[Owasp-leaders] RFC: Assessment Criteria v2 in pictures

Pravir Chandra chandra at owasp.org
Fri Oct 30 15:20:45 EDT 2009

Damn, everyone keeps asking me how I made the diagrams, so I'll answer
it here :)

 I used the awesome (and free) Tango icons set and remixed and remade
a few myself using the open-source (and also awesome) Inkscape
program. The whole overall diagrams were assembled in OmniGraffle
(Mac-only, commercial) which is so damn easy to use and quality for
graphics gen, I'd strongly recommend it to anyone that needs to draw
diags on a semi-regular basis.

My plans, once we have agreement, is to redraw them all in Inkscape
purely since that way they've got a totally open tool-chain.
OmniGraffle is just way better for fast assembly.

Always willing to answer more questions, so fire away. Enjoy!


On 10/30/09, Pravir Chandra <chandra at owasp.org> wrote:
> Hey Everyone.
> The Global Projects Committee had established version 2 of the Assessment
> Criteria awhile back, but there was still a lot of confusion about what we
> were asking for at various stages and what it all meant. I can personally
> assure everyone that we're trying our best to NOT make a confusing
> bureaucratic process, but the perception might have been that way in the
> past.
> So, to try to help address this problem, myself and the GPC put together
> some diagrams to reflect the requirements of the new assessment criteria.
> They're attached... as much as I hate to spam graphic attachments to
> everyone, I'm doing it anyway since it's more likely you'll look at them if
> it's less clicks :)
> Take a look at the "Summary" one first. We would love to hear your feedback
> on these. Namely,
>  * Is it clear how we are separating a project's rating from the individual
> releases the project makes? If not, what is confusing?
>  * Do you understand what is required to advance a project's rating? If
> not,
> what's missing?
>  * Do you know how to apply the release criteria to your project? Is the
> review process for alpha/beta/stable clear? If not, why?
> We ultimately want to have a clarifying wiki page for each 'box' on the
> Project Criteria and Release Criteria diagram, but we thought we'd get this
> out to the leaders list to get your insight on improvements first.
> Thanks, and we hope to hear back! (you can just reply to this list and not
> bother CC'ing the GPC list since we're all on this one too)
> p.

More information about the OWASP-Leaders mailing list