Some random ideas to get the name game going, based on your indicated
vision for the project: "SecureSoft," "Security Software," "Vault,"
"Shield," "Armor," "Guard," "Sanctuary," ,"Citadel," "Surety," "Security
Blanket" (or "Linus," with a nod to Charles Schulz' "Peanuts," but you'd
want to get permission). With the possible exception of the last, none
of these indulge the Apache penchant for obscure references, though.
But the name is really the last piece. You need a clearly articulated
purpose and scope before you can come up with a name that fits.
-----Original Message-----
From: Berin Lautenbach [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 15, 2006 3:13 AM
To: [email protected]
Subject: Re: TLP Resolution
Thoughts welcome :>.
Berin Lautenbach wrote:
OK - I'm going to take the idea to the board.
Before I do - we need a couple of things.
1. A name. I'd personally be against anything fancy or non-obvious.
But I don't really want to use "Apache Security" as I think it will
get too confusing against the security group within the ASF (the group
that looks after security bug reports etc.) "Apache Infosec"?
"Apache Secure"? Obviously there is a reason I never went into
marketing :>.
2. A scope. Probably not hard. "...open-source software related to
security..." is a good place to start I suspect :>.
I also wouldn't mind to take some first steps as to what we want to
do.
Obviously set up xml-security and JuiCE, but I'd personally like to
see the ASF become a source of best practice for security software as
well.
Longer term - but an interesting goal for a tlp within the ASF. And
if we are going to use this as an exercise in raising interest in what
we are doing inside/outside the ASF, then we want to think about what
kind of message we want to give people when the project goes to top
level.
I'd also like to use it as a central point people can go to in order
to see all security related software in the ASF. Not to have projects
like WS-Security under the security project, but to have links to
other projects/efforts in the ASF that are related to security
software.
Thoughts welcome!
Cheers,
Berin
Ben Laurie wrote:
Davanum Srinivas wrote:
Dear Ben and Dear Ben,
what do you guys think? A Security Federation/TLP/PMC. Starting with
Apache XML-Security and Apache Juice.
It sounds like a very good idea to me, I'd certainly support it. Of
course, we already have a CA. Written in, errr, perl :-)
Cheers,
Ben.
thanks,
-- dims
On 3/11/06, Berin Lautenbach <[EMAIL PROTECTED]> wrote:
I would be interested in widening it as well - with the proviso that
it is like a federation. I.e. we use it to seed projects then build
them and spawn them into TLPs once they grow to size.
I might start sounding some people out.
Dims - what's your thoughts?
On the subject - having spent the most of Saturday searching for a
decent Open Source CA, I'd now be interested in building one that
doesn't use &[EMAIL PROTECTED] perl. I.e. do the core in C++ with perl/PHP
being used for the interfacing only.
Cheers,
Berin
Werner Dittmann wrote:
+1 from me.
Just a comment regarding the charter: is it really only Apache XML
Security? IMHO this would be a bit too narrow, for example JuiCE is
not dependent on XML, maybe other security related software will be
pop up later as well.
I would like to see an "Apache Security" PMC that would address all
kind of security relevant software and act as a solid base to
deliver security functions to other Apache projects. Also we may
think to browse existing Apache projects to see if there is already
software (maybe even multiply implemented) and pool them here.
BTW, I would be happy to be a part of this activity.
Regards,
Werner
Berin Lautenbach wrote:
Peoples,
Sometime back we talked about becoming a TLP. With the recent
JuiCE efforts, + JSR 105 + XKMS we are starting to see a few
different things occuring. I'd be hugely in favour of starting
something at a higher level in Apache to get some visibility.
I'm also toying with the idea of creating a broader security
project/federation to encourage that kind of software within the
ASF.
Thoughts?
Draft proposal for the board below. If we want to do this - all
active committers will need to vote either on this or on a broader
(or even
narrower!) charter terms of reference that we all can agree to.
Cheers,
Berin
WHEREAS, the Board of Directors deems it to be in the best
interests of the Foundation and consistent with the
Foundation's purpose to establish a Project Management
Committee charged with the creation and maintenance of
open-source software related to XML security technologies,
for distribution at no charge to the public.
NOW, THEREFORE, BE IT RESOLVED, that a Project Management
Committee (PMC), to be known as the "Apache XML Security
PMC",
be and hereby is established pursuant to Bylaws of the
Foundation; and be it further
RESOLVED, that the Apache XML Security PMC be and hereby is
responsible for the creation and maintenance of software
related to creation and maintenance of open-source software
related to XML security technologies based on software
licensed
to the Foundation; and be it further
RESOLVED, that the office of "Vice President, Apache XML
Security" be and hereby is created, the person holding such
office to serve at the direction of the Board of Directors as
the chair of the Apache XML Security PMC, and to have primary
responsibility for management of the projects within the
scope
of responsibility of the Apache XML Security PMC; and be it
further
RESOLVED, that the persons listed immediately below be and
hereby are appointed to serve as the initial members of the
Apache XML Security PMC:
<!-- List out all committers in format of
Berin Lautenbach <[EMAIL PROTECTED]> -->
NOW, THEREFORE, BE IT FURTHER RESOLVED, than ??
<[EMAIL PROTECTED]> appointed to the office of Vice President,
Apache XML Security, to serve in accordance with and subject
to the direction of the Board of Directors and the Bylaws of
the
Foundation until death, resignation, retirement, removal or
disqualification, or until a successor is appointed; and be
it
further
RESOLVED, that the initial Apache XML Security PMC be and
hereby
is tasked with the creation of a set of bylaws intended to
encourage open development and increased participation in the
Apache XML Security Project; and be it further
RESOLVED, that the initial Apache XML Security PMC be and
hereby
is tasked with the migration and rationalization of the
Apache
XML PMC XML Security subproject; and be it further
RESOLVED, that all responsibility pertaining to the XML XML
Security sub-project and encumbered upon the Apache XML PMC
are
hereafter discharged.
--
Davanum Srinivas : http://wso2.com/blogs/
