The PHP Security Consortium (PHPSC) promotes secure programming practices within the PHP community through education and exposition while maintaining high ethical standards.
The PHP Security Consortium operates on a two tier membership scheme to ensure that only those willing to put in the effort are allowed to decide the Consortium’s affairs.
- Associate Members – Principals can invite people to participate in technical discussions on the internal mailing list. By joining the mailing list, subscribers become associate members of the Consortium. They also gain a right to participate in Consortium projects.
- Principals – Associate members that have made significant contributions to the Consortium by participating in one or more projects may be invited to become Principals. Their membership must be confirmed by a majority vote of the current Principals.
PHP Security Consortium work is organized into projects. Before work on a project begins, the project lead must prepare a proposal and submit the project for a vote.
- Each project must be approved by a majority vote before it becomes an official project of the Consortium.
- Each project must have a lead.
- Each project can have one or more team members whose work is coordinated by the project lead.
- Projects will not be publicized before the first development phase is completed (to avoid bad publicity from failed projects).
- Projects that fail to deliver are cancelled. Alternatively, the Consortium may assign a new project lead in an attempt to revive the project.