directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny" <>
Subject Re: ApacheCon EU 2007 CFP
Date Wed, 17 Jan 2007 15:15:36 GMT
Well, when I read your proposals for ApacheCon EU, I was just asking myself
if it was fair to push materials without having asked any other project
committers about them. You didn't bothered *at all* that somebody else from
Directory could have also pushed very similar proposals, making us feel very

This drove me to these points :
1) Is ApacheCon a commercial show, where anybody can talk about anything
just to advertize himself or his company? I thought it was exactly the
opposite : expose the Apache project to the world, as some piece of software
endorsed by Apache committers.  This is all about Apache.

2) Ok, I must admit that your proposal could not have been submitted by
anyone but you, but just because no one except you knows anything about
kerberos and other almost sandboxed/dead subprojects. There have been almost
_no_ activity on this projects last year (barely one commit...) and the
source is in a state that is not really in the state of the art (no test
cases, no javadoc, etc). Would it be me only, these projects would have been
sandboxed back in september, instead of what I spent hours to update all the
headers to reflect the new Apache licence.

3) This lead me to the point where I really think that Alex is right. This
Directory server community has greatly increased lately, with 6 new very
active comitters (Pierre-Arnaud Marcelot, Stefan Seelmann, Christine
Koppelt, David Jencks, Ole Ersoy, Norval Hope - sorry for those I forgot to
mention - ). This is really good because no part of the server is totally
left in the hand of only one committer. Except your part. We have spent a
huge amount of time, Alex, Ersin, Trustin and I to support them, drive them
through the Apache Directory Server maze, and I must say that it's really a
success. Now, none of them as expressed interest in the Kerberos part, but
we weren't able to push the subject, because we don't have any knowledge
about it. You were suppose to be the one to do that, but you were totally
MIA last year. I don't think this is the best way to support a project.

4) Ok, life can be sometime difficult, with lot of work, lot of things to
cope with, but at least, it would have been polite to tell us "I may submit
some proposals, wdyt?" instead of pushing them straight. We are really
suppose to be a community. We can support any of us, we can even help if
needed, but we can only do that if we are asked to.

Well, I must say that I'm not very pleased with this situation. Sorry if you
fell like my words are offending, they are not supposed to be (but my
english is pretty rude and limited), I just wanted to stress out the fact
that we should behave as a group, not as individuals. This is what I think
Apache is all about. I really think that those kerberos things are important
to us, but, please, try or do your best to share informations with the group
before they get out of it.


On 1/17/07, Alex Karasulu < > wrote:
> I'd like to support you on this since I personally like your work and
> the topics sound really interesting but as PMC chair I have two *BIG*
> problems with this:
> (1) You've been MIA and don't support your code when it comes to Java
> docs, external docs, test cases or community.  We have had several users
> that post to the ML asking about things that no one can respond to.  You
> think you're job is to just dump code here and everyone else is
> responsible for cleaning it up and making sure the build, doco and site
> is working.  Your behavior with respect to this community essentially
> reeks of a prima donna.  You might consider becoming a team player
> before asking the team for supporting presentations on topics you've
> made it impossible for us to support.  This leads to point 2 ...
> (2) You seem to consistently misunderstand that at Apache we're not
> about technology but rather about community.  I do admit that these are
> interesting topics technically and I would love to overlook your
> community faults and just engage you pleasantly on these topics.
> However you have not discussed any of these topics or these capabilities
> on this mailing list.  We integrated the Kerberos code base and you came
> on to the PMC but all your actions with respect to sharing and being
> involved with the community are antithetical to that role.  Now you're
> doing presentations on features and functionality at ApacheCon that
> cannot really be supported by this community.  Yes no one knows about
> this stuff because you never engaged us about any of it on this mailing
> list.  What will happen when people see your presentation and post to
> our mailing list and no one is capable of supporting them?  You
> consistently don't think of these things which is the responsibility of
> a PMC member.
> Having a solid community that users and developers can rely on is the
> key to the health and survival of an Apache project.  By doing these
> presentations at ApacheCon you're advertising features that you've added
> (or plan to add) without consulting the community and this does everyone
> on this project a disservice.
> You're putting us in a tough spot so you can goto Amsterdam and have a
> nice presentation at the expense of our community.
> This is something we all don't appreciate.
> Alex
> Enrique Rodriguez wrote:
> > Hi, Directory developers,
> >
> > Today is the CFP for ApacheCon EU 2007.  The CFP site accepted my
> > submissions, so I don't think I missed the cut-off!  Anyway, both of
> > my talks have to do with Directory-backed authentication:  (AD1853) is
> > the Kerberos talk I've given a couple times and (AD1854) basically
> > replaces Kerberos with CardSpace technologies (WS-Trust, WS-Mex, and
> > SAML).  So, if either or both talks interest you and you have CFP
> > website access, then I would appreciate the support.  Log in and
> > there's a link to "Rate the session proposals."  My abstracts are
> > below.
> >
> > Enrique
> >
> > AD1853
> > Title:  Secure Single-Sign-On with Apache Directory and Apache Kerberos
> >
> > Abstract:  The lead developer of the Kerberos protocol provider for
> > the Apache Directory will discuss the use of Apache Directory as a
> > "realm controller" for Linux and Windows machines. This talk will
> > provide an overview of the Kerberos and Change Password protocol
> > workflow. Significant time will be spent on the configuration of trust
> > relationships and the configuration of both Linux and Windows machines
> > to use Apache Directory as a Key Distribution Center (KDC). Hint:
> > those attending this session should be interested in network
> > authentication ("single-sign-on") using Kerberos realms. Prior
> > experience with Kerberos is recommended.
> >
> > AD1854
> > Title:  Using Apache Directory as an Identity Provider STS for CardSpace
> >
> > Abstract:  A member of the Apache Directory PMC will discuss the use
> > of Apache Directory as a CardSpace Identity Provider "Security Token
> > Service" (STS) for cross-platform web authentication.  This talk will
> > introduce CardSpace and discuss the basics of the Subject, Relying
> > Party, and Identity Provider roles.  Significant time will be spent on
> > live demonstrations of an Identity Provider provisioning Managed Cards
> > online and validating one-time password (OTP) tokens based on open
> > standards (OATH).
> >

Emmanuel L├ęcharny

View raw message