Difference between revisions of "GPC/Meetings/2012-07-09"

From OWASP
Jump to: navigation, search
 
(17 intermediate revisions by one user not shown)
Line 1: Line 1:
 
__TOC__
 
__TOC__
= Project Committee Updates =
+
= Project Division Updates =
  
 
*'''Projects Set Up'''
 
*'''Projects Set Up'''
**[[OWASP Java J2EE Secure Development Curriculum|OWASP Java J2EE Secure Development Curriculum]]
+
**[[OWASP XSSER|OWASP XSSER]]  
**[[OWASP AW00T|OWASP AW00T]]
+
**[[OWASP ONYX|OWASP ONYX]]  
**[[OWASP Passfault|OWASP Passfault]]
+
**[[OWASP Crossword of the Month|OWASP Crossword of the Month]]
**[[OWASP OctoMS|OWASP OctoMS]]
+
**[[OWASP OWTF|OWASP OWTF]]
+
**[[OWASP Java Uncertain Form Submit Prevention|OWASP Java Uncertain Form Submit Prevention]]
+
**[[OWASP Ecuador|OWASP Ecuador]]
+
**[[OWASP Path Traverser|OWASP Path Traverser]]
+
**[[OWASP Watiqay|OWASP Watiqay]]
+
**[[OWASP Mantra OS|OWASP Mantra OS]]
+
**[[OWASP Security Shepherd|OWASP Security Shepherd]]
+
**[[OWASP Xenotix XSS Exploit Framework|OWASP Xenotix XSS Exploit Framework]]  
+
  
*'''Currently Working On'''
+
*'''Projects Confirmed'''
**Projects Communications Restructuring: See Below.
+
**[[OWASP Review BSI IT-Grundschutz Baustein Webanwendungen|OWASP Review BSI IT-Grundschutz Baustein Webanwendungen]]  
**Daily Project based queries and requests
+
**[[OWASP XSSER|OWASP XSSER]]  
**[https://docs.google.com/a/owasp.org/document/d/1xek9eZqAAt-koEuhOcXE9PoVCsAZ1WZJJoLzVMVj2Ew/edit AppSec USA OSS]
+
**[https://docs.google.com/a/owasp.org/document/d/13jWO7jFfe9NUVlGIddZRrnLA8G5IOTNPjogb61lbbB0/edit OWASP ZAP Project Marketing Recommendations]
+
**[https://docs.google.com/a/owasp.org/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit#bookmark=id.ceef3790c8d6 DHS Host Project Funding Proposal]
+
**[https://docs.google.com/a/owasp.org/document/d/12Pn191CMKzrv1M7H2xtqIAN9VKRSGPfG7VkztCugDWU/edit OWASP Grant Recommendations]  
+
  
*'''Current Projects Communications/Documents'''
+
*'''Pending Project Confirmations'''
**[https://docs.google.com/a/owasp.org/document/pub?id=1ilLGVEM4zWiPgMPDRHe8ARdeLSnoBTUtMq0C-Ta45tc&ndplr=1 Projects Hanbook]
+
**Forensic Guide: Waiting to hear back from the Project Leader.
**[https://www.owasp.org/index.php/OWASP_Projects_Dashboard_2.0 Projects Dashboard 2.0]
+
**Xelenium: Waiting to hear back from the Project Leader.
**[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AhtB029bdcxGdFN1R2NIMTNROXN3dml4ZEcxXzJQYXc#gid=0 OWASP Global Feedback and Inquiry Form]
+
**Intelligent Security: Waiting to hear back from the Project Leader.
**[https://www.owasp.org/index.php/Category:OWASP_Project OWASP Projects Home Page]
+
**[https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0Amvv_7Gz8Z7TdEY5cjQ1ZXByYnBkWTZ4dVNid0V1TXc&pli=1#gid=0 Projects Inventory: What are these non-projects doing in this document?]
+
**[https://www.owasp.org/index.php/OWASP_Reviews_Dashboard OWASP Reviews Dashboards: How does one apply for review?]
+
**[https://www.owasp.org/index.php/OWASP_Project_Reviewers_Database Project Reviewers Database]
+
**[https://www.owasp.org/index.php/OWASP_Projects_Dashboard_2.0/By_Set_Up_Order OWASP Projects Dashboard 2.0/ Set up Order]
+
**[https://www.owasp.org/index.php/OWASP_Training OWASP Training: Promote awareness of projects]
+
**[https://docs.google.com/a/owasp.org/document/d/1Od_6wu8H1fiWlLN9A86NXxQvE1eiEmn4Pp58Y4sbuyI/edit#heading=h.8jvfxkx0l2we OWASP Projects FAQ]
+
  
*'''My Recommendations for a Projects Communication Structure'''
+
*'''Pending Project Donations'''
*[https://www.owasp.org/index.php/AppSecLatam2012 This is what I want it to resemble visually.]  
+
**[[OWASP XSSER|OWASP XSSER]]  
*[https://www.owasp.org/images/d/d5/Projects_Communication_Organisation.jpg Organisation of Project Information]
+
**OWASP XSS Cheat Sheet
  
