Menu
▾
▴
RE: [Owasp-input-api-developers] Vision Document
|
From: Christopher T. <ch...@ch...> - 2002-08-13 03:36:02
|
If we are going to be voting Apache style (which I support), then I would have vote -1 for this version of the doc for the following reasons (other than the specifics below, however, I think it is a good start): 1) In Word format. The document states that changes can be made by submitting diffs to the document. How do you do that with a Word doc? For consistency with the stated goal of the rest of the OWASP project, it should be in DocBook format (I volunteer to convert it - I'll try to do that this weekend). 2) I strongly disagree with the statement: "We will NOT develop for any proprietary technologies such as Microsoft .NET or Microsoft DCOM in any shape or form." Since when is Java *not* a proprietary technology? Furthermore, what you are saying with this statement is that MS coders don't deserve tools to help them make their web apps more secure, which is preposterous. They need tools like the Filters API even worse than folks who use Java. To preclude any programming language would be irresponsible. On the other hand, this is an open source software project, so if none of us feels like porting the API to .NET or whatever, then so be it. :-) 3) What is meant by "correctly 'Huffman Encoded' interfaces"? This isn't an objection so much as a point of clarification - maybe I'm a total ignoramus, but I ususally assume that if I don't know what something means, I'm probably not the only one. 4) I am not sure I understand the whole boundary filter idea. I don't necessarily want to re-hash something that's already been discussed, but if someone could provide a simple description or example, I'd appreciate it. I know what boundary checking is, I'm just not sure you're talking about the same thing. 5) I think we will need to consider a wider character set than UTF-8, for I18N reasons. This may present a porting challenge, as different languages have differing levels of support for Unicode (just to cite one possible encoding). 6) There are numerous typos and grammatical errors that I'll try to fix when I convert this to DocBook this weekend. Regards, Chris -----Original Message----- From: owa...@li... [mailto:owa...@li...]On Behalf Of Alex Russell Sent: Monday, August 12, 2002 1:06 PM To: owa...@so... Cc: Mark Curphey Subject: [Owasp-input-api-developers] Vision Document Hey Everyone, After much discussion, the project is now (apparently) stalled. To combat this, Mark Curphey and I have drafted a "vision document" to outline the purpose of the project and our preferred approach to development. You'll find the document attached for your review. Gabe or Mark should be announcing a vote on the document soon, so it'd be good if everyone were familiar with it's contents before we vote to adopt it. Thanks, Alex -- Alex Russell al...@Se... al...@ne... |
