[WASC-WAFEC] What should we change in WAFEC 2.0?

Christian Heinrich christian.heinrich at cmlh.id.au
Tue Jun 19 03:08:44 EDT 2012


On Mon, Jun 18, 2012 at 9:11 PM, Alexander Meisel
<alexander.meisel at artofdefence.com> wrote:
> I disagree with your take on this ...
> SSLvpn has nothing to do with WAF so it should not even be mentioned.
> Whatever your device does aside from WAF should not be part of the WAFec.
> Your devices consumes power as well. So should you mention all regional
> certifications in WAFec as well (it complies to; like TÜV, FCC etc.) ...
> probably not.

I would be willing to support this if Ken could provide a number of
supporting references from F5 customers (I am not expecting Ken to
have to post these to a public mailing list) based on his "As a
customer" quote below (I know Ken isn't a customer BTW) i.e.

> On 07.06.12 18:15, Kenneth Salchow wrote:
>> As a customer, I probably already have a number of other solutions and
>> it would be extremely valuable for me to know if any given WAF innately

The resulting draft section could be then voted on for
inclusion/exclusion in the upcoming release of WAFEC?

Christian Heinrich


More information about the wasc-wafec mailing list