[Owasp-topten] Ready to party

Neil Smithline owasp-topten at smithline.net
Sun May 13 22:58:21 EDT 2007


Before doing the official wikification with the final released document, 
I did a dry-run this weekend. After three days (and the better part of 
three nights), I have the Top 10 up, nearly in its entirety. This is 
still the RC2 version but, due to the wonders of VBA (or perhaps its the 
endless patience I have for that hunk of junk programming language) I 
should be able to quickly get the final version up. The only thing that 
is missing from the dry-run is the table of vulnerabilities. I haven't 
quite figured up what to do with that but I want to do something special.

One thought, I had originally proposed that the table summarizing the 10 
vulnerabilities goes on its own page as I suggested that every entry in 
the TOC got a page. I'm now thinking that the summary table would be 
better on the main page. This way, people could simply bookmark the main 
page and then use the summary table to visit a specific vulnerability 
page if they have an interest (I'm going to add links to the web 
version). If anyone objects, let me know.

And while I'm going to be playing with the site tomorrow, if you could 
take a look at it (https://www.owasp.org/index.php/Top_10_2007) and let 
me know if you see any formatting problems, that would be great.

I've added a few things to the wiki version that weren't in the printed 
one. I've put a small blurb encouraging community participation on the 
main page, I've created a "how to" page that the blurb points to, and 
I've asked people to help with translation. On the latter, I'd like to 
give an email address that they can contact. That seems better than 
encouraging them to start a discussion. I'd also think an email address 
for general comments would be good to provide as some people might be 
gun-shy about starting a discussion but still have something to 
contribute. Does such an alias exist and, if not, can we create one? The 
owasp-topten list requires individuals to be on the list so I don't 
think that is the right choice.

And once again, if you get a chance to look for formatting errors, that 
would be appreciated.

- Neil


More information about the Owasp-topten mailing list