[Owasp-guide] AUTHOR ACTION REQUIRED -- REVISED OUTLINE (RESEND)

Boberski, Michael [USA] boberski_michael at bah.com
Mon Apr 19 15:35:15 EDT 2010


Not really, it means after you understand what you need in more detail, it will make choices like using ESAPI or some other solution more clear.

Best,

Mike B.

From: Eoin [mailto:eoinkeary at gmail.com]
Sent: Monday, April 19, 2010 3:32 PM
To: Tom Stripling
Cc: owasp-guide at lists.owasp.org; Boberski, Michael [USA]
Subject: Re: [Owasp-guide] AUTHOR ACTION REQUIRED -- REVISED OUTLINE (RESEND)


Hi
Build or buy, this really means build but you ar'nt building but hoping someone else has built it properly ;)
On Apr 19, 2010 5:22 p.m., "Tom Stripling" <tstripling at appsecconsulting.com<mailto:tstripling at appsecconsulting.com>> wrote:

Right, so it turns out that when you mess up a Gmail filter, you end up
dumping everything straight into the archive instead of the folder where you
thought it was going.  I haven't gotten any of these emails in the past 3
weeks.  I thought the list was rather quiet...

I'm going to get on this now, but I want to understand it better to make
sure I get it right.  You're saying the top-level outline should be "Build
or buy?" and then each subsection?  That seems somewhat unnecessary to me.
Why not just have "worksheets" and "see also" be peers to each subsection
(e.g. OWASP-0502):

# OWASP-0500 Input Validation

* OWASP-0502 Verify that a positive validation pattern is defined and applied to all input. ...
Also, am I correct in understanding that this would mean we could
potentially have a single worksheet for an entire section?

Thanks and sorry again for the delay.

Tom

-----Original Message----- From: owasp-guide-bounces at lists.owasp.org<mailto:owasp-guide-bounces at lists.owasp.org> [mailto:owasp-guide-bounces at l.<mailto:owasp-guide-bounces at l.>..
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-guide/attachments/20100419/4a47fc56/attachment-0001.html 


More information about the Owasp-guide mailing list