[OWASP-GUIDE] Going on with the Guide

Adrian Wiesmann awiesmann at swordlord.org
Sun Feb 15 13:42:35 EST 2004

Hey Chris

> Obviously wanted to reassure you of point 2. All contributed content
> that is of sufficient standard (and yours obviously meets that category)
> will be used and the project absolutely is open source and credit will
> be given where credit is due. 

Seems I have roused a few on this list :)

Sorry if my last mail was inaccurate or missing on how to come from Guide
v1 to v2. Marks mails should answer (some of) these questions.

Before I start with answering the questions from the last few hours,
please let me give you some update:

I worked on the new structure for v2. The guide is now (physically as well
as contentually) structured like it was discussed a few months ago. While
the structure is already rendering fine, it still produces an empty
document with generally only structure information and placeholders in it.
This should change in the next few days when the already written content
is taken over/moved. 
The idea behind the implemented file and folder hierarchy is the one, that
restructuring the flow of the guide can now simply be done within 2 kinds
of files. The chapter flow is changed in the guide_structure.xml, the flow
of every single chapter is done in its chapters chapter_xxx.xml file.

One of the side effects of the new file and folder hierarchy is the one,
that every single sub-chapter does not need to have the full structure of
the docbook xml syntax. This makes contribution of authors and consistency
much easier. Have a look at the chapter "introduction" which is quite
filled by now.

But now to the questions:

> > 1)  What can I do to help?  I had previously contributed some content
> > on Java and web app architectures, and would be happy to brush that
> > up.  I can also do general proofreading of any part of the guide.

I am unfortunately not ready right now to assign tasks. My idea is to
inform this list as soon and as much as possible, so everybody is informed
and has the possibility to interact/react on open tasks or discussions.

> > 2)  Will previous contributions be included in the new structure, or
> > are you re-writing everything from scratch?

Yes. In the one form or another. See Marks remarks.

> 1. We could draw up a list of chapters that need working on. Last I
> remember the .NET and a couple of other chapters still needed to be
> written. If this list can be published, the contributors can chip in
> with which areas they feel confident about.

Yes, thats my idea. We decided a (long time ago) that we will start with
the "Security Techniques" chapter and send that chapter to our book
publisher for the first active interaction with them. While this is still
my plan, I am currently not ready to assign tasks on what, how and where.
Please give me some time to get this tidied up before making a mess again.

The next steps will be to take over the "old" content, find out what is
missing and then fill that up to finish that chapter.

> 2. Once these responsibilities are assigned, we need to set strict
> deadlines on submission of these chapters. We also need to increase the
> traffic on this list to ensure that contributors are upto speed on
> sticking to their deadlines.

I am not quite sure on this right now, but I think I will introduce
"instant kill deadlines". Contributors get deadlines, get a second chance
and after that I will take over. Something like that. Comments on this are
welcome :)

> 3. Also, we need to assign responsibilities for reviewers. And deadlines
> for the reviews as well. I remember reviewing and checking DocBook
> formatting for 5-6 chapters that had been completed some months back.

Since we have a deal with a publisher, this will also change a bit. We
must make 100% sure that the technological aspects are bulletproof. Typos
and minor problems still can be worked out with the publisher later on.
But more to this when the need arises, there is much of work until then :)

> 4. As for the format, I think it was already discussed, and we all go
> with DocBook.

Jeps, this is for sure. I am not sure how you come to this question?

And at the end: Have no fear of this project ripping old stuff or removing
what has been contributed. Just look at me and my current role as a
locomotive (not in size but in vigour) which tries to reach the next
station in time with best effort and the momentum and energy it has.


More information about the Owasp-guide mailing list