[OWASP-TESTING] Status update: 22 August
Daniel at deeper.co.za
Tue Aug 30 03:51:40 EDT 2005
Javier, apologies for missing them out, my bad :(
One of the things i did look at before we started this 2nd section
was XML. Word is a pain in the ass to work with at the best of times,
but i felt we needed to get content down asap.
Can the outstanding people please let us know your status?
On 29 Aug 2005, at 11:06, Javier Fernandez-Sanguino wrote:
> Daniel wrote:
>> Hi all,
>> Just thought i would say a big thanks to all that have added
>> their sections to the finished pile, so far its looking great.
>> I've attached the outline of who said they would do what, and
>> also what's been completed so far (if anything is missing, please
>> let me know)
> I sent some sections a while back  but are not listed as
> completed. This includes the sections from "Configuration
> Management Infrastructure": "Known Web Server Vulnerabilities",
> "Web application architecture", "Access and visibility of
> administrative tools of web, application, etc servers.",
> "Authentication back-ends (LDAP, DBMS, text files)". I changed the
> title in my contribution so maybe that's why you did not see them,
> my fault.
> As for the "Configuration Management Application" chapter, I've
> sent all the sections except for "Permissions", "HTML and hidden
> form fields" and "Process permissions". I wanted to review the
> writing style of the other submissions before doing this.
> Excuse me if this was provided before, but, shouldn't we use a
> template for all these different sections? I'm seeing contributions
> that closely resemble the OWASP Guide and some others that don't
> follow the same style (like mine).
> What's up with all the people that committed do some sections?
> (some others even said that they had almost finished them). It's
> almost one month after the deadline for a first draft and there's
> just too many sections incomplete.
> People that contributed, listen up! Please keep up with your
> promises and provide those sections. This resembles too much what
> happened back in 2003 when only a few sections were written in a
> rather ambitious effort to write the testing guide from scratch.
> In any case, Daniel, do you have a master document with all the
> current contributions included?
>  Message-ID: <42EDE840.50603 at germinus.com>
> SF.Net email is Sponsored by the Better Software Conference & EXPO
> September 19-22, 2005 * San Francisco, CA * Development Lifecycle
> Agile & Plan-Driven Development * Managing Projects & Teams *
> Testing & QA
> Security * Process Improvement & Measurement * http://www.sqe.com/
> owasp-testing mailing list
> owasp-testing at lists.sourceforge.net
More information about the Owasp-testing