-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brad Nicholes wrote: >>>>[EMAIL PROTECTED] >>> >> >>Isn't it kind of weird and very premature to change the name of a >> module >>in 2.2, when the rewrite will not occur until 2.4? >> >>Letting 2.2 go out with the name mod_authz_host, would effectively be >>flipping the name from the well-established 1.3/2.0 mod_access for a >>reason which has not yet occurred. > > > But what you aren't taking into consideration is that the authentication > architecture in 2.2 is *not* the same as 1.3/2.0. We have already made > a significant leap forward and intend to continue that momentum in > 2.3/2.4. I see no reason to move backwards. There is still more work > to be done here which includes the authz portion of this whole thing.
Totally. I agree. > So instead of insisting that we move back to 2.0, lets move forward to > 2.4. But I'm *not* insisting that. What I *am* insisting, is that it is very misleading to rename a module in 2.2 to reflect future architectural changes which will _not_ be present in 2.2. Regardless of what may happen in the future, and what _other_ aaa architecture changes have happened, the situation in 2.2 is that access-checking and authorization-checking are handled as separate concepts, and there is user-visible directive (Satisfy) to control how the results of the two processes are merged into a final allow/deny decision. It is hard for an administrator to properly understand the Satisfy directive without understanding this division. Just to be clear, I completely support the renaming from mod_access to mod_authz_something once the underlying architecture really is unified. All I am asking is that the name change be done at the same time as the architectural change, not before it. Max. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Cygwin) iD8DBQFDiLW3fFNSmcDyxYARAmIVAJ4tZlFLUTT+rxHLOmJdq2Q+LOwvsQCbBuGW TMpNN9rWzwVJ/hMbPDmXvCY= =vtVq -----END PGP SIGNATURE-----
