santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Davanum Srinivas" <dava...@gmail.com>
Subject Re: TLP Resolution
Date Tue, 02 May 2006 12:05:44 GMT
+1 to #3 (you as chair and all of us as pmc members)

On 5/2/06, Berin Lautenbach <berin@wingsofhermes.org> wrote:
> All,
>
> So we have two names that people seem to like
>
> Raksha
> Santuary
>
> Any other takers?
>
> We also have a scope of
>
> "...open-source software related to security..."
>
> Thoughts welcome!
>
> If no more ideas come forth on either of these, I'm going to start a
> vote covering:
>
> 1.  The proposal - do people support it to go to the board
> 2.  The name
> 3.  A PMC Chair.  My thinking is all current committers become PMC members.
>
> On #3 - I'm going to volunteer, but I'd also encourage anyone else who
> is interested to put their names or the names of others forward!
>
> Cheers,
>         Berin
>
> Davanum Srinivas wrote:
>
> > Here's one i was thinking about - Raksha (http://en.wikipedia.org/wiki/Raksha)
> >
> > thanks,
> > dims
> >
> > On 3/15/06, Jesse Pelton <jsp@pkc.com> wrote:
> >
> >>Some random ideas to get the name game going, based on your indicated
> >>vision for the project: "SecureSoft," "Security Software," "Vault,"
> >>"Shield," "Armor," "Guard," "Sanctuary," ,"Citadel," "Surety," "Security
> >>Blanket" (or "Linus," with a nod to Charles Schulz' "Peanuts," but you'd
> >>want to get permission).  With the possible exception of the last, none
> >>of these indulge the Apache penchant for obscure references, though.
> >>
> >>But the name is really the last piece.  You need a clearly articulated
> >>purpose and scope before you can come up with a name that fits.
> >>
> >>-----Original Message-----
> >>From: Berin Lautenbach [mailto:berin@wingsofhermes.org]
> >>Sent: Wednesday, March 15, 2006 3:13 AM
> >>To: security-dev@xml.apache.org
> >>Subject: Re: TLP Resolution
> >>
> >>Thoughts welcome :>.
> >>
> >>Berin Lautenbach wrote:
> >>
> >>
> >>>OK - I'm going to take the idea to the board.
> >>>
> >>>Before I do - we need a couple of things.
> >>>
> >>>1.  A name.  I'd personally be against anything fancy or non-obvious.
> >>>But I don't really want to use "Apache Security" as I think it will
> >>>get too confusing against the security group within the ASF (the group
> >>
> >>>that looks after security bug reports etc.)  "Apache Infosec"?
> >>>"Apache Secure"?  Obviously there is a reason I never went into
> >>
> >>marketing :>.
> >>
> >>>2.  A scope.  Probably not hard.  "...open-source software related to
> >>>security..." is a good place to start I suspect :>.
> >>>
> >>>I also wouldn't mind to take some first steps as to what we want to
> >>
> >>do.
> >>
> >>> Obviously set up xml-security and JuiCE, but I'd personally like to
> >>>see the ASF become a source of best practice for security software as
> >>
> >>well.
> >>
> >>> Longer term - but an interesting goal for a tlp within the ASF.  And
> >>>if we are going to use this as an exercise in raising interest in what
> >>
> >>>we are doing inside/outside the ASF, then we want to think about what
> >>>kind of message we want to give people when the project goes to top
> >>
> >>level.
> >>
> >>>I'd also like to use it as a central point people can go to in order
> >>>to see all security related software in the ASF.  Not to have projects
> >>
> >>>like WS-Security under the security project, but to have links to
> >>>other projects/efforts in the ASF that are related to security
> >>
> >>software.
> >>
> >>>Thoughts welcome!
> >>>
> >>>Cheers,
> >>>      Berin
> >>>
> >>>Ben Laurie wrote:
> >>>
> >>>
> >>>
> >>>>Davanum Srinivas wrote:
> >>>>
> >>>>
> >>>>
> >>>>>Dear Ben and Dear Ben,
> >>>>>
> >>>>>what do you guys think? A Security Federation/TLP/PMC. Starting with
> >>>>>Apache XML-Security and Apache Juice.
> >>>>
> >>>>
> >>>>It sounds like a very good idea to me, I'd certainly support it. Of
> >>>>course, we already have a CA. Written in, errr, perl :-)
> >>>>
> >>>>Cheers,
> >>>>
> >>>>Ben.
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>>thanks,
> >>>>>-- dims
> >>>>>
> >>>>>On 3/11/06, Berin Lautenbach <berin@wingsofhermes.org> wrote:
> >>>>>
> >>>>>
> >>>>>
> >>>>>>I would be interested in widening it as well - with the proviso
that
> >>
> >>>>>>it is like a federation.  I.e. we use it to seed projects then
build
> >>
> >>>>>>them and spawn them into TLPs once they grow to size.
> >>>>>>
> >>>>>>I might start sounding some people out.
> >>>>>>
> >>>>>>Dims - what's your thoughts?
> >>>>>>
> >>>>>>On the subject - having spent the most of Saturday searching
for a
> >>>>>>decent Open Source CA, I'd now be interested in building one
that
> >>>>>>doesn't use &^%$##@^%^ perl.  I.e. do the core in C++ with
perl/PHP
> >>>>>>being used for the interfacing only.
> >>>>>>
> >>>>>>Cheers,
> >>>>>>      Berin
> >>>>>>
> >>>>>>Werner Dittmann wrote:
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>>+1 from me.
> >>>>>>>
> >>>>>>>Just a comment regarding the charter: is it really only Apache
XML
> >>>>>>>Security? IMHO this would be a bit too narrow, for example
