[WASC-WAFEC] WAFEC 2.0 phase 1: exploratory discussion (deadline: June 14th)

Ofer Shezaf ofer at shezaf.com
Thu May 31 06:44:58 EDT 2012

Thanks to all who volunteered to contribute to this project going forward
(and those who didn't - you still can!)


I would like to boot up the project with a short exploratory phase
identifying why we need a new release and therefore what we need in it.


To guide the discussion, I think that the reasons we need v2 fall into two

1.      Things that have changed - new (or obsolete) deployment modes,
techniques, attacks, or even something new altogether.

2.      Issues we discovered in WAFEC over the years. Some issues I
encountered are identifying specific requirements and sorting out what's
important and what's not.


>From this discussion I hope to derive a mission statement, a tasks list and
therefore a schedule for the V2 project. All those will be the next phase. 


I would give this phase two weeks (until June 14th), however I am on
vacation from the 9th, so would accept input but not join the discussion on
the last few days.


I would also want to thank Thorsten and Mirko for leading the project until
now. I do hope that I will get from you all more cooperation than they did!
I would also want to extend a personal apology to Thorsten and Mirko as the
leader switch was not well coordinated. Thorsten and I discussed this over
the last week and he gracefully agreed to let me give a try to leading this
project forward.


Thank you all!

~ Ofer


Ofer Shezaf

[+972-54-4431119; ofer at shezaf.com, www.shezaf.com]


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/wasc-wafec_lists.webappsec.org/attachments/20120531/f22e4168/attachment-0003.html>

More information about the wasc-wafec mailing list