shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kalle Korhonen <kalle.o.korho...@gmail.com>
Subject Re: [DISCUSS] Graduation Resolution
Date Thu, 19 Aug 2010 22:29:55 GMT
Ok we passed the incubator vote with flying colors. Les, please send
the TLP submission to the Board's next meeting agenda, following
instructions at
http://incubator.apache.org/guides/graduation.html#toplevel. I suppose
we are not in a hurry, but it needs to done at least 72 hours hours
before the next meeting. Enormous thanks to Craig and Alan at this
point, your mentoring has been invaluable!

There's a list of chores to do after we become a TLP but we'll cross
that bridge when we get there. In the meantime, we can work on getting
1.1 ready for release right after we are official.

Kalle


On Fri, Aug 13, 2010 at 11:59 AM, Les Hazlewood <lhazlewood@apache.org> wrote:
> Sounds good to me - please feel free to post.
>
> Thanks!
>
> Les
>
> On Fri, Aug 13, 2010 at 10:37 AM, Kalle Korhonen
> <kalle.o.korhonen@gmail.com> wrote:
>> I'm on a roll here - Les, I can start the IPMC recommendation vote
>> shortly unless you specifically want to do that. I think we'll just
>> start the vote right away and rephrase the resolution during the vote
>> if needed (though
>> http://incubator.apache.org/guides/graduation.html#toplevel suggests
>> posting the resolution on IPMC before the vote). Given that we already
>> had a discussion on the resolution and it was linked to community
>> vote, I doubt the wording in the proposed resolution is going to
>> create any controversy.
>>
>> Kalle
>>
>>
>> On Mon, Aug 9, 2010 at 10:42 AM, Les Hazlewood <lhazlewood@apache.org> wrote:
>>> Yep, that's it - our community vote and then the IPMC recommendation
>>> vote.  Looks like we're in the home stretch!
>>>
>>> Les
>>>
>>> On Mon, Aug 9, 2010 at 10:08 AM, Kalle Korhonen
>>> <kalle.o.korhonen@gmail.com> wrote:
>>>> From http://incubator.apache.org/guides/graduation.html#toplevel -
>>>> with suggested owners and timeline added
>>>>
>>>>  Graduation to a top level project requires:
>>>>
>>>>    * a charter for your project - done
>>>>    * a positive community graduation VOTE - Kalle, this week (starting
(08/09)
>>>>    * a positive IPMC recommendation VOTE - Les, next week (starting
>>>> (08/16 assuming community vote tallied and succeeded)
>>>>    * the acceptance of the resolution by the Board (add it to the
>>>> September board meeting agenda as soon as recommendation vote
>>>> succeeds)
>>>>
>>>> The next board meeting is 3rd of September. The proposed timeline
>>>> should give us enough time to put it on the agenda. If no objections,
>>>> I'll send out the community vote email this evening.
>>>>
>>>> Kalle
>>>>
>>>>
>>>>
>>>> On Sun, Aug 8, 2010 at 6:03 PM, Alan D. Cabrera <list@toolazydogs.com>
wrote:
>>>>> So what are the remaining items to kick this thing out of the Incubator?
>>>>>
>>>>>
>>>>> Regards,
>>>>> Alan
>>>>>
>>>>> On Aug 5, 2010, at 12:37 PM, Kalle Korhonen wrote:
>>>>>
>>>>>> Hey at least we got a discussion out of it. I agree, I think we'll
>>>>>> keep it as is unless somebody suggests otherwise.
>>>>>>
>>>>>> Kalle
>>>>>>
>>>>>>
>>>>>> On Thu, Aug 5, 2010 at 12:33 PM, Les Hazlewood <lhazlewood@apache.org>
wrote:
>>>>>>> I gotcha - and I'm glad your brought it up.  As you said, that's
what
>>>>>>> this email thread is for :)
>>>>>>>
>>>>>>> I think it is probably best that we leave it as the broad/general
>>>>>>> statement that it is - it is conceivable that we might add something
>>>>>>> else to the framework later on and I wouldn't want to be limited
>>>>>>> because our mission statement implies that it might be out of
scope.
>>>>>>> I think that kind of stuff is better left to the community to
decide.
>>>>>>> Just thinking out loud...
>>>>>>>
>>>>>>> Les
>>>>>>>
>>>>>>> On Thu, Aug 5, 2010 at 12:15 PM, Kalle Korhonen
>>>>>>> <kalle.o.korhonen@gmail.com> wrote:
>>>>>>>> Security is still bigger than "authentication, authorization,
session
>>>>>>>> management and cryptography" combined. Cryptography may be
a huge part
>>>>>>>> of the project, but we are mainly users of the cryptographic
>>>>>>>> algorithms rather than providers of them. On session management
I
>>>>>>>> agree, and probably should be noted if we wanted to be specific
but
>>>>>>>> suppose it can be seen as being included in overall "related
to
>>>>>>>> application security" statement. I'm fine leaving the statement
broad
>>>>>>>> but that's about the only topic in the resolution we should
discuss so
>>>>>>>> I wanted to make sure that we agree with it.
>>>>>>>>
>>>>>>>> Kalle
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Aug 5, 2010 at 11:35 AM, Les Hazlewood <lhazlewood@apache.org>
wrote:
>>>>>>>>> Yeah, I just copied Cayenne's resolution and changed
only what
>>>>>>>>> absolutely needed to be changed to make it Shiro-specific.
 I thought
>>>>>>>>> this would be the 'safest' route to quickest approval
since the
>>>>>>>>> Incubator graduation criteria page specifically recommended
that it be
>>>>>>>>> used as an example from which we could create our own.
>>>>>>>>>
>>>>>>>>> And I'm surprised to hear the potential suggestion to
limit our domain
>>>>>>>>> to only authentication and authorization.  Session Management
and
>>>>>>>>> Cryptography are two huge parts of the overall project!
 At least
