >> Jeff Williams, Chair
> >>
> >> The OWASP Foundation
> >>
> >> work: 410-707-1487
> >>
> >> main: 301-604-4882
> >>
> >>
> >>
> >> From: global-projects-committee-bounces at lists.owasp.org
> >> [mailto:global-projects-committee-bounces at lists.owasp.org] On Behalf
> >Of
> >> Paulo Coimbra
> >> Sent: Tuesday, June 22, 2010 1:00 PM
> >> To: 'Jeff Williams'; 'Global Projects Committee'; 'OWASP Foundation
> >Board
> >> List'
> >> Cc: 'Matteo Meucci'
> >> Subject: Re: [GPC] [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP
> >> TestingGuide: start a new project
> >>
> >>
> >>
> >> Hello Jeff,
> >>
> >>
> >>
> >> Just to clarify, when you say ‘Yes - absolutely’ answering the
> >questions
> >> I’ve sent, are you also approving the budget I’ve proposed? If yes,
> >would
> >> you mind putting a number on it?
> >>
> >>
> >>
> >> Thanks,
> >>
> >>
> >>
> >> Paulo Coimbra,
> >>
> >> OWASP Project Manager
> >>
> >>
> >>
> >> From: Jeff Williams [mailto:jeff.williams at owasp.org]
> >> Sent: segunda-feira, 21 de Junho de 2010 20:49
> >> To: 'Paulo Coimbra'; 'Global Projects Committee'; 'OWASP Foundation
> >Board
> >> List'
> >> Cc: 'Matteo Meucci'
> >> Subject: RE: [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP Testing
> >Guide:
> >> start a new project
> >>
> >>
> >>
> >> Yes – absolutely. This is one of OWASP’s banner projects and Matteo
> >has done
> >> a masterful job of it.  Keeping this up to date is critical.
> >>
> >>
> >>
> >> --Jeff
> >>
> >>
> >>
> >> Jeff Williams, Chair
> >>
> >> The OWASP Foundation
> >>
> >> work: 410-707-1487
> >>
> >> main: 301-604-4882
> >>
> >>
> >>
> >> From: owasp-board-bounces at lists.owasp.org
> >> [mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Paulo
> >Coimbra
> >> Sent: Monday, June 21, 2010 10:42 AM
> >> To: 'Global Projects Committee'; 'OWASP Foundation Board List'
> >> Cc: 'Matteo Meucci'
> >> Subject: [Owasp-board] REQUEST FOR COMMENTS/RE: OWASP Testing Guide:
> >start a
> >> new project
> >>
> >>
> >>
> >> Board, GPC,
> >>
> >>
> >>
> >> Could you please respond my email below? Do you have any feedback
> >regarding
> >> Matteo’s proposal to create a fourth version of the Testing Guide?
> >Can he
> >> start the works to produce the new edition? Do you agree with my
> >proposal to
> >> budget this Guide’s improvement?
> >>
> >>
> >>
> >> Thanks,
> >>
> >>
> >>
> >> Paulo Coimbra,
> >>
> >> OWASP Project Manager
> >>
> >>
> >>
> >> From: Paulo Coimbra [mailto:paulo.coimbra at owasp.org]
> >> Sent: quinta-feira, 17 de Junho de 2010 16:40
> >> To: 'Global Projects Committee'
> >> Cc: 'Matteo Meucci'
> >> Subject: RE: OWASP Testing Guide: start a new project
> >>
> >>
> >>
> >> Board, Committee,
> >>
> >>
> >>
> >> As you can see below, Matteo Meucci is willing to create the fourth
> >version
> >> of the Testing Guide and has kindly sent us his idea for
> >approval/feedback.
> >>
> >>
> >>
> >> As we haven’t opened the new season of code still, I propose we make
> >> available a budget to support expenses with language review,
> >pagination
> >> (graphical arrangement of pages) and marketing.
> >>
> >>
> >>
> >> Please let us know your thoughts.
> >>
> >>
> >>
> >> Thanks,
> >>
> >>
> >>
> >> Paulo Coimbra,
> >>
> >> OWASP Project Manager
> >>
> >>
> >>
> >> From: Matteo Meucci [mailto:matteo.meucci at owasp.org]
