On 23-03-2012 20:23, Rich Bowen wrote:
Having reviewed this document, I have a number of remarks.
1) This appears to be a document about "multi-use SSL certificates",
whatever that is. While useful content, it doesn't appear to be
directly relevant to the Apache HTTP Server, or have a place in the
HTTP Server documentation. I think that ideally what we want is
information that's directly useful in configuring the HTTP server.
2) Perhaps this content would be more readily accepted by the folks at
openssl.org <http://openssl.org> who are documenting stuff directly
related to the SSL protocol itself. We could then heavily link to that
resource over there.
I'm a bit of a stickler for deciding what the scope of our
documentation is, and then not straying too far outside of that. The
scope of our docs is the Apache HTTP Server and how to configure it.
While the theory of SSL itself intersects with configuring mod_ssl,
they are separate topics.
3) After private discussion with various people on the httpd
documentation project, I've received a similar response from many of
them, which goes something like this. If you want to participate in
the httpd docs effort, please do. The way to do that is to engage in
conversation on the docs mailing list. While we appreciate document
contributions, the best way to get them integrated into the docs is to
discuss it on list, and perhaps even to submit patches.
4) With this specific document, I'm rather concerned about copyright
issues. If we incorporate this in the docs, we'd remove the "sponsored
by" stuff, as well as (probably) the "about the authors" block. These
don't really have a place in a document that is being re-released
under the terms of the Apache Software License and will then be
subject to the open editing by the docs project. There are a few
places in the docs where individual names are mentioned, and these are
largely historical artifacts. We're not generally in the habit of
crediting authors in a document.
So, having said all of that, I should emphasize that this is one
opinion, and there are many other voices on this mailing list. Which
is, at least in part, why I might have come across as reluctant to
discuss this on the phone, outside of the mailing list, and
unilaterally declare the decision of the collective.
On Feb 20, 2012, at 12:55 PM, Geoffrey Noakes wrote:
ATTENTION: any Apache members who contribute to the SSL-related
portions of your HTTPD documentation.
Symantec (aka VeriSign SSL, Geotrust, and Thawte) wants to contribute
content to the SSL section. This will be done in a vendor-neutral,
vendor-independent way. We seek no advantage here, rather, we want
to clear up the misinformation and confusion around how wildcards and
SAN certificates work.
We are happy to contribute our content for others to incorporate into
the Apache documents. I have attached the content we provided long
ago. We are happy to work with anyone that can help us get this
content into Apache’s documentation on SSL related to HTTPD.
Also, we will be at RSA 2012. We would like to meet with Apache
members who are attending RSA.
Please contact me directly – it is difficult to sort through the many
email notices I receive fromd...@httpd.apache.org
<mailto:docs@httpd.apache.org>about this.
Thanks..
Geoff
Geoffrey W. Noakes
Director, Business Development
Symantec Corporation
geoffrey_noa...@symantec.com <mailto:geoffrey_noa...@symantec.com>
+1-415-370-5980
*From:*Rich Bowen [mailto:rbo...@rcbowen.com]
*Sent:*Monday, February 20, 2012 7:31 AM
*To:*docs@httpd.apache.org <mailto:docs@httpd.apache.org>
*Subject:*Re: Adding "Docs overhaul" to new_features_2_4
Ok, will do.
I think that the SSL portion of the docs is mostly new, too, although
I don't know for certain who worked on that.
--Rich
On Feb 20, 2012, at 9:40 AM, Rainer Jung wrote:
Hi docs@, hi Rich,
I think it would be nice to add a short statement about your
documentation overhaul to our novelties page about 2.4:
http://httpd.apache.org/docs/2.4/new_features_2_4.html
I didn't follow the docs changes in detail, so I'm not sure what to
highlight. I remember e.g. quite some commits to improve the Rewrite
Guide, but I'm sure there is other stuff as well. Apart from the
technical improvements I think we should also highlight the docs
improvements, because IMHO there was much more work done for the docs
than when releasing 2.2.
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org
<mailto:docs-unsubscr...@httpd.apache.org>
For additional commands, e-mail: docs-h...@httpd.apache.org
<mailto:docs-h...@httpd.apache.org>
--
Rich Bowen
rbo...@rcbowen.com <mailto:rbo...@rcbowen.com>:: @rbowen
rbo...@apache.org <mailto:rbo...@apache.org>
<Understanding Multi-Use Digital Certificates_Final.doc>
---------------------------------------------------------------------
To unsubscribe, e-mail:docs-unsubscr...@httpd.apache.org
<mailto:docs-unsubscr...@httpd.apache.org>
For additional commands, e-mail:docs-h...@httpd.apache.org
<mailto:docs-h...@httpd.apache.org>
--
Rich Bowen
rbo...@rcbowen.com <mailto:rbo...@rcbowen.com> :: @rbowen
rbo...@apache.org <mailto:rbo...@apache.org>
+1
I have read the paper, and I have found some of it useful as perhaps an
introduction to SSL and/or Wildcards and SAN. However, I feel it lacks
an overall perspective towards httpd, and, as it stands currently, would
be better suited hosted off-site and possibly linked to. As Rich also
mentioned, we cannot accept the paper in its current forms with explicit
mentions of companies and authors, it would both clash against the
general rule set of the httpd docs, as well as our individual agreements
with the ASF on publishing material.
If you could try to tune the text in to a more httpd oriented
perspective, so it would have its specific reasons to be in the httpd
documentation, I would welcome it with open arms, as we could surely use
some updated documentation.
With regards,
Daniel.
