directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <>
Subject Re: ApacheCon EU 2007 CFP
Date Wed, 17 Jan 2007 14:21:29 GMT
I'd like to support you on this since I personally like your work and 
the topics sound really interesting but as PMC chair I have two *BIG* 
problems with this:

(1) You've been MIA and don't support your code when it comes to Java 
docs, external docs, test cases or community.  We have had several users 
that post to the ML asking about things that no one can respond to.  You 
think you're job is to just dump code here and everyone else is 
responsible for cleaning it up and making sure the build, doco and site 
is working.  Your behavior with respect to this community essentially 
reeks of a prima donna.  You might consider becoming a team player 
before asking the team for supporting presentations on topics you've 
made it impossible for us to support.  This leads to point 2 ...

(2) You seem to consistently misunderstand that at Apache we're not 
about technology but rather about community.  I do admit that these are 
interesting topics technically and I would love to overlook your 
community faults and just engage you pleasantly on these topics. 
However you have not discussed any of these topics or these capabilities 
on this mailing list.  We integrated the Kerberos code base and you came 
on to the PMC but all your actions with respect to sharing and being 
involved with the community are antithetical to that role.  Now you're 
doing presentations on features and functionality at ApacheCon that 
cannot really be supported by this community.  Yes no one knows about 
this stuff because you never engaged us about any of it on this mailing 
list.  What will happen when people see your presentation and post to 
our mailing list and no one is capable of supporting them?  You 
consistently don't think of these things which is the responsibility of 
a PMC member.

Having a solid community that users and developers can rely on is the 
key to the health and survival of an Apache project.  By doing these 
presentations at ApacheCon you're advertising features that you've added 
(or plan to add) without consulting the community and this does everyone 
on this project a disservice.

You're putting us in a tough spot so you can goto Amsterdam and have a 
nice presentation at the expense of our community.

This is something we all don't appreciate.


Enrique Rodriguez wrote:
> Hi, Directory developers,
> Today is the CFP for ApacheCon EU 2007.  The CFP site accepted my
> submissions, so I don't think I missed the cut-off!  Anyway, both of
> my talks have to do with Directory-backed authentication:  (AD1853) is
> the Kerberos talk I've given a couple times and (AD1854) basically
> replaces Kerberos with CardSpace technologies (WS-Trust, WS-Mex, and
> SAML).  So, if either or both talks interest you and you have CFP
> website access, then I would appreciate the support.  Log in and
> there's a link to "Rate the session proposals."  My abstracts are
> below.
> Enrique
> AD1853
> Title:  Secure Single-Sign-On with Apache Directory and Apache Kerberos
> Abstract:  The lead developer of the Kerberos protocol provider for
> the Apache Directory will discuss the use of Apache Directory as a
> "realm controller" for Linux and Windows machines. This talk will
> provide an overview of the Kerberos and Change Password protocol
> workflow. Significant time will be spent on the configuration of trust
> relationships and the configuration of both Linux and Windows machines
> to use Apache Directory as a Key Distribution Center (KDC). Hint:
> those attending this session should be interested in network
> authentication ("single-sign-on") using Kerberos realms. Prior
> experience with Kerberos is recommended.
> AD1854
> Title:  Using Apache Directory as an Identity Provider STS for CardSpace
> Abstract:  A member of the Apache Directory PMC will discuss the use
> of Apache Directory as a CardSpace Identity Provider "Security Token
> Service" (STS) for cross-platform web authentication.  This talk will
> introduce CardSpace and discuss the basics of the Subject, Relying
> Party, and Identity Provider roles.  Significant time will be spent on
> live demonstrations of an Identity Provider provisioning Managed Cards
> online and validating one-time password (OTP) tokens based on open
> standards (OATH).

View raw message