Closed aiacobelli2 closed 7 months ago
I'm a little concerned that this is too jargony. Cheat Sheets are meant to be easy to read and understand and I'm afraid this will be too hard for beginners to parse.
I understand, but I've seen lot's of Appsec beginners not understanding the basic difference between identification, authentication, digital identity, and identity proofing. This basic misconception makes them not understand how to properly think about the subject. The same about user id's and usernames.
For example, in this cheat-sheet appears Oauth as an authentication framework and this is just wrong.
I do understand the concern, but I think we need to have a way of explaining the difference in a way that beginners can understand. This may be a matter of using simple language and the like. Technical definitions are definitely important but the purpose is different than that of a cheat sheet.
@otkd I like your suggestions. @aiacobelli2 would you like to incorporate them and update the PR?
I'm a little concerned that this is too jargony. Cheat Sheets are meant to be easy to read and understand and I'm afraid this will be too hard for beginners to parse.
I understand, but I've seen lot's of Appsec beginners not understanding the basic difference between identification, authentication, digital identity, and identity proofing. This basic misconception makes them not understand how to properly think about the subject. The same about user id's and usernames.
For example, in this cheat-sheet appears Oauth as an authentication framework and this is just wrong.
Your comment about OAuth is spot on, thank you for catching this!
These changes are super important. We have big mistakes regarding how we define these core terms and I totally support this work. Thank you everyone!
There are a few lint errors in the markup. Can you kindly fix those? I'll merge this soon after they are fixed.
@jmanico I think we should wait to merge this until @otkd's suggestions are implemented.
You got it, I have a quick trigger-finger to merge, but I will wait! :)
There are a few lint errors here but we are getting close!
I've tried to add/correct the first 4 titles.
Thank you for submitting a Pull Request (PR) to the Cheat Sheet Series.
Please make sure that for your contribution:
[TEXT](URL)
If your PR is related to an issue, please finish your PR text with the following line:
This PR covers issue #.
Thank you again for your contribution :smiley: