[Owasp-leaders] OWASP PCI project - old sponsors
colin.watson at owasp.org
Wed Oct 9 22:33:40 UTC 2013
I don't know the answer either. Why not ask the source of the document first? You might get the answer, and it won't cost anything.
----- Reply message -----
From: "johanna curiel curiel" <johanna.curiel at owasp.org>
To: "Colin Watson" <colin.watson at owasp.org>
Cc: "owasp-leaders at lists.owasp.org" <owasp-leaders at lists.owasp.org>
Subject: [Owasp-leaders] OWASP PCI project - old sponsors
Date: Wed, Oct 9, 2013 23:05
Thanks for the tip. I'm new to licenses, what I understood from the Open Scoping document is that people can make commercial use of it and redistribute it, however , is not the document but a tool (program) based on the Decision Tree proposed in this document. I think I'll need to consult a lawyer about copyright just to be sure, and my idea is to allow people use this tool, but they should not be allowed to use the code and then make a commercial tool out of it ;-)
On Wed, Oct 9, 2013 at 10:19 AM, Colin Watson <colin.watson at owasp.org> wrote:
> previous project
Maybe just make up a different project name like "PCI Toolkit Project"?
> Based on the Open PCI DSS Scoping Toolkit Document
If you are referring to the toolkit document from the Open Scoping
Framework Corp, that document is licensed under a Creative
Attribution-NoDerivs 3.0 license. Will what you are proposing
contravene the "no derivative works" part?
On 7 October 2013 15:19, johanna curiel curiel <johanna.curiel at owasp.org> wrote:
> HI Leaders
> I saw that WhiteHat and Orbitz are or were(?) sponsors of this project
> If you are still interested in sponsoring, Tom Brennan has joined the
> project too & I will be programming the tool. It has been redefined as the
> The OWASP PCI toolkit is a group of new and existing OWASP tools &
> Documentation that will provide organizations full support for the PCI
> compliance process, from scoping to implementation.
> The Toolkit consist of:
> OWASP PCI Scope Assessment module (WPF .NET app) this tool will allow
> organizations to create a full assessment scope. Based on the Open PCI DSS
> Scoping Toolkit Document, the tool will allow organizations to create a
> total report assessment, by providing the user with a complete analysis
> mechanism to all (inserted) system components
> OWASP PCI assessment criteria module (WPF .NET app)once the scoping process
> has been finalized, the Assessment criteria toolkit will provide you with a
> complete analysis of the defined system components, based on the areas where
> the systems belong to. Example: A proxy server (Category 1) falls under the
> "Build and maintain a secure Network" requirements
> The tool will deliver also, clear links and resources of existing OWASP
> tools and Documentation while applying the PCI testing procedures.
> Technical Info
> The tool will be built as a WPF-.NET (c#) program
> For more info, please contact me
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders