wasc-wafec@lists.webappsec.org

WASC Web Application Firewall Evaluation Criteria Project Mailing List

View all threads

WAFEC writing and review procedure / schedule

OS
Ofer Shezaf
Mon, Dec 10, 2012 12:55 PM

Hi All,

As the target date for submitting a draft for the different sections is
getting near (Dec 31st!), I would like to touch on few points regarding
process

First, I will take the chapters no one volunteered for.

Formats, submission and reviews:

  •     Contributors:
    

o  Each contributor can select whatever format they wish to write in, as
long as they can share with the list in a format that everyone can read and
that I can aggregate later on. HTML would  be best. If you use a Word, share
with the list in PDF and send me the word file for consolidation once the
time comes.

o  You can either use the WAFEC Wiki to upload the files (I can assist) or
store wherever you want (for example OWASP wiki). Send only links to the
list.

  •     Reviewers:
    

o  Please send your comments publicly to the list. I think the discussion
should be public.

  •     When the final drafts are in, I will consolidate the documents to
    

ensure consistent formatting.

Schedule:

  •     Dec 31st - 1st draft
    
  •     Jan 22nd - review period
    
  •     Jan 31st - final draft incorporating review.
    
  •     Feb 25th - RSA - I would like to shoot for actually releasing for
    

RSA. Let's make final decision once the 1st drafts are out.

As a reminder, this is the list of contributors:

  • Introduction - Ofer Shezaf
  • What is a WAF? - Achim Hoffmann
  • Security - threats and mitigation - Ryan Barnett
  • Security - protection techniques - Ryan Barnett
  • Environment suitability (Deployment Options) - Mark Kraynak
  • Supporting functionality - management, reporting and analytic,
    security - Ofer Shezaf
  • Supporting functionality -  Performance, reliability, physical
    characteristics - Ofer Shezaf
  • Supporting functionality - integration - Ofer Shezaf
  • Appendix - Integrated Related Features - Erwin Huber
  • Appendix - none technical criteria  - Erwin Huber
  • Appendix - alternative solutions - Ofer Shezaf

~ Ofer

Ofer Shezaf

[+972-54-4431119; ofer@shezaf.com mailto:ofer@shezaf.com , www.shezaf.com]

Hi All, As the target date for submitting a draft for the different sections is getting near (Dec 31st!), I would like to touch on few points regarding process First, I will take the chapters no one volunteered for. Formats, submission and reviews: * Contributors: o Each contributor can select whatever format they wish to write in, as long as they can share with the list in a format that everyone can read and that I can aggregate later on. HTML would be best. If you use a Word, share with the list in PDF and send me the word file for consolidation once the time comes. o You can either use the WAFEC Wiki to upload the files (I can assist) or store wherever you want (for example OWASP wiki). Send only links to the list. * Reviewers: o Please send your comments publicly to the list. I think the discussion should be public. * When the final drafts are in, I will consolidate the documents to ensure consistent formatting. Schedule: * Dec 31st - 1st draft * Jan 22nd - review period * Jan 31st - final draft incorporating review. * Feb 25th - RSA - I would like to shoot for actually releasing for RSA. Let's make final decision once the 1st drafts are out. As a reminder, this is the list of contributors: * Introduction - Ofer Shezaf * What is a WAF? - Achim Hoffmann * Security - threats and mitigation - Ryan Barnett * Security - protection techniques - Ryan Barnett * Environment suitability (Deployment Options) - Mark Kraynak * Supporting functionality - management, reporting and analytic, security - Ofer Shezaf * Supporting functionality - Performance, reliability, physical characteristics - Ofer Shezaf * Supporting functionality - integration - Ofer Shezaf * Appendix - Integrated Related Features - Erwin Huber * Appendix - none technical criteria - Erwin Huber * Appendix - alternative solutions - Ofer Shezaf ~ Ofer Ofer Shezaf [+972-54-4431119; ofer@shezaf.com <mailto:ofer@shezaf.com> , www.shezaf.com]