[Owasp-board] ESAPI

Jim Manico jim.manico at owasp.org
Thu Jan 17 21:53:35 UTC 2013


Thanks for that clarification, Jason.

I do NOT want to shame to the volunteers of ESAPI. Volunteers come and go, that is the nature of open source.

I just want proper labeling regarding the maturity, usability and activity of each project.

- Jim

> One note - no project is currently "Flagship".
> 
> We have projects that we think are strategically valuable enough that they
> we should try to push them to that status.
> 
> To Jim's point, the project (and really any project that we would want to
> be a Flagship project) needs some polish, support and love to really be in
> that class.
> 
> There are several "strategic" projects that I believe OWASP should look to
> push to Flagship status, but if the project is not of sufficient quality,
> it should not be referred to as Flagship regardless of how strategic or
> important the project is.
> 
> -Jason
> 
> On Wednesday, January 16, 2013, Samantha Groves wrote:
> 
>> Hello Seba and Jim,
>>
>> I certainly do think that ESAPI needs a committed project leader and a
>> dedicated project support team to help take it to the next level of
>> development. As ESAPI is one of our Flagship projects, I see nothing wrong
>> with giving the initiative an extra amount of support from the foundation.
>> That being said, the amount of support we choose to give this project will
>> need to be reproduced for at least all 15 Flagship projects. I suggest we
>> keep this in mind when discussing how to provide support to ESAPI.
>>
>> SG
>>
>> On Wed, Jan 16, 2013 at 6:13 AM, Seba <seba at owasp.org <javascript:_e({},
>> 'cvml', 'seba at owasp.org');>> wrote:
>>
>>> Hi Jim
>>> sounds like a good suggestion for the short term
>>> on longer term, ESAPI needs a committed project manager and
>>> project/support team to evolve it in the de facto standard security
>>> framework example/implementation supported by a reliable community
>>>
>>> Samantha: what are your thoughts?
>>>
>>> --seba
>>>
>>>
>>> On Tue, Jan 15, 2013 at 9:25 PM, Jim Manico <jim.manico at owasp.org<javascript:_e({}, 'cvml', 'jim.manico at owasp.org');>
>>>> wrote:
>>>
>>>> We have 5k in funding for ESAPI. ESAPI for Java is the main version of
>>>> ESAPI.
>>>>
>>>> Most everyone who was on the project dropped out, myself included.
>>>>
>>>> Kevin Wall is the "last man standing" working on the project. And
>>>> frankly, his code is the highest quality - by far - on the project.
>>>>
>>>> Can we spend some of the 5k in ESAPI funding to pay Kevin to finish the
>>>> next release?
>>>>
>>>> He did not ask for this, this is my suggestion to use funds to move a
>>>> key project along in support of our mission.
>>>>
>>>> - Jim
>>>>
>>>> _______________________________________________
>>>> Owasp-board mailing list
>>>> Owasp-board at lists.owasp.org <javascript:_e({}, 'cvml',
>>>> 'Owasp-board at lists.owasp.org');>
>>>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>>>
>>>
>>>
>>
>>
>> --
>>
>> *Samantha Groves, MBA*****
>>
>> *OWASP Project Manager*
>>
>> *
>> *
>>
>> The OWASP Foundation
>>
>> London, United Kingdom
>>
>> Email: samantha.groves at owasp.org <javascript:_e({}, 'cvml',
>> 'samantha.groves at owasp.org');>
>>
>> Skype: samanthahz
>>
>>
>> Book a Meeting with Me <http://goo.gl/mZXdZ>
>>
>> OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
>>
>> New Project Application Form<https://docs.google.com/a/owasp.org/spreadsheet/viewform?formkey=dHZfWGhHZ0Z4UFFwZU42djBXcVVLSlE6MQ#gid=0>
>>
>>
>>
>>
> 
> 
> 
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
> 



More information about the Owasp-board mailing list