JuiCE is
> >>
> >>>>>>>not dependent on XML, maybe other security related software
will be
> >>
> >>>>>>>pop up later as well.
> >>>>>>>
> >>>>>>>I would like to see an "Apache Security" PMC that would address
all
> >>
> >>>>>>>kind of security relevant software and act as a solid base
to
> >>>>>>>deliver security functions to other Apache projects. Also
we may
> >>>>>>>think to browse existing Apache projects to see if there
is already
> >>
> >>>>>>>software (maybe even multiply implemented) and pool them
here.
> >>>>>>>
> >>>>>>>BTW, I would be happy to be a part of this activity.
> >>>>>>>
> >>>>>>>Regards,
> >>>>>>>Werner
> >>>>>>>
> >>>>>>>Berin Lautenbach wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>>Peoples,
> >>>>>>>>
> >>>>>>>>Sometime back we talked about becoming a TLP.  With the
recent
> >>>>>>>>JuiCE efforts, + JSR 105 + XKMS we are starting to see
a few
> >>>>>>>>different things occuring.  I'd be hugely in favour of
starting
> >>>>>>>>something at a higher level in Apache to get some visibility.
> >>>>>>>>
> >>>>>>>>I'm also toying with the idea of creating a broader security
> >>>>>>>>project/federation to encourage that kind of software
within the
> >>
> >>ASF.
> >>
> >>>>>>>>Thoughts?
> >>>>>>>>
> >>>>>>>>Draft proposal for the board below.  If we want to do
this - all
> >>>>>>>>active committers will need to vote either on this or
on a broader
> >>
> >>>>>>>>(or even
> >>>>>>>>narrower!) charter terms of reference that we all can
agree to.
> >>>>>>>>
> >>>>>>>>Cheers,
> >>>>>>>>   Berin
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>    WHEREAS, the Board of Directors deems it to be in
the best
> >>>>>>>>    interests of the Foundation and consistent with the
> >>>>>>>>    Foundation's purpose to establish a Project Management
> >>>>>>>>    Committee charged with the creation and maintenance
of
> >>>>>>>>    open-source software related to XML security technologies,
> >>>>>>>>    for distribution at no charge to the public.
> >>>>>>>>
> >>>>>>>>    NOW, THEREFORE, BE IT RESOLVED, that a Project Management
> >>>>>>>>    Committee (PMC), to be known as the "Apache XML Security
> >>
> >>PMC",
> >>
> >>>>>>>>    be and hereby is established pursuant to Bylaws of
the
> >>>>>>>>    Foundation; and be it further
> >>>>>>>>
> >>>>>>>>    RESOLVED, that the Apache XML Security PMC be and
hereby is
> >>>>>>>>    responsible for the creation and maintenance of software
> >>>>>>>>    related to creation and maintenance of open-source
software
> >>>>>>>>    related to XML security technologies based on software
> >>
> >>licensed
> >>
> >>>>>>>>    to the Foundation; and be it further
> >>>>>>>>
> >>>>>>>>    RESOLVED, that the office of "Vice President, Apache
XML
> >>>>>>>>    Security" be and hereby is created, the person holding
such
> >>>>>>>>    office to serve at the direction of the Board of
Directors as
> >>>>>>>>    the chair of the Apache XML Security PMC, and to
have primary
> >>>>>>>>    responsibility for management of the projects within
the
> >>
> >>scope
> >>
> >>>>>>>>    of responsibility of the Apache XML Security PMC;
and be it
> >>>>>>>>    further
> >>>>>>>>
> >>>>>>>>    RESOLVED, that the persons listed immediately below
be and
> >>>>>>>>    hereby are appointed to serve as the initial members
of the
> >>>>>>>>    Apache XML Security PMC:
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> <!-- List out all committers in format of
> >>>>>>>>   Berin Lautenbach <berin@wingsofhermes.org> 
-->
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>    NOW, THEREFORE, BE IT FURTHER RESOLVED, than ??
> >>>>>>>>    <??@apache.org> appointed to the office of
Vice President,
> >>>>>>>>    Apache XML Security, to serve in accordance with
and subject
> >>>>>>>>    to the direction of the Board of Directors and the
Bylaws of
> >>
> >>the
> >>
> >>>>>>>>    Foundation until death, resignation, retirement,
removal or
> >>>>>>>>    disqualification, or until a successor is appointed;
and be
> >>
> >>it
> >>
> >>>>>>>>    further
> >>>>>>>>
> >>>>>>>>    RESOLVED, that the initial Apache XML Security PMC
be and
> >>
> >>hereby
> >>
> >>>>>>>>    is tasked with the creation of a set of bylaws intended
to
> >>>>>>>>    encourage open development and increased participation
in the
> >>>>>>>>    Apache XML Security Project; and be it further
> >>>>>>>>
> >>>>>>>>    RESOLVED, that the initial Apache XML Security PMC
be and
> >>
> >>hereby
> >>
> >>>>>>>>    is tasked with the migration and rationalization
of the
> >>
> >>Apache
> >>
> >>>>>>>>    XML PMC XML Security subproject; and be it further
> >>>>>>>>
> >>>>>>>>    RESOLVED, that all responsibility pertaining to the
XML XML
> >>>>>>>>    Security sub-project and encumbered upon the Apache
XML PMC
> >>
> >>are
> >>
> >>>>>>>>    hereafter discharged.
> >>>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>--
> >>>>>Davanum Srinivas : http://wso2.com/blogs/
> >>>>>
> >>>>>
> >>>>
> >>>>
> >>>>
> >>>
> >
> >
> > --
> > Davanum Srinivas : http://wso2.com/blogs/
> >
> >
>


--
Davanum Srinivas : http://wso2.com/blogs/

Mime
View raw message