[WASC-WAFEC] Minutes from BlackHat USA 2015
christian.heinrich at cmlh.id.au
Thu Sep 10 00:46:21 EDT 2015
On Thu, Jul 30, 2015 at 12:04 PM, Tony Turner <tony.turner at owasp.org> wrote:
> Definitely Christian. Feel free to stop by the OWASP booth at Black Hat and
> we can discuss the project. So far I have not received any responses on that
> other thread other than direct replies of encouragement, but no relevant or
> useful dialogue. I'll update the group if that changes as it's very relevant
> for planned future WAFEC activities. Thanks.
Tony and I discussed the draft minutes between ourselves and they are
(in my words):
1. We would like to know more history of the creation of WAFEC v1
aside from what is documented in the mailing list archive from 2011
2. The roadmap will be broken into multiple minor and major releases
rather than a single major release.
3. Tony published the roadmap at
and the time allocated for the the Release Candidate (RC) will be
extended to avoid a similar issue with the OWASP Top Ten 2013 release.
4. We welcome additional contributions to Section 1 through 5 aside
from what has been published at https://github.com/cmlh/WAFEC.
5. We agreed that each section will be peer reviewed but a different
contributor to that of the author(s).
6. Tony is in the process of correlating the proposed changes of v1,
the draft v2 and https://github.com/cmlh/WAFEC into a Google Doc.
Once this finalised then it will be open to the public.
7. The migration to MediaWiki and/or PBWorks will be agreed upon once
Google Docs is finalised.
8. We discussed funding, such as Tony travelling to present or funding
contributors not directly involved with a WAF vendor i.e. end users
such as myself. We need guidance as to how donations are accepted and
distributed by WASC since I and other OWASP Project Leaders distrust
the OWASP Foundation?
More information about the wasc-wafec