>>>>>>>>> based on our project origins and current mission statement,
Shiro is
>>>>>>>>> supposed to be the most comprehensive application security
framework
>>>>>>>>> available.  I personally feel that we should retain
this mission,
>>>>>>>>> which is why I left the wording very general.
>>>>>>>>>
>>>>>>>>> Just my .02,
>>>>>>>>>
>>>>>>>>> Les
>>>>>>>>>
>>>>>>>>> On Thu, Aug 5, 2010 at 10:48 AM, Kalle Korhonen
>>>>>>>>> <kalle.o.korhonen@gmail.com> wrote:
>>>>>>>>>> Back to the original matter now. I added Craig on
the resolution and
>>>>>>>>>> didn't make other edits. I think it should be called
"Project
>>>>>>>>>> Resolution" rather than "Graduation Resolution" but
since it'd change
>>>>>>>>>> the url and only the content matters I didn't bother.
I'm not a huge
>>>>>>>>>> fan of the fancy sentences either (I do not believe
for a second that
>>>>>>>>>> legal language for some reason needs to be complicated)
but I don't
>>>>>>>>>> think we have a lot of leeway in the matter and even
if we did, it's
>>>>>>>>>> not worth the effort. While the resolution is not
the same as a
>>>>>>>>>> mission statement, it includes a mission statement
which is the only
>>>>>>>>>> part in it that matters to me and which we might
want to expand on a
>>>>>>>>>> bit. Specifically the resolution says "The Apache
Shiro Project be and
>>>>>>>>>> hereby is
>>>>>>>>>> responsible for the creation and maintenance of a
software
>>>>>>>>>> project related to application security". Does that
cover all and only
>>>>>>>>>> what the project and we are set to do? I don't have
any exact
>>>>>>>>>> suggestions - it's a bit short but could do even
as is. We could
>>>>>>>>>> though specifically limit our domain to "authentication
and
>>>>>>>>>> authorization" - security as a whole is more than
just those two
>>>>>>>>>> aspects.
>>>>>>>>>>
>>>>>>>>>> Kalle
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Wed, Aug 4, 2010 at 12:40 PM, Kalle Korhonen
>>>>>>>>>> <kalle.o.korhonen@gmail.com> wrote:
>>>>>>>>>>> Thanks Les, will review.
>>>>>>>>>>>
>>>>>>>>>>> I don't want to turn this into a voting thread
and I don't think we
>>>>>>>>>>> need a formal vote on it either, but +1 from
me as well for Craig to
>>>>>>>>>>> stay on, we couldn't have gotten this far without
him!
>>>>>>>>>>>
>>>>>>>>>>> Kalle
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Aug 4, 2010 at 11:59 AM, Les Hazlewood
<lhazlewood@apache.org> wrote:
>>>>>>>>>>>> A huge +1 from me for Craig joining the PMC.
 Thanks for offering Craig!
>>>>>>>>>>>>
>>>>>>>>>>>> Les
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, Aug 4, 2010 at 11:40 AM, Craig L
Russell
>>>>>>>>>>>> <craig.russell@oracle.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Aug 4, 2010, at 11:03 AM, Alan D.
Cabrera wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> You are correct.  Mentors do not
automatically become project members.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Correct.
>>>>>>>>>>>>>
>>>>>>>>>>>>> However, it's generally considered a
good idea to have at least one Apache
>>>>>>>>>>>>> Foundation Member on each PMC. Often
this is the PMC chair. Sometimes the
>>>>>>>>>>>>> mentors volunteer to stay on at least
for a while to help the new PMC get
>>>>>>>>>>>>> settled.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I'd be happy to help out by being on
the new PMC if you'll have me.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Craig
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>>> Alan
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Aug 4, 2010, at 10:31 AM, Les
Hazlewood wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> A quick note:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I assume Mentors are not to be
automatically listed as project members
>>>>>>>>>>>>>>> since their relationship with
the project is to help through the
>>>>>>>>>>>>>>> incubation process, and (formally)
their responsibility with the
>>>>>>>>>>>>>>> incubator podling is released
upon graduation (per the last paragraph
>>>>>>>>>>>>>>> in the Graduation Resolution).
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> This is *not* a reflection of
any desire not to have them as project
>>>>>>>>>>>>>>> members should they wish to participate
- it merely reflects my
>>>>>>>>>>>>>>> understanding of the role/scope
of an Incubator Mentor.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Cheers,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Les
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Wed, Aug 4, 2010 at 10:23
AM, Les Hazlewood <lhazlewood@apache.org>
>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I've posted my initial draft
of the Apache TLP Graduation Resolution
>>>>>>>>>>>>>>>> here:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> https://cwiki.apache.org/confluence/display/SHIRO/Graduation+Resolution
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Please review and comment.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Thanks!
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Les
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Craig L Russell
>>>>>>>>>>>>> Architect, Oracle
>>>>>>>>>>>>> http://db.apache.org/jdo
>>>>>>>>>>>>> 408 276-5638 mailto:Craig.Russell@oracle.com
>>>>>>>>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>

Mime
View raw message