For a Cool Web Surfing

PHP Security Consortium

Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.

In addition to their educational efforts, the PHPSC engages in exploratory and experimental research in order to develop and promote standards of best practice for PHP application development.

PHP Security Consortium Charter

The PHP Security Consortium (PHPSC) promotes secure programming practices within the PHP community through education and exposition while maintaining high ethical standards.

The PHP Security Consortium operates on a two tier membership scheme to ensure that only those willing to put in the effort are allowed to decide the Consortium's affairs.

Principals can invite people to participate in technical discussions on the internal mailing list. By joining the mailing list, subscribers become associate members of the Consortium. They also gain a right to participate in Consortium projects.

Associate members that have made significant contributions to the Consortium by participating in one or more projects may be invited to become Principals. Their membership must be confirmed by a majority vote of the current Principals.

PHP Security Consortium work is organized into projects. Before work on a project begins, the project lead must prepare a proposal and submit the project for a vote.

• Each project must be approved by a majority vote before it becomes an official project of the Consortium.

• Each project must have a lead.

• Each project can have one or more team members whose work is coordinated by the project lead.

• Projects will not be publicized before the first development phase is completed (to avoid bad publicity from failed projects).

• Projects that fail to deliver are cancelled. Alternatively, the Consortium may assign a new project lead in an attempt to revive the project.

Go to PHP Security Consortium website.