Re: [HASMAT] moving forward

Tobias Gondrom <> Thu, 02 September 2010 22:54 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3E7C43A635F for <>; Thu, 2 Sep 2010 15:54:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -94.842
X-Spam-Status: No, score=-94.842 tagged_above=-999 required=5 tests=[AWL=0.520, BAYES_00=-2.599, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DE=0.35, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id U-vdlJ0fhgbi for <>; Thu, 2 Sep 2010 15:54:01 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 891BA3A6359 for <>; Thu, 2 Sep 2010 15:54:00 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default;; b=RIezZET0bpGA/Gzo1rf+L+2OHFR+hxvOs2R1fw8ROal6WjxSnAvhCdBajBBmztLKM0Nlx0qcYu2h7mmuJUIPbFTzF/6ft7PSxunpQOW9Au/cmZbhbysO7ajisUb6WO3d; h=Received:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:X-Enigmail-Version:Content-Type:Content-Transfer-Encoding;
Received: (qmail 18425 invoked from network); 3 Sep 2010 00:46:32 +0200
Received: from (HELO seraphim.heaven) ( by with (DHE-RSA-AES256-SHA encrypted) SMTP; 3 Sep 2010 00:46:32 +0200
Message-ID: <>
Date: Thu, 02 Sep 2010 23:46:41 +0100
From: Tobias Gondrom <>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20100802 SUSE/3.1.2 Lightning/1.0b2 Thunderbird/3.1.2
MIME-Version: 1.0
References: <> <> <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [HASMAT] moving forward
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: HTTP Application Security Minus Authentication and Transport <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 02 Sep 2010 22:54:02 -0000

 On 09/02/2010 11:20 PM, Peter Saint-Andre wrote:
> On 9/2/10 1:37 PM, Steingruebl, Andy wrote:
>>> -----Original Message----- From:
>>> [] On Behalf Of Peter Saint-Andre 
>>> Sent: Thursday, September 02, 2010 12:17 PM To: Kai Engert Cc:
>>> Subject: Re: [HASMAT] moving forward
>>>> I wanted to propose "WebAppSec", but there's already 
>>> That's a good group to reach out to. :) Is anyone here involved
>>> with those folks? Are there other such groups to be aware of?
>> One of the Officers/Founders sits practically next to me.  I can
>> definitely check with the WASC folks if they are concerned about the
>> name.
> I was less interested in the name and more interested in technical
> input. :) The same would be true of the Open Web Application Security
> Project (OWASP) and other similar groups.
> However, we certainly don't want to stomp on names of existing groups...
> Peter
I got good connections to OWASP (been one their chapter leads back in
the day) and some other orgs.
I've been holding back a bit at the moment as our WG hadn't agreed on a
name yet and the charter.
And it can look quite odd if you invite people to a WG and say, but hey
we're not sure on the name/URL, it may change soon, and we don't really
know what will be in focus at the start either, yet....
(I know the state is better, but having at least the name ironed out
would feel much better when I run around and tell people about it to
bring them in...)

So far I have the impression the name issue is going towards a stable
tendency (for "websec"), which is good. And probably in a few days we
can settle that. And I urgently hope to see the revision of the initial
charter (Jeff?) soon, so that we can roll, i.e. have a discussion about
it and the drafts to work on.