[Owasp-leaders] OWASP Tinyurl Service (Was Short url)

Neil Matatall neil at owasp.org
Tue Oct 12 10:58:53 EDT 2010


Great point Dinis.  I would be glad to develop/manage one but that would be
a conflict of interest of course ;)

Neil

On Tue, Oct 12, 2010 at 7:19 AM, dinis cruz <dinis.cruz at owasp.org> wrote:

> I think that this is a cool idea, that the OWASP Community should be
> involved and that there is a need for such 'security focused' redirects
> (note how Twitter and Bit.ly are trying to get into that space)
>
> I'm not sure about the part were OWASP would running these services (i.e.
> used in the real world), since that should be done by a 'commercially
> focused' entity (with SLAs, backups, support, etc..). I think OWASP's role
> should be on everything else BUT running the live service (think Ecosystem,
> project, PoCs, rules of engagement, security reviews, etc...)
>
> There was actually a PoC created a while back on this exact topic
> (including a live example of it running) but I can't remember who did it (I
> think it was implemented in Java??). I just tried to find it on my inbox(ex)
> and had no luck, so are the involved parties on this list so that they can
> put my memory to shame? (and point us to what has already been done)
>
> Dinis Cruz
>
>
>
> On 11 October 2010 16:33, Neil Matatall <neil at owasp.org> wrote:
>
>> Would there be any interest in developing an OWASP tinyurl service?  It
>> might be a good way to use the brand to promote security with the potential
>> for damage if a nasty link gets through.
>>
>> There would have to be...
>>
>>    - an approval process (so there would be very few links actually
>>    "endorsed")
>>    - a review and alerting process in the case that a site gets
>>    compromised
>>    - an endorsement of the source by multiple members/leaders
>>    - etc
>>
>> I think I just talked myself out of this but it could be useful and a way
>> to get a little more brand recognition out there.  My vote would be that
>> this is too cumbersome and the potential impact is a little too big for my
>> comfort.  Nevertheless, I would like to discuss this if others are willing
>> and interested.
>>
>> Neil
>>
>>
>> On Mon, Oct 11, 2010 at 5:53 AM, Ferdinand Vroom <
>> ferdinand.vroom at owasp.org> wrote:
>>
>>> Paulo,
>>>
>>> We would like to use a short url for our opsomming BeNeLux conference.
>>> Preferrably, http://www.owasp.org/benelux.
>>> Could you arrange for that?
>>>
>>> Greetings,
>>>
>>> Ferdinand
>>> Netherlands Chapter
>>>
>>> 2010/10/9, Paulo Coimbra <paulo.coimbra at owasp.org>:
>>> > Leaders,
>>> >
>>> >
>>> >
>>> > I am glad to announce I've just set a new project up - the OWASP Secure
>>> Web
>>> > Application Framework Manifesto, led by Rohit Sethi. Please welcome his
>>> new
>>> > OWASP initiative!
>>> >
>>> >
>>> >
>>> >
>>> http://www.owasp.org/index.php/OWASP_Secure_Web_Application_Framework_Manife
>>> > sto#tab=Project_About
>>> >
>>> >
>>> >
>>> > http://www.owasp.org/index.php/User:Rksethi
>>> >
>>> >
>>> >
>>> > As always, your suggestions and contributions would be greatly
>>> appreciated.
>>> >
>>> >
>>> >
>>> >
>>> > In addition, this project already has a very mature release, OWASP
>>> Secure
>>> > Web Application Framework Manifesto/Version v0.08 - please glance at
>>> it.
>>> >
>>> >
>>> >
>>> >
>>> http://www.owasp.org/index.php/Projects/OWASP_Secure_Web_Application_Framewo
>>> > rk_Manifesto/Releases/Current
>>> >
>>> >
>>> >
>>> > If the project leader and his contributors ultimately decide to have
>>> this
>>> > release assessed as I am counting on, I will update you.
>>> >
>>> >
>>> >
>>> > Many thanks, regards,
>>> >
>>> >
>>> >
>>> > Paulo Coimbra,
>>> >
>>> >  <https://www.owasp.org/index.php/Main_Page> OWASP Project Manager
>>> >
>>> >
>>> >
>>> >
>>>
>>> --
>>> Verzonden vanaf mijn mobiele apparaat
>>>
>>> Ferdinand Vroom
>>> OWASP Dutch Chapter Board Member
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>
>>
>>
>> --
>>
>> --
>>
>> Neil
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 

--

Neil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101012/491379a1/attachment-0001.html 


More information about the OWASP-Leaders mailing list