> >> Sent: segunda-feira, 24 de Maio de 2010 11:37
> >> To: Paulo Coimbra
> >> Subject: OWASP Testing Guide: start a new project
> >>
> >>
> >>
> >> Hi Paulo,
> >>
> >> here is my idea for the new Testing Guide.
> >>
> >>
> >>
> >> (0) Project Name: OWASP Testing Guide (v4?)
> >>
> >>
> >>
> >> (1) Project purpose / overview
> >>
> >> - Review all the control numbers to adhere to the OWASP Common
> >>
> >> numbering: http://www.owasp.org/index.php/Common_OWASP_Numbering
> >>
> >> - Review all the sections in v3
> >>
> >> - Create a more readable guide, eliminating some sections that are
> >not
> >> really usefull
> >>
> >> - Insert new testing techniques: HTTP Verb tampering, HTTP Parameter
> >> Pollutions, ecc
> >>
> >> - Rationalize some sections as Session Management Testing
> >>
> >> - Create a new section: Client side security and firefox extensions
> >testing
> >>
> >>
> >>
> >> (2) Project Roadmap (as mentioned above)
> >>
> >> - Introduce the new project to the testing Guide mailing list
> >>
> >> - Involve the contributors: we need to involve also the final users
> >of the
> >> Testing Guide (for example Banking to understand how they would like
> >to
> >> improve that).
> >>
> >> - 1st June 2010: Start a brainstorming for the new index starting
> >from (1)
> >>
> >> - 1st July 2010: Create the new index and the new team
> >>
> >> - 15th July 2010: Starting writing articles
> >>
> >> - 15th September 2010: Starting the first review phase
> >>
> >> - 15th October 2010: Starting writing articles II phase
> >>
> >> - 15th November 2010: Starting the second review phase
> >>
> >> - 15th December 2010: Create the RC1
> >>
> >> - 15th January 2011: Release the version 4
> >>
> >>
> >>
> >> (3) Project links (if any) to external sites,
> >>
> >> - no
> >>
> >>
> >>
> >> (4) Project License
> >>
> >>
> >(http://www.owasp.org/index.php/Guidelines_for_OWASP_Projects#Project_
> >Licensing),
> >>
> >> Creative Commons Attribution Share Alike 3.0 as usal :)
> >>
> >>
> >>
> >> (5) Project Leader name,
> >>
> >> Matteo Meucci
> >>
> >>
> >>
> >> (6) Project Leader email address
> >>
> >> matteo.meucci at owasp.org
> >>
> >>
> >>
> >> (7) Project Leader wiki account - the username (you'll need this to
> >edit the
> >> wiki) Mmeucci
> >>
> >>
> >>
> >> (8) Project Maintainer (if any)  - name, email and wiki account (if
> >any)
> >> Matteo Meucci
> >>
> >>
> >>
> >> (9) Project Contributor(s) (if any) - name email and wiki account
> >(if any) A
> >> short list of contributors that would like to improve the guide:
> >>
> >> - Roberto Suggi Liverani
> >>
> >> - Nick Freeman
> >>
> >> - Stefano Di Paola
> >>
> >> - Marco Morana
> >>
> >> - Giorgio Fedon
> >>
> >> - Kevin Horvath
> >>
> >>
> >>
> >> Thanks,
> >>
> >> Mat
> >
> >
> >

> >--
> >Matteo Meucci
> >OWASP-Italy Chair, CISSP, CISA
> >http://www.owasp.org/index.php/Italy
> >OWASP Testing Guide lead
> >http://www.owasp.org/index.php/Testing_Guide
> >Cell: +393283019559

_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board




-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author

Sent from my i-Transmogrifier
http://asg.ie/
https://twitter.com/EoinKeary

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100624/06f9fe93/attachment-0002.html>


More information about the Owasp-board mailing list