I agree Tim, but what would that name be without potentially sounding like we might be a clearing house in ASF for all things security? That's the trick...
We could just call it Apache Simple Security. Now... what would the JIRA key for that be? ;) Sorry, I needed a little levity :) What about Aplok? (APpLication LOcK) That seems to be clear of USPTO patents and trademarks, and I don't see any relevant google results.... On Fri, Mar 13, 2009 at 10:09 AM, Tim Veil <[email protected]> wrote: > Les I agree with you about the potential for the name to be a bit > misleading. I think that point alone is worth some serious discussion. > > One more thought about the name... If we were discussing a new name for > some social network or other web 2.0 gimmick I would agree that we should > should strive to find a "Web 2.0y" name. As a security framework I don't > think we need hold ourselves to that standard. In this space, I think the > more obvious and straightforward the name is the more successful we could > be. I know there are dozens of examples that support and contradict this > point, but "commons-lang" doesn't suffer from low adoption because the name > isn't catchy. > > Tim > > > > On Fri, Mar 13, 2009 at 9:28 AM, Les Hazlewood <[email protected] > >wrote: > > > Yeah, I thought about this as well, and it might be a little misleading > as > > an umbrella project. I mean, sure, we want to be the most comprehensive > > security project out there (that is still easy to use), but such a name > > might imply that our primary objective would be to support almost any > > security case needed by the ASF. I'm not sure we want that implicit > > responsibility. Maybe we do, I dunno... > > > > What about taking just any name from the Apache language itself? It > > doesn't > > have to mean anything security related, as long as it isn't in use. At > > least then its a little more 'in the family'... > > > > Thoughts? > > > > On Fri, Mar 13, 2009 at 3:36 AM, David Jencks <[email protected] > > >wrote: > > > > > > > > On Mar 12, 2009, at 11:50 AM, Les Hazlewood wrote: > > > > > > Per this thread: > > >> > > >> http://www.jsecurity.org/node/1081#comment-289 > > >> > > >> It appears that we can't use Ki. > > >> > > >> So far the development team seems to be happy with "Apache Security > > API", > > >> which can have (good) far reaching implications for a good quality > > >> framework. Any objections? > > >> > > > > > > I think it implies that this project is happy to include all java > > security > > > work at apache. For instance, would you be happy to include a xamcl > jacc > > > implementation that did not use your Subject but rather the JAAS > subject? > > > It would certainly be a java security implementation but AFAICT has > > little > > > to no overlap with what you are doing now. > > > > > > I think it also has a connotation that apache has somehow approved your > > api > > > and all projects needing java security are expected to use it. > > > > > > Dunno if anyone else gets these ideas from the name but I do. And I'm > > > certainly not implying anything about the nature or quality of this > > > project.... just that naming one project for the entire field of which > it > > is > > > an example may not be without problems and implications. > > > > > > thanks > > > david jencks > > > > > > > > > > > >> > > >> - Les > > >> > > > > > > > > >
