[WASC-WAFEC] WAFEC workshop in Athens

Christian Heinrich christian.heinrich at cmlh.id.au
Sun Aug 26 04:41:25 EDT 2012


In light of their acknowledged poor WAF "source code" implementation
(which OWASP tried to improve) and my positive proposal to consider it
as part of WAFEC in light of its shortcomings i.e.
then I can't provide comment on what improvements could be made to our
(i.e. WAFEC/WASC) standing with OWASP without further objective
information since I was not present at this OWASP session in Athens.

I will encourage both Dr. Dirk Wetter and/or Sebastian Deleersnyder to
provide their viewpoint?

Apologies in the delay in responding but I am having trouble accessing
"personal" internet during the weekdays due to my work location at the
moment.  So expect my next reply to be sometime next weekend i.e. from
1 September

On Sun, Aug 19, 2012 at 10:06 PM, Ofer Shezaf <ofer at shezaf.com> wrote:
> Christian,
> It has nothing to do with OWASP. It's a basic right of the people
> themselves. I am not saying they would object, I just don't see a huge value
> in listing them given that I did not ask their permission in the 1st place.
> ~ Ofer
> -----Original Message-----
> From: Christian Heinrich [mailto:christian.heinrich at cmlh.id.au]
> Sent: Sunday, August 19, 2012 1:34 PM
> To: Ofer Shezaf
> Cc: wasc-wafec at lists.webappsec.org
> Subject: Re: [WASC-WAFEC] WAFEC workshop in Athens
> Ofer,
> I don't believe that OWASP would have an issue with publishing the names of
> the others attendees considering the "O" in OWASP refers to "Open" in the
> context of transparency.
> Perhaps Dr. Dirk Wetter and/or Sebastian Deleersnyder may recall their
> names?
> On Sun, Aug 19, 2012 at 8:25 PM, Ofer Shezaf <ofer at shezaf.com> wrote:
>>As to the other 4, I neglected to write down a list or  ask them if
>>they allow me to publish their participation.

Christian Heinrich


More information about the wasc-wafec mailing list