[Owasp-guide] [OWASP-Guide] Schedule for dev guide

Vishal Garg vishalgrg at gmail.com
Mon Dec 13 03:05:37 EST 2010


Hi Kevin,

You need to recycle the old content from the previous dev guide. I had
looked at the logs and I could see the last modification on that page was
made by you on 26th April and since then no updates has been made to that
page. At this stage, you may want to go back to the old guide and recycle
the content from there and may also submit a proposal for new additions to
the project leads. Then we all will go through this and come back with
recommendations for further work.

Regarding suggestions for ASVS, it would be best to speak to ASVS team as
they are the best people to update ASVS standard. Once they have added your
suggestions to the ASVS, then we may be good to add this to the dev guide as
well.

Regards
Vishal

On Sat, Dec 11, 2010 at 6:18 PM, Kevin W. Wall <kevin.w.wall at gmail.com>wrote:

> On 12/06/2010 04:57 PM, Vishal Garg wrote:
> > Hi All,
> >
> > After having a discussion with Anurag, we have come up with the following
> > schdule for the new dev guide. Could all section leads please provide an
> > update on how much work has already been done for the first phase of
> > recycling the content from the previous version of development guide and
> how
> > much of it is still pending, along with an outline of any new additions
> they
> > are planning to implement to their sections.
> >
> > Please note that the new development guide also needs to meet ASVS
> standard
> > and new OWASP numbering scheme. Therefore you need to ensure that you
> adhere
> > to these guidelines and make adjustments to your sections accordingly. If
> in
> > doubt, just get in touch with wither me or Anurag.
> >
> >   31/01/2011
> >
> >  Recycling the old content from previous guide.
> >
> > 31/03/2010
> >
> >  New content development for all sections
>
> OK, Vishal... I _finally_ have a few cycles that I can contribute to the
> 'OWASP-07000 Cryptography' section.  However, what I don't see
> is the "old content" that we are supposed to be *recycling*. I'm
> looking specifically sections under:
> <
> http://code.google.com/p/owasp-development-guide/wiki/WebAppSecDesignGuide_D7
> >
>
> So did it move somewhere else? Sorry I've not been involved in this as I
> could have been--the documentation that I've been writing has been more
> specific to ESAPI, as well as working on the ESAPI crypto code. But I now
> have 3 weeks of vacation so I hope to be able to spend about 8-10 hrs on
> this effort. Only the main page seems to be filled in at all. I recall
> that someone (Michael Howard, I think) had written the previous crypto
> section to the OWASP Dev Guide, but I don't see that content anywhere on
> the Wiki.
>
> There was also some suggestions / additions that I had related to the
> crypto section of ASVS that are not yet in that standard which I think
> should eventually make its way there (in some form or another) as well
> as eventually getting into some version of the OWASP Dev Guide. But first
> things first.
>
> -kevin
> --
> Kevin W. Wall
> "The most likely way for the world to be destroyed, most experts agree,
> is by accident. That's where we come in; we're computer professionals.
> We cause accidents."        -- Nathaniel Borenstein, co-creator of MIME
> _______________________________________________
> Owasp-guide mailing list
> Owasp-guide at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-guide
>



-- 
Vishal Garg

Linkedin: http://www.linkedin.com/in/vishalgrg
Twitter: http://www.twitter.com/vishalgrg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-guide/attachments/20101213/c149d308/attachment.html 


More information about the Owasp-guide mailing list