[OWASP-TESTING] Next stage
Yvan G.J. Boily
yboily at gmail.com
Wed Jun 22 08:56:39 EDT 2005
I can take a whack at the encryption issues section; I spent almost a year
reviewing a series of applications that relied heavily on crypto to protect
data. During that time I identified a number of areas for improvement.
What kind of timeline are we expecting for completion? (Need to know how
much time to set aside to work on this).
On 6/22/05 5:11 AM, "Daniel Cuthbert" <daniel.cuthbert at owasp.org> wrote:
> I haven't put a word limit on the sections, so feel free to go as
> deep as you need to (ill be editing them to make it flow etc, so no
> worries about that)
> On another note, for a list that has over 80 people subscribed, ive
> only seen 4 offers!
> I will give it a week and the people who havent contacted me, will be
> removed from the list. Yes this is harsh but this isnt a freeloading
> list and it does require input from everyone on the list (work/time
> constraints are taken into consideration)
> On 22 Jun 2005, at 09:47, Eoin Keary wrote:
>> Dan, put me down for the code review part as discussed.
>> PS. Do we have a maximum word count/size for each section.?/
>>> From: Daniel Cuthbert <daniel.cuthbert at owasp.org>
>>> To: owasp-testing at lists.sourceforge.net
>>> Subject: [OWASP-TESTING] Next stage
>>> Date: Tue, 21 Jun 2005 10:05:21 +0100
>>> Morning all,
>>> Sorry for the short break in the testing guide progress, the real
>>> world caught up with me.
>>> Attached are the documents needed for the next part of the guide,
>>> and they are:
>>> Testing Guide II Structure.doc
>>> This is the final TOC as we agreed and next to each section, there
>>> is the option to add your name and your e-mail address(i.e you
>>> will be writing this section)
>>> If you could structure all your submissions using this template
>>> (you can use any format you like, word/text/xml, as long as i can
>>> read it on a mac!)
>>> Guidelines for creating sections:
>>> - DO NOT DO A STRAIGHT COPY FROM ANY OTHER SOURCES ON THE WEB!
>>> Plagiarism won't be accepted.
>>> This testing guide should reflect the experience you all have in
>>> application testing. One of the benefits of OWASP is that the
>>> wealth of experience from the contributors enables the reader to
>>> understand the section they are reading, as it is presented in a
>>> well structured format, which unlike a large amount of research
>>> papers on the web today, isn't normally the case.
>>> - Try and use examples where possible and also let other "non-
>>> security" individuals read what you have written. This ensures
>>> that it makes sense to everyone and not just the hardcore
>>> penetration testers out there.
>>> - I understand everyone has a life and work commitments, so
>>> please don't select loads of sections if you know you may not be
>>> able to commit to them in the end run.
>>> - Contact me if you have any issues during this next phase
>>> I think we should aim to have all the sections written by mid
>>> August, how does this sound for everyone?
>>> Obviously if you feel there is a section missing from the TOC, by
>>> all means contact me
>>> Look forward to seeing the work coming in
>>> Daniel Cuthbert
>>> << template1.htm >>
>>> << Testing_Guide_II_structure.doc >>
>> It's finally here! Download Messenger 7.0 - still FREE http://
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> owasp-testing mailing list
> owasp-testing at lists.sourceforge.net
More information about the Owasp-testing