This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

ISWG Status 200812

Jump to: navigation, search

The goals of December/January included:

  • Formalizing the documents from the EU Summit and publish them
  • Following up with HTTPOnly work

The group, led by Bil Corry and including Jim Manico, Arshan Dabirsiaghi and others have been involved with spinning off all of the HTTPOnly RFC draft work into an official IETF group. This work will continue and has attracted other notables researchers and may result in an in-person meeting later in the year.

The documents from the EU Summit have been formalized. I have sent a last call for comments to the OWASP leader lists for the Web Application Framework security consumer report. Also, I have posted the Open Letter to the Browsers and am seeking last minute revisions before publishing in early February.

In the month of February I plan on spending time publicizing the OWASP Open Letter to the Browsers, maintaining the Web Application Framework Security Matrix, and continuing to reach out to the Struts and Spring frameworks.