[Owasp-topten] final release date for 2013 list?

Neil Smithline neil.smithline at owasp.org
Sun May 19 20:30:32 UTC 2013


[ This email was drafted last night, before Dave sent out his most recent
email. ]

I have created the wiki versions of the 2007, 2010, and 2013 T10s. As such,
I have been given access to the editable source document that is used to
create the PDF.

The source for the 2007 T10 was a rather simple Word document with little
formatting. However, the source for the 2010 and 2013 T10s is highly
stylized PowerPoint presentations.

While there has been lots of discussion about the process and content of
the 2013 T10, the effort of adapting each T10 page's content into the
standard page template hasn't been mentioned. I am certain that opening the
document to anything more than minor revisions would delay the project for
months. The amount of effort to format each page is simply too large.

IMO, it is simply too late to be discussing the process for creating the
2013 T10.

Neil




On Fri, May 17, 2013 at 8:17 PM, Jim Manico <jim.manico at owasp.org> wrote:

> +1 Thank you for speaking up on this Michael. I think it's very sensible
> to publish another draft version before we go live.
>
> I'm also very concerned about this:
> http://lists.owasp.org/pipermail/owasp-leaders/2013-March/009045.html
>
> I personally would like to consider allowing the entire community to make
> edits directly to the document per OWASP's open philosophy.
>
> Dave, maybe we can split this and allow you to keep working on a "private"
> version, but also encourage the community to work on an "open" version, and
> compare the two after a few weeks and see which one will serve the
> community more?
>
> - Jim
>
> > Dave and all,
> >
> > Can you update us all on whether any of the methodology feedback has been
> > incorporated?
> >
> >
> https://www.owasp.org/index.php/Top_10_2013/ProjectMethodology#Suggested_Enhancements
> >
> > Also, there was a hefty debate on what items where to be included within
> > the top 10 on the leaders list. I'd suggest another draft release for
> > comment based on the evaluation of that feedback. Please correct me if
> I'm
> > wrong, but my feeling is it may be premature to go straight to release.
> >
> >
> > Thanks,
> > Michael
> >
> >
> > --
> > Michael Coates | OWASP | @_mwc
> >
> >
> >
> > On Fri, May 17, 2013 at 11:40 AM, Dave Wichers <dave.wichers at owasp.org
> >wrote:
> >
> >> That’s still my target.****
> >>
> >> ** **
> >>
> >> *From:* owasp-topten-bounces at lists.owasp.org [mailto:
> >> owasp-topten-bounces at lists.owasp.org] *On Behalf Of *Sean Larabee
> >> *Sent:* Friday, May 17, 2013 1:45 PM
> >> *To:* owasp-topten at lists.owasp.org
> >> *Subject:* [Owasp-topten] final release date for 2013 list?****
> >>
> >> ** **
> >>
> >> Not expecting to see a sea change from the 2013 release candidate, but
> am
> >> still holding off on reworking some of my own documents until after the
> >> 2013 list if officially out.  Is it still on track for a release by the
> end
> >> of May?****
> >>
> >> ** **
> >>
> >> Sean Larabee****
> >>
> >> Senior Security Engineer****
> >>
> >> Anitian Enterprise Security****
> >>
> >> sean.larabee at anitian.com****
> >>
> >> 503-726-2112****
> >>
> >> ** **
> >>
> >> _______________________________________________
> >> Owasp-topten mailing list
> >> Owasp-topten at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-topten
> >>
> >>
> >
> >
> >
> > _______________________________________________
> > Owasp-topten mailing list
> > Owasp-topten at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-topten
> >
>
> _______________________________________________
> Owasp-topten mailing list
> Owasp-topten at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-topten
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-topten/attachments/20130519/841bdaca/attachment.html>


More information about the Owasp-topten mailing list