* '''Current Project Lifecycle, Reviews and Community Concerns'''
+
*'''Pending New Project Leader Appointment'''
**Needs streamlining: Concerns over unclear process
+
**[[OWASP Stinger project|OWASP Stinger project]]
**Lost a project due to complexity of process graduation process
+
***“overly complicated, too many reviewers, frustrating” - OWASP Volunteers
+
**Process Forms? Where are they? Ex. Project Donation Form. Where is Project’s Portal?
+
  
* '''PM Inquiries to the Committee'''
+
* '''Inquiries to the Committee'''
**Proposal for Next Primary Goal: Organisation and updating of Projects information/communication
+
**What is the project donation process? Keith can you elaborate on it?
**Proposal for Third Primary Goal: organise/structure/create project review process
+
**I have a volunteer wanting to take over a project that is inactive. We cannot get hold of the previous PL? What is the process to change leaders, if any?
**Is this what you are looking for in terms of organisation of information
+
**Shall we update current pages to reflect the current project lifecycle and assessment criteria that has already been agreed to with the understanding that it shall be streamlined in the future?
+
  
  
 
==Currently Working On==
 
==Currently Working On==
* Samantha Groves (OWASP Project Manager)
+
*'''Projects Communications Restructuring'''
* Justin Searle (Committee Member)
+
**I have begun to create the wiki template for the new OWASP Projects page.
* Keith Turpin (Committee Member)
+
**I am having a bit of trouble with the tabs, but I am getting help from volunteers on how to do this.
 +
 
 +
*'''Daily Project based queries and requests'''
 +
 
 +
*'''[https://docs.google.com/a/owasp.org/document/d/1xek9eZqAAt-koEuhOcXE9PoVCsAZ1WZJJoLzVMVj2Ew/edit AppSec USA OSS]'''
 +
**We rolled out the marketing for this recently, and we have received 6 entries.
 +
**As of today, all 6 entries have been accepted.
 +
**I am drafting acceptance letters with information on what comes next for the attendees.These will be sent out next week. We are now sorting logistics for the accepted project leaders.
 +
**There is the question of travel aid for some of the project leaders. I suggest we set aside $3,000 for those PLs that ask for financial assistance to get to AppSec USA.
 +
 
 +
*'''[https://docs.google.com/a/owasp.org/document/d/13jWO7jFfe9NUVlGIddZRrnLA8G5IOTNPjogb61lbbB0/edit OWASP ZAP Project Marketing Recommendations]'''
 +
**The marketing recommendations have been agreed on by Simon and I.
 +
**I am currently putting together the projects plan to implement them.
 +
 
 +
*'''[https://docs.google.com/a/owasp.org/document/d/1MA3TI5ssclxvheV8At_ffu2Fuic55SDpOokS3AOvBUc/edit#bookmark=id.ceef3790c8d6 DHS Host Project Funding Proposal]'''
 +
**Andrew, Matteo, Eoin and I met to speak about this in more depth. Deborah, the home office representative, had some concerns about PM software and travel expenses in the budget.
 +
**She would like to know if we are able to re-allocate the PM software and travel expenses to the OWASP portion of the budget. This meeting clarified many of the questions I had about Deborah's concerns.
 +
**The PM software is available as open source to open source projects, and we have applied for a license already. The travel expenses can now come from the OWASP section of the budget.
 +
**Kate, Deborah and I participated in an interview where we discussed DHS concerns. See above. The interview went very well, and we are currently waiting to hear back from her.
 +
**Meeting Outcome: She was going to send us specific instructions on what she needed from us regarding the budget, and she is going to send us an updated proposal form so we can start applying for 2 other OWASP projects she expressed an interest in.
 +
 
 +
*'''[https://docs.google.com/a/owasp.org/document/d/1f83ShmjwLpmybSVJIBhEXDxTrKuNcIPO3ok0ubAs4t8/edit Atlassian Open Source License]'''
 +
**Andrew and I worked together on this application.
 +
**The Atlassian representative has gotten back to us and the company has decided that a community license would be better for this project. We are in the process of writing an application for the new license recommendation.
 +
 
  
 
==Projects Communication Structure Development Update==
 
==Projects Communication Structure Development Update==
# We will have weekly meetings to discuss updates on projects issues. The meetings will be every Friday at 2pm GMT.
+
# We agreed to organize our projects communication through the use of Tabs in the OWASP Projects section of the wiki. I am currently developing the tabs structure on my local machine.
# Communications structure has been agreed upon. We will organise our projects communication through the use of Tabs in the OWASP Projects section of the wiki.  
+
# We agreed that all of the projects documentation must either be updated or created and organized in the correct locations on the wiki. I am currently organizing the documentation.
# Agreement has been made to finish the OWASP Projects Handbook
+
 
# Committee must re-evaluate the project lifecycle procedure
+
# All of the Projects documentation must either be updated or created and organised in the correct locations on the wiki. Changes should be agreed upon by the committee before they are made live to the community.
+
  
