[OWASP-TESTING] Status update: 22 August

Daniel Daniel at deeper.co.za
Tue Aug 30 03:51:40 EDT 2005


Javier, apologies for missing them out, my bad :(

One of the things i did look at before we started this 2nd section  
was XML. Word is a pain in the ass to work with at the best of times,  
but i felt we needed to get content down asap.

Can the outstanding people please let us know your status?


On 29 Aug 2005, at 11:06, Javier Fernandez-Sanguino wrote:

> Daniel wrote:
>
>
>> Hi all,
>> Just thought i would say a big thanks to all that have added  
>> their  sections to the finished pile, so far its looking great.
>> I've attached the outline of who said they would do what, and  
>> also  what's been completed so far (if anything is missing, please  
>> let me  know)
>>
>
> I sent some sections a while back [1] but are not listed as  
> completed. This includes the sections from "Configuration  
> Management Infrastructure": "Known Web Server Vulnerabilities",  
> "Web application architecture", "Access and visibility of  
> administrative tools of web, application, etc servers.",  
> "Authentication back-ends (LDAP, DBMS, text files)". I changed the  
> title in my contribution so maybe that's why you did not see them,  
> my fault.
>
> As for the "Configuration Management Application" chapter, I've  
> sent all the sections except for "Permissions", "HTML and hidden  
> form fields" and "Process permissions". I wanted to review the  
> writing style of the other submissions before doing this.
>
> Excuse me if this was provided before, but, shouldn't we use a  
> template for all these different sections? I'm seeing contributions  
> that closely resemble the OWASP Guide and some others that don't  
> follow the same style (like mine).
>
> What's up with all the people that committed do some sections?  
> (some others even said that they had almost finished them). It's  
> almost one month after the deadline for a first draft and there's  
> just too many sections incomplete.
>
> People that contributed, listen up! Please keep up with your  
> promises and provide those sections. This resembles too much what  
> happened back in 2003 when only a few sections were written in a  
> rather ambitious effort to write the testing guide from scratch.
>
> In any case, Daniel, do you have a master document with all the  
> current contributions included?
>
> Regards
>
>
> Javier
>
> [1] Message-ID: <42EDE840.50603 at germinus.com>
>
>
> -------------------------------------------------------
> SF.Net email is Sponsored by the Better Software Conference & EXPO
> September 19-22, 2005 * San Francisco, CA * Development Lifecycle  
> Practices
> Agile & Plan-Driven Development * Managing Projects & Teams *  
> Testing & QA
> Security * Process Improvement & Measurement * http://www.sqe.com/ 
> bsce5sf
> _______________________________________________
> owasp-testing mailing list
> owasp-testing at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/owasp-testing
>
>





More information about the Owasp-testing mailing list