Return-Path: Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 7971 invoked by uid 500); 5 Sep 2002 23:41:33 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 7956 invoked from network); 5 Sep 2002 23:41:32 -0000 Date: Thu, 5 Sep 2002 16:41:38 -0700 (PDT) From: Marc Slemko To: dev@httpd.apache.org Subject: Re: [TALLY] aaa rewrite In-Reply-To: <20020905233616.GY5445@clove.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N On Thu, 5 Sep 2002, Aaron Bannert wrote: > On Thu, Sep 05, 2002 at 04:26:22PM -0700, Justin Erenkrantz wrote: > > aaa rewrite belongs in: > > > > 2.0: rbb, brianp, dreid, gstein, jim, rederpj, striker, trawick, > > ianh, gs, bnicholes > > 2.1: dpejesh, chris, aaron, hb > > > > If someone would like to do a release before I check in the aaa > > changes, I'd be game to hold off until Monday or Tuesday. > > > How long do you think it will take to get the auth changes stabilized > enough to make a GA-quality release? If this is more than about a week, > I *strongly* urge you to branch. The argument would be that they would never be stabilized until they are in HEAD since few people will use them until then. > The worst thing that could happen would be to have us run into a > security problem that needs to be fixed right away. Without a branch > we would have to revert all the auth changes back to a working state > (you're going to make a tag anyway, right??), make the release, and then > stick it all back in again. That's much uglier than just doing a branch > in the first place. We can make a branch for a security release after the fact, either off the last release or off the pre-auth-change tag and then build a security-fix-only release off that branch.