[OWASP-LEADERS] Owasp project standards

Mark Curphey mark at curphey.com
Tue Feb 18 01:28:20 EST 2003

answering my own mails whatever next

and licensing - GPL or official OSI licenses only and all work copyright
assigned to the FSF only.

On Mon, 2003-02-17 at 22:26, Mark Curphey wrote:
> Hi Manav
> Great job once again. 
> Here are a few thoughts on things we should add to make it into the
> OWASP bible so to speak. You may have these on your schedule but I
> thought I would jot them down in case. 
> Use of CVS - ie all documents and code should be in CVS
> File Formats - Use DocBook where appropriate and possible
> Representing yourself as being "From OWASP"
> Use of the OWASP brand (no commercial exploitation essentially)
> I think it would be good to include the mission statement and
> organizational model and a few of the other things I developed in the
> OWASP plan as well.
> http://prdownloads.sourceforge.net/owasp/TheOWASPPlan2003.pdf?download
> Mark
>         -----Original Message-----
>         From: Jennifer Tharp [mailto:tharpo at tharpo.com] 
>         Sent: Monday, February 17, 2003 10:24 AM
>         To: owasp-leaders at lists.sourceforge.net
>         Subject: RE: [OWASP-LEADERS] Owasp project standards
>         Nice job, Manav.
>         A few thoughts:
>         The document begins with definitions of "should," "must,"
>         etc., but those don't appear to be used further in the
>         document, excluding opening paragraphs. Seems we should either
>         carry those usages forward throughout the document, or
>         eliminate them altogether.
>         I followed the exchange about aspects of importance.  While I
>         agree that performance should be a part of correct operation,
>         that's not necessarily intuitive.  While we may agree with you
>         conceptually now, I think we should document that in your
>         work, so others reading this in the future understand that to
>         be the case.  It could be as simple as "correct operation
>         (including performance)."
>         Do the table of contents accurately reflect the entire scope
>         of this document?  I know we've also discussed additional
>         processes -- wanted to determine if they will become part of
>         your document, or whether additional documentaiton will be
>         created.
>         The attachment below contains several grammatical and spelling
>         edits.  
>          -----Original Message-----
>         From: owasp-leaders-admin at lists.sourceforge.net
>         [mailto:owasp-leaders-admin at lists.sourceforge.net]On Behalf Of
>         Manavendra Gupta
>         Sent: Sunday, February 16, 2003 8:31 PM
>         To: owasp-leaders at lists.sourceforge.net
>         Subject: [OWASP-LEADERS] Owasp project standards
>                 Hi,
>                 Please find attached the Owasp project standards
>                 document. This is a work in progress, and as you'd see
>                 a lot of meat of the document is missing.
>                 In all honesty, I did try to use DocBook with XMLSpy
>                 to get on with the document, but I lost close to 3
>                 days finding my way around it (and I must admit I'm
>                 not good at it still). 
>                 I have certain artificats ready (such as the delivery
>                 control checklist, code review checklist, etc), but I
>                 will need another day to integrate them with this
>                 document. 
>                 I shall be able to spend a lot more time over the
>                 course of next week, so hopefully, the progress will
>                 be much faster.
>                 Please review the document and email me your
>                 comments/suggestions.
>                 Thanks,
>                 Manav.
Mark Curphey <mark at curphey.com>

More information about the OWASP-Leaders mailing list