Hi Mark, This sounds like a great idea to me. Security is a very important topic, and the maturity of the Tomcat makes it a very secure choice for users. I am sure a lot of people will be interested to join in.
What is not completely clear to me on this event; would this event be focussed on improving the security of Tomcat from within (as a Hackathon suggests)? Like trying to find security flaws/improvements and get them fixed. or is this meant to be an educational event where information is shared about secure setups/hardening of the Tomcat in production systems? Or a little of both? For the educational/hardening aspect, it could be nice to team up with/involve OWASP? I am surely interested to pitch in on this topic! Kind regards, Maarten van Hulsentop Op di 29 sep. 2020 om 13:26 schreef Mark Thomas <ma...@apache.org>: > Hi all, > > We (the Tomcat community) have some funding from Google to help us > improve Tomcat security. Our original plan was to use the funding to > support an in-person security focussed hackathon. As you would expect, > those plans are on hold for now. We would, therefore, like to explore > the possibility of doing something virtually. > > The purpose of this email is to gather input from the community about > what such an event should look like. With that input we can put together > a plan for the event. So, over to you. What would your ideal virtual > event focussed on Tomcat Security look like? > > Thanks, > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
