[OWASP-GUIDE] Guide 2.1 Draft 1

Andrew van der Stock vanderaj at greebo.net
Mon Sep 12 10:46:34 EDT 2005


Hi there,

Guide 2.1 Draft 1 has been uploaded to CVS. This contains all current  
comments and revised chapters.

I would like more reviews done. The deadline for this round is  
September 30.
- Dan and David have a lock on their previously reviewed chapters  
unless they think they are finished with them
- Frank Lemmon has a lock on SQA
- Robert J. Hansen has a lock on cryptography
- Raoul Endres has a lock on privacy

All other chapters are open for review. Please nominate which you'd  
like to do here, and it'll be so. If you have a partially reviewed  
chapter, please submit it now anyway, and it'll be yours until  
September 30.

New materials for 2.1

* I will be writing the distributing computing chapter, and it will  
be submitted by September 30.
* J2EE and .NET specific guidelines in the appendix. I'd suggest that  
one person take on each rather than both being taken on by a single  
person. I have had an offer of a ColdFusion chapter, but I have not  
heard back as yet

Changes
* current draft.pdf
- This file represents the current stable draft, with document  
comments and so on turned on. Due to large numbers of comments, there  
are two pages of comments at the rear of the document.

* New chapters
- SQA by Frank Lemmon
- Distributed Computing (race conditions). New but no content

* Edits
- Updated TOC
- Removed Mark Curphey and Alex Russell from the credits at their  
request
- Minor edits from many members of the public
- Comments from the public which will require longer thought added to  
many chapters (particularly phishing)

* Reviewed chapters checked in wholesale (thanks heaps!)
- Authentication, Authorization and Session Management - Dan Cornell
- Data validation - David Rice

Thanks to everyone who helped with this!
Andrew




More information about the Owasp-guide mailing list