Josh Grossman

I don't want to mess with the actual password length which has already been discussed a lot here: https://github.com/OWASP/ASVS/issues/913 Please can you propose how you would clarify the existing the...

@suvikaartinen I agree that there is inconsistency where sometimes it gives a length and sometimes it gives an entropy. Could you suggest updated wording for the various requirements which includes...

So my inclination is to close this unless @suvikaartinen has further suggestions for updated wording

Thanks @suvikaartinen, please can you confirm that those requirements are worded as similarly as possible to the current requirements in the 5.0 folder? @elarlang @Sjord what do you think about...

@elarlang I would have thought that only logs which the application is actually creating should be in scope? Are we expecting the developer to start investigating every other logging mechanism...

I guess we could leave it a little open like: ```Verify that an inventory exists documenting the logging performed at each layer of the application's technology stack, where that logging...

ok Elar, I have this as something you are working on

@elarlang do we still need this open if you have a separate issue tracking this?

@elarlang ping, does this need to stay open?

I need to review this to understand what exactly is happening here. Please don't merge it until I have done so