[Owasp-guide] AUTHOR ACTION REQUIRED -- REVISED OUTLINE (RESEND)

Vishal Garg vishalgrg at gmail.com
Tue Apr 27 09:02:01 EDT 2010


Hi Kevin, Thanks.

About the heading, sometimes this makes me think as well what we are trying
to convey with this heading. But I believe Mike would have a reason to
choose this heading which is not clear to most of the team yet.

Mike, do you think it is time to clarify why we have chosen this heading
over anything else. I think having this discussion now may avoid having it
at a later date, that I am sure is going to happen at some point if the
folks are not clear about the exact purpose of choosing this heading
(including me ;-))

Regards
Vishal

On Tue, Apr 27, 2010 at 5:13 AM, Kevin W. Wall <kevin.w.wall at gmail.com>wrote:

> Boberski, Michael [USA] wrote:
> > Vishal, 0400's looking good!!
> > Team, check it out here:
>
> http://code.google.com/p/owasp-development-guide/wiki/WebAppSecDesignGuide_D4
> The outline and numbering look right, the breaking of ASVS requirement into
> individual dev guide steps, all good.
> >
> > Format #1 for the worksheet here:
> http://owasp-development-guide.googlecode.com/svn/trunk/worksheets/Access-Control-Worksheet-Format-1.doc let's go with that. The worksheets should be sufficiently clear that they
> lend themselves towards creating more complicated, application-specific
> spreadsheets and such.
> >
> > Thank you for your hard work. Keep going! :)
>
> Vishal,
>
> Yes, looking very nice. I still don't quite get the 'Build or Buy' heading,
> but
> I realize that's something we can address later on and it's mostly a place
> holder for now. If we leave it as 'Build or Buy' I think we need to say
> something about the pros and cons of build vs. buy.
>
> -kevin
> --
> Kevin W. Wall
> "The most likely way for the world to be destroyed, most experts agree,
> is by accident. That's where we come in; we're computer professionals.
> We cause accidents."        -- Nathaniel Borenstein, co-creator of MIME
>



-- 
Vishal Garg
Web Security Specialist

Blog: http://www.ethicalhack.co.uk
Twitter: http://www.twitter.com/vishalgrg
Linkedin: http://www.linkedin.com/in/vishalgrg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-guide/attachments/20100427/e61253e1/attachment-0001.html 


More information about the Owasp-guide mailing list