[Owasp-topten] RFC: Common numbering proposal # 3
bil at corry.biz
Tue Jan 12 02:31:02 EST 2010
Boberski, Michael [USA] wrote on 1/11/2010 6:14 AM:
> Please see http://www.owasp.org/index.php/Common_OWASP_Numbering for a next proposal, refined based on inputs provided so far.
An exercise we did with the Threat Classification numbering system was to actually use the the various proposed numbering systems in a sample document and see what they looked like when used. It didn't take long to see that a simple numbering system worked best:
So my suggestion would be to find some sample documents where the numbers would be used, and try plugging in a few variations and see how they read/look.
More information about the Owasp-topten