[Owasp-guide] [OWASP-Guide] Schedule for dev guide

Kevin W. Wall kevin.w.wall at gmail.com
Sat Dec 11 13:18:51 EST 2010


On 12/06/2010 04:57 PM, Vishal Garg wrote:
> Hi All,
> 
> After having a discussion with Anurag, we have come up with the following
> schdule for the new dev guide. Could all section leads please provide an
> update on how much work has already been done for the first phase of
> recycling the content from the previous version of development guide and how
> much of it is still pending, along with an outline of any new additions they
> are planning to implement to their sections.
> 
> Please note that the new development guide also needs to meet ASVS standard
> and new OWASP numbering scheme. Therefore you need to ensure that you adhere
> to these guidelines and make adjustments to your sections accordingly. If in
> doubt, just get in touch with wither me or Anurag.
> 
>   31/01/2011
> 
>  Recycling the old content from previous guide.
> 
> 31/03/2010
> 
>  New content development for all sections

OK, Vishal... I _finally_ have a few cycles that I can contribute to the
'OWASP-07000 Cryptography' section.  However, what I don't see
is the "old content" that we are supposed to be *recycling*. I'm
looking specifically sections under:
<http://code.google.com/p/owasp-development-guide/wiki/WebAppSecDesignGuide_D7>

So did it move somewhere else? Sorry I've not been involved in this as I
could have been--the documentation that I've been writing has been more
specific to ESAPI, as well as working on the ESAPI crypto code. But I now
have 3 weeks of vacation so I hope to be able to spend about 8-10 hrs on
this effort. Only the main page seems to be filled in at all. I recall
that someone (Michael Howard, I think) had written the previous crypto
section to the OWASP Dev Guide, but I don't see that content anywhere on
the Wiki.

There was also some suggestions / additions that I had related to the
crypto section of ASVS that are not yet in that standard which I think
should eventually make its way there (in some form or another) as well
as eventually getting into some version of the OWASP Dev Guide. But first
things first.

-kevin
--
Kevin W. Wall
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We cause accidents."        -- Nathaniel Borenstein, co-creator of MIME


More information about the Owasp-guide mailing list