[Owasp-testing] OSSTMM manual

Eoin eoinkeary at gmail.com
Fri Jan 19 09:12:06 EST 2007


Calm down, Calm down, you are starting to sound like me :)
We can refer to the OSSTMM guide in the references as we do other documents.
In the next release 2.1 we can look at what is "best of breed" out there and
get some ideas.
We referr to books in OWASP which have to be purchased so there is no
problem is referring to this guide, open source or not.
But, lets not rely on another guide to do our bidding,
If we think we are missing a section or chapter we shall simply do research
(if required) and write one.

-ek


On 19/01/07, Javier Fernández-Sanguino <jfernandez at germinus.com> wrote:
>
> Matteo G.P. Flora dijo:
>
> >> It might say open source on the tin, but from where im sitting it
> >> looks like a pay as you go open source and im sorry, none of the
> >> content i have written will ever be charged for and this is one of
> >> the sole reasons i joined with Mark and Jeff when OWASP was started
> >> back in the day.
> >
> > No one told you to give content to OSSTMM. We were discussing in
> > "taking" content from OSSTMM acknowledging the source and have OSSTMM
> > "refer" to code within OWASP.
>
> No can't do. Document licenses of both projects are completely
> incompatible.
>
> OWASP uses the Creative Commons Attribution-ShareAlike 2.5 which is
> incompatible with the CC Creative Commons 2.5
> Attribution-NonCommercial-NoDerivs used by ISECOM (the later being more
> restricted).
>
> Actually, OWASP license is (now [1]) even incompatible with ISSAF's GFDL
> license so no text sharing can be done between any of those documents.
> At most, ideas can be shared (if rewritten and with due credit).
>
> Regards
>
> Javier
>
> [1] Previous versions of the OWASP documents used the
> GFDL license. I've never seen the reasoning behind the license change.
> Anyone care to point me to it?
>
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-testing
>



-- 
Eoin Keary OWASP - Ireland
http://www.owasp.org/local/ireland.html
http://www.owasp.org/index.php/OWASP_Testing_Project
http://www.owasp.org/index.php/OWASP_Code_Review_Project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-testing/attachments/20070119/6f9f7ffc/attachment.html 


More information about the Owasp-testing mailing list