Difference between revisions of "Project Information:template Application Security Verification Standard 50 Review Second Review E"

From OWASP
Jump to: navigation, search
(New page: Click here to return to the previous page. {| style="width:100%" border="0" align="center" ! colspan="3" align...)
 
 
Line 15: Line 15:
 
1. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Application Security Verification Standard|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
 
1. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Application Security Verification Standard|'''the assumed ones''']], please exemplify writing down those of them that haven't been realised.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
 +
'''Alpha quality for documents'''
 +
 +
*  Agree to OWASP's open source license
 +
OK: Attribution ShareAlike 2.5
 +
 +
* The "main" page for any OWASP documentation project must be on the OWASP website. This page must:
 +
 +
o describe the purpose and scope of project, the project leader, contact info, and include all relevant links,
 +
 +
OK
 +
 +
o includes a roadmap/guideline pointing out the steps to achieve the purpose of project.
 +
 +
Not on the page
 +
 +
o includes a list of contributors, if a team effort.
 +
 +
Does not apply
 +
 +
o include the Alpha Quality Tool project tag. (Which we still need to define),
 +
 +
o be placed at OWASP Project page.
 +
 +
OK
 +
 +
* Have all its content stored in the OWASP wiki.
 +
 +
OK
 +
 +
* Mailing list for project created.
 +
 +
OK
 +
 +
* Solves a core application security documentation/process need.
 +
 +
Selected for the Owasp SOC 2008 for this reason.
 +
 +
'''What has been done by the author'''
 +
 +
First version of the ASVS document, with a complete summary, a complete presentation of the overall presentation process and a half of the document sections that are written.
 +
 +
'''Summary'''
 +
 +
Next objectives of the author:
 +
 +
- Address comments on draft delivered 29th June as they are received.
 +
 +
- Start and complete work on remaining documents/sections.
 +
 +
- Address comments on remaining documents/sections as they are received.
 +
 +
- Update OWASAP web site project page with status (on 15th September).
 +
 +
- Update OWASAP web site project page with beta drafts (on 15th September).
 +
 +
- Develop and discuss with OWASP a proposal to select a beta candidate application developer and to conduct a trial certification.
 +
 
  |-  
 
  |-  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
 
  | style="width:25%; background:#7B8ABD" align="center"|  
Line 20: Line 78:
 
2. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Application Security Verification Standard|'''the assumed ones''']], please quantify in terms of percentage.
 
2. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications#OWASP Application Security Verification Standard|'''the assumed ones''']], please quantify in terms of percentage.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
Alpha quality for Document:  100 % (up to an explicit roadmap, which does not seem necessary for a single document project with one single contributor)
 +
 +
Final document: 50 %
 
  |-  
 
  |-  
 
  |-
 
  |-
Line 25: Line 86:
 
3. Please do use the right hand side column to provide advice and make work suggestions.
 
3. Please do use the right hand side column to provide advice and make work suggestions.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 +
Document sent to the author in the 1. week of July:
 +
[https://www.owasp.org/images/f/f0/Review_ASVS_pparrend_2008_07_05.doc]
 
|}
 
|}

Latest revision as of 10:26, 26 August 2008

Click here to return to the previous page.

50% REVIEW PROCESS

Project Deliveries & Objectives

OWASP Application Security Verification Standard Project's Deliveries & Objectives

QUESTIONS ANSWERS

1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised.

Alpha quality for documents

  • Agree to OWASP's open source license

OK: Attribution ShareAlike 2.5

  • The "main" page for any OWASP documentation project must be on the OWASP website. This page must:

o describe the purpose and scope of project, the project leader, contact info, and include all relevant links,

OK

o includes a roadmap/guideline pointing out the steps to achieve the purpose of project.

Not on the page

o includes a list of contributors, if a team effort.

Does not apply

o include the Alpha Quality Tool project tag. (Which we still need to define),

o be placed at OWASP Project page.

OK

  • Have all its content stored in the OWASP wiki.

OK

  • Mailing list for project created.

OK

  • Solves a core application security documentation/process need.

Selected for the Owasp SOC 2008 for this reason.

What has been done by the author

First version of the ASVS document, with a complete summary, a complete presentation of the overall presentation process and a half of the document sections that are written.

Summary

Next objectives of the author:

- Address comments on draft delivered 29th June as they are received.

- Start and complete work on remaining documents/sections.

- Address comments on remaining documents/sections as they are received.

- Update OWASAP web site project page with status (on 15th September).

- Update OWASAP web site project page with beta drafts (on 15th September).

- Develop and discuss with OWASP a proposal to select a beta candidate application developer and to conduct a trial certification.

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage.

Alpha quality for Document: 100 % (up to an explicit roadmap, which does not seem necessary for a single document project with one single contributor)

Final document: 50 %

3. Please do use the right hand side column to provide advice and make work suggestions.

Document sent to the author in the 1. week of July: [1]