[WASC-WAFEC] Proposed "Conflict of Interest" Section?

Christian Heinrich christian.heinrich at cmlh.id.au
Fri Jul 19 20:09:24 EDT 2013


On Fri, Jul 19, 2013 at 7:21 PM, Achim Hoffmann <websec10 at sic-sec.org> wrote:
> just to be more precise: you mean that the "Conflict of interest" section
> points out that even the contributions are from 3 vendors, it has been reviewed
> by other (ca. 5) vendors. So we have ca. 8 vendors in total.
> Sounds fair.

I count seven people at
but I may be wrong.

At first glance
appears to be dominated by a single vendor.  However this is not the
case when it is considered under the context of names assigned to each
section within http://projects.webappsec.org/w/page/60249779/WAFEC_2_Outline

The core issue is that of first impression of the reader and
clarifying this at the beginning of WAFECv2 would avoid their above
(incorrect) conclusion by the reader [of WAFECv2].

I'll assume it might be possible to extract the percentage of each
contributor too and if the total of these three [contributors] are
lower than that of the other four [contributors] then this metric
would also be helpful?

Christian Heinrich


More information about the wasc-wafec mailing list