[Owasp-portland] What are you more interested in learning about?

Timothy D. Morgan tmorgan-owasp at vsecurity.com
Wed May 12 11:48:25 EDT 2010


> > Good.  Do any of the items on my list stand out as ones you'd like to
> > hear about first?
> 
> I think cryptography stuff is interesting.

Ok, unless there's any other opinions from list members, I'll set
aside some time to get that talk put together.


> > All of these are great ideas.  Would you like to present on some of
> > them?
> 
> Ha, I see what you did there. ;)  I'm familiar with them, but not
> necessarily from a security standpoint - at least not from a high
> level standpoint.  The most interesting thing I could talk about on
> the list is CSP, but it won't be anything you don't know if you've
> read the wiki pages on it.

Well I think if you wanted to start by presenting the issues
surrounding same-origin policy and and XSS and then lead into the CSP
effort, that's plenty for one talk.  While the SOP has been around for
a long time, I think a lot of people still aren't familiar with the
details, particularly when you start talking about cookies, flash,
Java applets, etc...

Then again, if covering SOP doesn't get you fired up, then I'll keep
it on my list of things to cover down the road.


> I'll try to come up with some topics that I have more experience with.

I look forward to it.

Thanks,
tim


More information about the Owasp-portland mailing list