tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: TomcatCon @ ApacheCon
Date Thu, 19 Jan 2017 19:50:39 GMT
Hash: SHA256


On 1/19/17 1:32 PM, Coty Sutherland wrote:
>> That's a reasonable position to take IMO, it's just not the
>> position that the Tomcat team took.
> I think so ;)
>> The result was Tomcat 8.5 which is essentially the best of both 
>> worlds. One could argue that Tomcat 9 should have become Tomcat
>> 10 and Tomcat 8.5 should have instead been Tomcat 9.0, but our 
>> versioning-scheme has generally followed the Servlet-spec
>> version, so that Tomcat X+1 supports the spec version following
>> the one that Tomcat X supported.
> When you explain it that way it makes total sense, but users
> outside of the tomcat development circles (read
> maintainers/consumers of that distro's package, like freeipa)
> didn't know that so they assumed that it was just a regular 8.x
> release (and were probably confused where the 5 came from). I've
> been explaining that it's a fork of 9, etc but that isn't always
> well received which is understandable IMO.

Tomcat 8.5 introduces support for HTTP/2, JASPIC, and TLS virtual
hosting, adds a JSSE provider which uses OpenSSL for crypto with
NIO/NIO2, and drops support for the BIO connector. Those are all
pretty big changes, but Tomcat 9 can't be truly released until the
next spec version is finalized.

There is actually historical precedent for this with Tomcat 5.5.

Tomcat 5.0 supported the Servlet Spec 2.4, and the forthcoming Tomcat
6 would support Spec 2.5. Before Tomcat 6 was ready, major
improvements were made, such as being able to run Tomcat with only a
JRE and not a full JDK. These improvements required significant
changes which were deemed too major to put into Tomcat 5.0, and so
Tomcat 5.5 was released essentially as a replacement. Tomcat 5.0
immediately went into maintenance mode, only to receive security fixes.

The situation with Tomcat 8.0 is a little better: it is still
fully-supported, and probably will be at least until Tomcat 9 is stable.

I'm not entirely sure which version of Tomcat we'll give up on first:
7.0 or 8.0. One could make a good argument for either course of
action. But we the maintainers generally think that supporting 3
versions at a time is quite enough, thank you very much. We are
currently supporting 4 versions, if you count Tomcat 9. Some people
are using Tomcat 9, though I would hope for only very experimental
uses at this point.

>> It's important that the Tomcat team understands these outside 
>> perspectives. We may have made a different decision given that
>> kind of input. I'm glad that more maintainers, etc. are becoming
>> a part of this community. I think it's going to improve things
>> for everyone.
> I agree, which is why I'm here being vocal about it. Hopefully
> sharing my viewpoint will help us prevent future issues like this,
> or at least minimize them.
>> I'm looking forward to meeting you in Miami!
> Likewise! And thanks for the great explanation, it'll help my 
> arguments with consumers of the tomcat package later :)

As both a maintainer of Tomcat itself and a user of Debian Linux, I
can say that I have never liked the package-managed versions for a few
reasons (for example, little variety in versions available, plus only
very old versions being available). Perhaps I can be convinced to
switch to a package-managed version of Tomcat under certain
conditions, and that the version "problem" form my perspective can be
solved by some mutual collaboration.

We can certainly get into that in Miami.

- -chris
Comment: GPGTools -
Comment: Using GnuPG with Thunderbird -


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message