[Owasp-summer-of-code-2008] June 26/Update - OWASP Summer of Code 2008.

Paulo Coimbra paulo.coimbra at owasp.org
Thu Jun 26 10:51:03 EDT 2008

Hello everyone,


I hope you all are well.


As you know, we have almost reached the time to perform the 50% review.


However, it's time to recognize that we have been somewhat imprecise in our
definition of the 50% review's deadline. To have all projects reviewed, we
should have defined a period, a start and an end date, instead of a specific
day. Therefore, regarding this matter, we will not be strict. 


On the contrary, please be aware that we expect the final deliveries ready
by, maximum, 15th September, as we are planning to set up an International
<http://www.owasp.org/index.php/OWASP_EU_Summit_2008>  Conference to
publicly present them. 


However, we are still recommending June 29 to be assumed as the reference
date to begin this process. 


 In accordance, we would like to see each project template being updated
until the referred date (June 29) by uploading in there all project main
links and documentation as can be seen, for example, here
<https://www.owasp.org/index.php/Category:OWASP_Sqlibench_Project>  or here
<https://www.owasp.org/index.php/Category:OWASP_Skavenger_Project> .
Thereafter, both author's project and reviewers should begin the assessment
task. - As we are still receiving questions inquiring about the
assessment/review methodology, I am sending again a couple of guidance lines
(see please the page bottom).


Regarding the provisory pointed out reviewers, as not everybody have yet
done what was asked in the previous SoC's update, I must reiterate the
following requests:


- Please add the note 'Confirmed' or 'Unconfirmed' directly on this page
Status_Target_and_Reviewers> , just below the reviewers names. Please, pay
special attention if you find the reference TBC (To be confirmed). 


- Please, ask your reviewers for them to add, as soon as possible, just
below their names, a link with a couple of lines mentioning their
professional background - as you know this information will be needed to
achieve OWASP Board's confirmation.


- Please, send me off your postal address and Pay Pal reference. Once the
50% review is finished, we will need it to pay.  


To conclude, regarding the projects that haven't yet found the required
reviewers, I take the opportunity to ask the authors to drop me a line if
assistance is needed.


I wish you all good work.


Many thanks, best regards


Paulo Coimbra, 

OWASP <https://www.owasp.org/index.php/Main_Page>  Foundation Project


OWASP AppSec NYC 2008 is coming...  are you ready?





What are the reviewers' main tasks? 

A. The main tasks are the result of a set of rules previously established in
both the OWASP <https://www.owasp.org/index.php/OWASP_Summer_of_Code_2008>
Summer of Code 2008 initiative and the OWASP
t_Scale_for_OWASP_TOOLS_Projects>  Project Assessment criteria . 

B. To exemplify, please take into consideration the OWASP
Skavenger Project. 

C. Simplifying , I would say that the work review will basically consist in
certifying that the project's
ed_Futher_Clarifications#Skavenger>  objectives and deliveries were
accomplished and, taking into consideration the OWASP
assessment criteria, in certifying that the Beta Status was reached.
Additionally we expect the reviewer always to be available to provide useful
advice to the project developer. These tasks must be performed twice: the
first one, the 50% Review, by June 29 and the second one, the Final Review,
by September 15.

D. Regarding the question of the project status, it is important to clarify
that, even though the majority of the projects have to reach Beta status,
there are also some others, in which the status target is Release Quality.
That is to say, that each project built on previous work done within OWASP
(Existing <https://www.owasp.org/index.php/Category:OWASP_Project>  OWASP
Projects) should obtain Reviewers' agreement that a Release
<https://www.owasp.org/index.php/Category:OWASP_Project_Assessment>  Quality
stage was achieved. 

Furthermore, on the top of what was said before, in our perspective, to be a
reviewer means, at least, to point out scientific/technical and
methodological mistakes, to propose paths to follow, to propose tools and
documentation/bibliography to be studied and consulted.










-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-summer-of-code-2008/attachments/20080626/7393fc0a/attachment-0001.html 

More information about the Owasp-summer-of-code-2008 mailing list