 
==AppSec Ireland==
 
==AppSec Ireland==
# Jason Li and Samantha will meet next week, Tues 28th August 2012, to discuss items in more detail.
+
# Have been in Dublin, Ireland for AppSec Ireland: From Monday, September 03 - Thursday, September 06.
# Justin will work on the Project's Handbook before our next GPC meeting
+
# Went to help out with the conference and familiarize myself with the way AppSec events are run.
# Samantha will add Project Lifecycle recommendations before our next GPC meeting
+
# Sat in on a full day training with Jim Manico: Thank you Jim.
# Find out what is Jason's availability to participate in the GPC
+
# Helped coordinate the printing and delivery of OWASP branded items.
# What is the availability of other GPC members?
+
# Helped manage the registration and information desk.
 +
 
  
 
==Important Meeting Outcomes and Discussion Points==
 
==Important Meeting Outcomes and Discussion Points==
# Jason Li and Samantha will meet next week, Tues 28th August 2012, to discuss items in more detail.
+
# We will have weekly meetings to discuss updates on projects issues. The next meeting will be held on Friday, September 14th 2012 at 2pm BST.
# Justin will work on the Project's Handbook before our next GPC meeting
+
# Jason Li has expressed concern over his minimal availability to represent the GPC as Chair of the Committee.
# Samantha will add Project Lifecycle recommendations before our next GPC meeting
+
# Discussion on the availability of all members.
# Find out what is Jason's availability to participate in the GPC
+
# Larry Casey has resigned his post on the GPC.
# What is the availability of other GPC members?
+
# Welcome Nishi Kumar, our newest member!
 +
# Apologize for cancelling today's meeting due to illness.
  
 
[[Category:GPC_Meetings]]
 
[[Category:GPC_Meetings]]
 
[[Category:GPC_Meetings/2011]]
 
[[Category:GPC_Meetings/2011]]

Latest revision as of 17:48, 7 September 2012

Contents

Project Division Updates

  • Pending Project Confirmations
    • Forensic Guide: Waiting to hear back from the Project Leader.
    • Xelenium: Waiting to hear back from the Project Leader.
    • Intelligent Security: Waiting to hear back from the Project Leader.
  • Pending Project Donations
  • Inquiries to the Committee
    • What is the project donation process? Keith can you elaborate on it?
    • I have a volunteer wanting to take over a project that is inactive. We cannot get hold of the previous PL? What is the process to change leaders, if any?


Currently Working On

  • Projects Communications Restructuring
    • I have begun to create the wiki template for the new OWASP Projects page.
    • I am having a bit of trouble with the tabs, but I am getting help from volunteers on how to do this.
  • Daily Project based queries and requests
  • AppSec USA OSS
    • We rolled out the marketing for this recently, and we have received 6 entries.
    • As of today, all 6 entries have been accepted.
    • I am drafting acceptance letters with information on what comes next for the attendees.These will be sent out next week. We are now sorting logistics for the accepted project leaders.
    • There is the question of travel aid for some of the project leaders. I suggest we set aside $3,000 for those PLs that ask for financial assistance to get to AppSec USA.
  • DHS Host Project Funding Proposal
    • Andrew, Matteo, Eoin and I met to speak about this in more depth. Deborah, the home office representative, had some concerns about PM software and travel expenses in the budget.
    • She would like to know if we are able to re-allocate the PM software and travel expenses to the OWASP portion of the budget. This meeting clarified many of the questions I had about Deborah's concerns.
    • The PM software is available as open source to open source projects, and we have applied for a license already. The travel expenses can now come from the OWASP section of the budget.
    • Kate, Deborah and I participated in an interview where we discussed DHS concerns. See above. The interview went very well, and we are currently waiting to hear back from her.
    • Meeting Outcome: She was going to send us specific instructions on what she needed from us regarding the budget, and she is going to send us an updated proposal form so we can start applying for 2 other OWASP projects she expressed an interest in.
  • Atlassian Open Source License
    • Andrew and I worked together on this application.
    • The Atlassian representative has gotten back to us and the company has decided that a community license would be better for this project. We are in the process of writing an application for the new license recommendation.


Projects Communication Structure Development Update

  1. We agreed to organize our projects communication through the use of Tabs in the OWASP Projects section of the wiki. I am currently developing the tabs structure on my local machine.
  2. We agreed that all of the projects documentation must either be updated or created and organized in the correct locations on the wiki. I am currently organizing the documentation.


AppSec Ireland

  1. Have been in Dublin, Ireland for AppSec Ireland: From Monday, September 03 - Thursday, September 06.
  2. Went to help out with the conference and familiarize myself with the way AppSec events are run.
  3. Sat in on a full day training with Jim Manico: Thank you Jim.
  4. Helped coordinate the printing and delivery of OWASP branded items.
  5. Helped manage the registration and information desk.


Important Meeting Outcomes and Discussion Points

  1. We will have weekly meetings to discuss updates on projects issues. The next meeting will be held on Friday, September 14th 2012 at 2pm BST.
  2. Jason Li has expressed concern over his minimal availability to represent the GPC as Chair of the Committee.
  3. Discussion on the availability of all members.
  4. Larry Casey has resigned his post on the GPC.
  5. Welcome Nishi Kumar, our newest member!
  6. Apologize for cancelling today's meeting due to illness.