Dinis Cruz dinis.cruz at owasp.org
Thu Mar 12 10:07:30 EDT 2009

As Colin mentions below, we have to make sure that EVERYTHING OWASP  
creates and promotes has as much quality as possible (and also that it  
is very clear to Owasp users the quality and maturity level of those  

This needs to apply to tools,documents and these other 'things' (not a  
document or a tool).

While Reading Colin's email, it struck me that those other 'things'  

So, what do you think of creating an additional OWASP project  
category , where we would then have: tools, documents and activities  
(each with a unique set of quality assessment criteria fine tune to  
each project type)?

Dinis Cruz

On 12 Mar 2009, at 13:01, Colin Watson <colin.watson at owasp.org> wrote:

> Matt Tesauro wrote:
>> Buanzo, my friend, this is exactly why we've posted this to the list.
>> ...  And even though I'm familiar with your project (and think its  
>> very
>> cool), I'd not considered the misfit between your project and the
>> criteria.  This is exactly the type of feedback needed.  Perhaps your
>> project is better assessed under the documentation criteria.  Perhaps
>> another category is required beyond tool and documentation.
> I realise this discussion is primarily concerned with projects and
> tools, but as Buanzo has raised, there may be other types of
> contribution, like research, that don't fit into the strict criteria.
> Other examples could include anything from press releases,
> presentations, official responses, official letters, and outputs from
> the board, working groups and committees.
> Whilst it does seem to make sense that Buanzo's work is called a
> project, there may be other project-like activities going on, which
> may need some QUALITY review in the future.  It might be good if any
> Non-Tool-Non-Documentation assessment criteria are as generic as
> possible, so we can perhaps use them for other, perhaps as yet
> unidentified, misfits (things not people!). But of course, without
> being overly bureaucratic.  Perhaps as GUIDANCE, rather than being
> mandatory?
> Colin
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

More information about the OWASP-Leaders mailing list