On Mar 13, 2009, at 1:14 AM, Emmanuel Lecharny wrote:
David Jencks wrote:
On Mar 12, 2009, at 11:50 AM, Les Hazlewood wrote:
Per this thread:
http://www.jsecurity.org/node/1081#comment-289
It appears that we can't use Ki.
So far the development team seems to be happy with "Apache
Security API",
which can have (good) far reaching implications for a good quality
framework. Any objections?
I think it implies that this project is happy to include all java
security work at apache. For instance, would you be happy to
include a xamcl jacc implementation that did not use your Subject
but rather the JAAS subject? It would certainly be a java security
implementation but AFAICT has little to no overlap with what you
are doing now.
I think it also has a connotation that apache has somehow approved
your api and all projects needing java security are expected to
use it.
Dunno if anyone else gets these ideas from the name but I do. And
I'm certainly not implying anything about the nature or quality of
this project.... just that naming one project for the entire field
of which it is an example may not be without problems and
implications.
There is some implication that need to be overviewed, that's for
sure. Now, we may need a general security umbrella for many
different project related to security. This could be a good starting
point.
I agree with David's observations.
I totally disagree that we need a security umbrella.
Regards,
Alan
