Summit 2011 Working Sessions/Session027

From OWASP
Revision as of 23:11, 2 February 2011 by Abraham Kang (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Global Summit 2011 Home Page
Global Summit 2011 Tracks

WS. secure coding.jpg Contextual Output Encoding
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.
WORKING SESSION IDENTIFICATION
Short Work Session Description This session will focus on making existing output encoding codecs better as well as creating new codecs to address additional output encoding contexts.
Related Projects (if any)


Email Contacts & Roles Chair
Chris Schmidt @

Operational Manager
Mailing list
Subscription Page
WORKING SESSION SPECIFICS
Objectives
  1. Increase coverage and functionality of existing Output Encoding Codecs
  2. Create new codecs to cover more output encoding contextual needs
  3. Introduce these codecs in a way that doesn't interfere with ESAPI Modularization Tasks
  4. Draft an implementation guide for Application Framework Developers to implement ESAPI Output Encoding into their Application Frameworks

Venue/Date&Time/Model Venue/Room
OWASP Global Summit Portugal 2011
Date & Time


Discussion Model
participants and attendees

WORKING SESSION OPERATIONAL RESOURCES
Projector, whiteboards, markers, Internet connectivity, power

WORKING SESSION ADDITIONAL DETAILS
WORKING SESSION OUTCOMES / DELIVERABLES
Proposed by Working Group Approved by OWASP Board

Increase coverage and functionality of existing Output Encoding Codecs

After the Board Meeting - fill in here.

New drop in set of codecs for the ESAPI Encoder to use for additional contexts

After the Board Meeting - fill in here.

Implementation Guide for Framework Developers to integrate Output Encoding into their Application Framework. This should be a simple guide that can be distributed en masse to framework developers as a push to get them involved in making their frameworks more secure by eliminating XSS.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

WORKING SESSION PARTICIPANTS
Name Company Notes & reason for participating, issues to be discussed/addressed



Justin Clarke @
Gotham Digital Science

Abraham Kang