[Owasp-leaders] Archiving conference websites at OWASP

Matt Tesauro matt.tesauro at owasp.org
Mon Feb 4 18:22:47 UTC 2013


Girogio,

Those are all good ideas.  We're wanting to get to where the Foundation can
offer some/all of your idea to all conferences but for right now, we're
concentrating on the global AppSec's.

BTW, one of the things that we're looking at is file level backups and
CDN services as future improvements for conference sites.

However, we'll have to get there through several iterations.

Thanks for the feedback.

--
-- Matt Tesauro
OWASP WTE Project Lead
http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
http://AppSecLive.org - Community and Download site


On Sun, Feb 3, 2013 at 6:28 AM, Giorgio Fedon <
giorgio.fedon at mindedsecurity.com> wrote:

> This is a common issue also for local chapter : managing archives of past
> events and conferences.
>
> Donating webspace to owasp I think that is as very important. This may
> include also backup services.
>
> However for letting volunteers to backup all the precious content a good
> thing could be sharing allthe places where the content actually is.
>
> I / We could script some tools (if there aren't already) for periodically
> checking the health of this archive and getting deadlinks etc. for taking
> actions.
>
> Owasp italy conference material for example is on our
> http://www.owaspitaly.org (only linked from owasp website registered for
> keeping multimedia content)
>
> It would be interesting consolidating a list of any other site that host
> contents.
>
> What do you think about this idea?
>
>
> Inviato da iPhone
>
> Il giorno 03/feb/2013, alle ore 11:28, Colin Watson <
> colin.watson at owasp.org> ha scritto:
>
> > Matt and Sarah
> >
> > This is very important. It pains me that so much of the 2011 and 2012
> > conference materials appear to have disappeared through the use of
> > other websites that are then overwritten by the next conference.
> >
> > Thank you for your efforts here.
> >
> > Colin
> >
> > On 2 February 2013 19:11, Matt Tesauro <matt.tesauro at owasp.org> wrote:
> >> Sarah Baso sent me the following list of previous OWASP conferences and
> the
> >> locations of their pages on the OWASP wiki:
> >>
> >> 2010.appsecusa.org --> https://owasp.org/index.php/AppSec_US_2010,_CA
> >> 2009.appsecusa.org --> https://owasp.org/index.php/OWASP_AppSec_DC_2009
> >> 2008.appsecusa.org -->
> >> https://owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference
> >> 2007.appsecusa.org -->
> >> https://owasp.org/index.php/OWASP_%26_WASC_AppSec_2007_Conference
> >> 2006.appsecusa.org -->
> https://owasp.org/index.php/OWASP_AppSec_Seattle_2006
> >> 2005.appsecusa.org -->
> >> https://owasp.org/index.php/OWASP_AppSec_Washington_2005
> >> 2004.appsecusa.org -->
> https://owasp.org/index.php/OWASP_AppSec_NYC_2004
> >>
> >> All those have been setup with the process documented so that the future
> >> 20[1-9][0-9] global conferences can be archived in the same fashion and
> is
> >> the start of consistently archiving past conference material.
> >>
> >> Yes, these were the USA conferences, but the same will be done for
> AppSec
> >> [EU | LATAM | APAC] sites as well assuming the conferences had OWASP
> wiki
> >> sites and/or have kept some sort of a backup of the conference
> site/access
> >> to the content.
> >>
> >> However, for those leaders here who will be running the 2013++ global
> AppSec
> >> conferences, please take archiving the site into consideration during
> your
> >> planning.  If you are going to use a dynamic site, try to ensure we can
> >> archive it by mirroring the resulting content (e.g. wget -m [URL here]).
> >> There are no current plans to keep dynamic sites on the archive since
> these
> >> sites have no need to change and the attack surface of POHS (Plain Old
> HTML
> >> Sites) is way smaller.
> >>
> >> The idea to to point the general hostname at the server for that year
> so:
> >> Before a conference:
> >>     appsecusa.org will point to 2013.appsecusa.org where ever that
> server
> >> is located.
> >> After a conference and when the next one is gearing up:
> >>    appsecusa.org will point to 2014.appsecusa.org where ever that
> server is
> >> located
> >>         and
> >>     2013.appsecusa.org will point to OWASP's archive server with a
> static
> >> copy of the conference site.
> >>
> >> This will have the added benefit of not breaking links for the current
> >> year's conference when it is no longer current.  It also gives
> conference
> >> planners freedom to do what works for their sites as long as its
> >> mirror-able.
> >>
> >> For the regional conferences which have had regular offerings, we
> should be
> >> able to archive those conference sites as well - such as Ireland,
> BeNeLux,
> >> SnoFroc, etc.  The exact process hasn't been worked out yet.
> >>
> >> Anyway, that's they way things currently planned.  Feel free to provide
> >> feedback, suggestions, etc.
> >>
> >> Cheers!
> >>
> >> --
> >> -- Matt Tesauro
> >> OWASP WTE Project Lead
> >> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> >> http://AppSecLive.org - Community and Download site
> >>
> >> _______________________________________________
> >> OWASP-Leaders mailing list
> >> OWASP-Leaders at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >>
> > _______________________________________________
> > OWASP-Leaders mailing list
> > OWASP-Leaders at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130204/1358df87/attachment-0001.html>


More information about the OWASP-Leaders mailing list