websecurity -- The Web Security Mailing List


About websecurity
English (USA)

What is The Web Security Mailing List?
The Web Security Mailing List is an open information forum for discussing topics relevant to web security. Topics include, but are not limited to, industry news and technical discussions surrounding web applications, proxies, honeypots, new attack types, methodologies, application firewalls, discoveries, experiences, web servers, application servers, database security, tools, solutions, and others.

The Web Security Mailing List is maintained by the Web Application Security Consortium (WASC)

How do I unsubscribe?
There are two ways to unsubscribe.

Email websecurity-unsubscribe@lists.webappsec.org, you should receive a reply indicating that you'd like to unsubscribe. Simply reply to the unsubscribe email request and you will be removed. Be sure to check your spam folder as the unsubscribe request may be triggered by your spam software.

At the bottom of this page you'll see a textbox and 'Unsubscribe of edit options' button. Put your email in this textbox and click it. On the next page at the very bottom you'll see 'Unsubscribe' with a button called 'Unsubscribe', click it. By clicking on the Unsubscribe button, a confirmation message will be emailed to you. This message will have a link that you should click on to complete the removal process (you can also confirm by email; see the instructions in the confirmation message).

I don't know my password, how do I get it?
At the bottom of this page you'll see a textbox and 'Unsubscribe of edit options' button. Put your email in this textbox and click it. On the next page at the very bottom you'll see 'Password reminder' with a button called 'Remind'. Click 'Remind' to have your password emailed to you.

When was The Web Security Mailing List created?
April, 2005

What is appropriate content?
As a general rule, ask your questions concisely and politely. Post should be respectful, contain no foul language or personal derogatory remarks. When voicing disagreement or dislike for something, again be polite and respectful.

Post Guidelines:
* The mailing list discussion is meant to be informative and collaborative.
* All postings must be in English.
* Post should be text based (no html)
* Questions and conversation surrounding relevant to the above topics.
* Posts announcing "new" and/or updated commercial products may be approved provided they are relevant to the list, restricted to one paragraph in length, contain factual information, and free of marketing hype. Open source product announcements carry the same requirements, but may be a full page in length.

What is inappropriate content?
* Rants, flames, ethics or morality discussion, and general inflammatory conduct.
* Non web security related posts
* Topics of an illegal or disreputable nature
* HTML posts
* Product advertisements
* "How to hack into..." questions
* Unresolved security issues within an actual website.
* Vulnerability advisories in products, applications, or websites. These disclosures should be directed toward Bugtraq, Full-Disclosure, VulnWatch, Secunia, or the website owners.

Is the list moderated?

Who is the moderator(s)?
The list moderator(s) are responsible for applying the charter fairly and equally to all received posts. As such the moderators maintain full discretion over deciding what is appropriate content for the list. Please communicate with Robert Auger regarding any complains or disputes for resolution.

* Robert Auger (Moderator)

Do you verify the information on list?
No, information within list posts are not verified. The Web Security Mailing List moderation process is used to apply the charter and keep the list discussion on topic. The moderators or WASC does not verify, endorse, validate, or recommend any solutions, patches, tools, products, information, solutions, vulnerabilities, or exploits posted by third parties to the list. While moderators make every effort to remove malware from list traffic, WASC or the moderators cannot be held responsible or liable for any damage caused by a post.

Where are the list archives?

To see the collection of prior postings to the list, visit the websecurity Archives.

Using websecurity
To post a message to all the list members, send email to websecurity@lists.webappsec.org.

You can subscribe to the list, or change your existing subscription, in the sections below.

Subscribing to websecurity

Subscribe to websecurity by filling out the following form. You will be sent email requesting confirmation, to prevent others from gratuitously subscribing you. This is a hidden list, which means that the list of members is available only to the list administrator.

    Your email address:  
    Your name (optional):  
    You may enter a privacy password below. This provides only mild security, but should prevent others from messing with your subscription. Do not use a valuable password as it will occasionally be emailed back to you in cleartext.

    If you choose not to enter a password, one will be automatically generated for you, and it will be sent to you once you've confirmed your subscription. You can always request a mail-back of your password when you edit your personal options.
    Pick a password:  
    Reenter password to confirm:  
    Which language do you prefer to display your messages? English (USA)  
    Would you like to receive list mail batched in a daily digest? No Yes
websecurity Subscribers
(The subscribers list is only available to the list administrator.)

Enter your admin address and password to visit the subscribers list:

Admin address: Password:   

To unsubscribe from websecurity, get a password reminder, or change your subscription options enter your subscription email address:

If you leave the field blank, you will be prompted for your email address

websecurity list run by websecurity-owner at lists.webappsec.org
websecurity administrative interface (requires authorization)
Overview of all lists.webappsec.org mailing lists

Delivered by Mailman
version 2.1.33
Python Powered GNU's Not Unix