The OS community is starting to call this project 'Ki' (wicket integration, blogs). I honestly think we're fine with this name moving forward - totally different business domain than FixFlyer's - there is no overlap here IMO.
I'd like to tell the infra@ guys to move forward with wiki creation and other things related to project infrastructure until we all agree on something different. Waiting until we all agree could cripple this project for another 3 or 4 months, and I think that would be really, really bad for the project... The name change was formally voted upon and agreed, and as such I don't think we should stop efforts related to the name change until another such vote occurs. Can we continue with infrastructure? Thoughts? On Mon, Mar 16, 2009 at 10:02 AM, Les Hazlewood <[email protected]>wrote: > The problem with authx is that it doesn't convey the other two areas that > round out the project's functionality: Cryptography and Session Management. > > And thanks for contributing suggestions. It is really hard to pick a name > that clears multiple criteria, so I appreciate the effort :) > > > On Mon, Mar 16, 2009 at 9:55 AM, Ben <[email protected]> wrote: > >> What about using terminology from JSecurity itself? >> >> something like : RealmSec >> >> ... or decoupling JSec from Java by claiming it stands for Just Security ? >> >> Similarly, it's common to refer to Authorization and Authentication as >> Authz and Authc, so why not authx? That's quite cool? >> >> It seems like a real risk that you're going to just pick a sub-optimal >> name on a whim here. Let the discussion carry on a while. >> >> At first glance, they all seem plausibly available. >> >> Kindest Regards, >> >> Ben >> >> >> Les Hazlewood wrote: >> >>> Hi Kalle, >>> >>> Yes, I agree - it is a bit of a stretch for an abbreviation, but I was >>> really looking for a random made-up word that _could_ be based on a more >>> direct name for a security project. It seems like Aseca does alright in >>> that space. >>> >>> I guess it might sound like Acegi a bit, but maybe because of my >>> ignorance >>> of Acegi, I just never thought of that. The other thing is that >>> particular >>> project is no longer called Acegi, and given that our name is different >>> (enough) and founded based on an abbreviation (of sorts), I don't think >>> we'd >>> have any problems. >>> >>> I also thought of just using Asa or Asea, but there are many more search >>> hits for those two terms and wouldn't give us decent google visibility >>> (and >>> might actually be a conflict, I'm not sure), whereas Aseca seems to be >>> more >>> ideal in the 'hit factor' department. At least it clears all the major >>> criteria for finding a new name that I can think of... >>> >>> - Les >>> >>> On Sat, Mar 14, 2009 at 1:39 PM, Kalle Korhonen >>> <[email protected]>wrote: >>> >>> >>> >>>> As an abbreviation, feels a bit forced, but as a random made-up word >>>> Aseca >>>> sounds alright. A bit close to Acegi, which could be good or bad and >>>> then >>>> again, they renamed that project to Spring Security (Acegi 2 anyone? :) >>>> >>>> Kalle >>>> >>>> >>>> On Sat, Mar 14, 2009 at 8:30 AM, Les Hazlewood <[email protected] >>>> >>>> >>>>> wrote: >>>>> Ok, I think I might have a winner here: >>>>> >>>>> Application SECurity Api (ASECA) >>>>> >>>>> Nothing comes up at all in a USPTO search, it is generic, kinda rolls >>>>> off >>>>> the toungue/easy to pronounce, it does not assume an Apache 'blanket' >>>>> project, and best, it does not have any existing software projects that >>>>> I >>>>> can find. In fact, there is only one decent match from google for the >>>>> "Association of Securities and Exchange Commission Alumni", which I >>>>> don't >>>>> think anyone will disagree is _totally_ different and unrelated to our >>>>> project. There are some PDFs that reference 'aseca', but none are >>>>> >>>>> >>>> related >>>> >>>> >>>>> to software or security. >>>>> >>>>> What do you guys think? This might be the best I can come up with... >>>>> >>>>> - Les >>>>> >>>>> On Fri, Mar 13, 2009 at 9:15 PM, Alan D. Cabrera <[email protected] >>>>> >>>>> >>>>>> wrote: >>>>>> On Mar 13, 2009, at 10:09 AM, Les Hazlewood wrote: >>>>>> >>>>>> Now that I've had time to think about it more, if ASF and the >>>>>> >>>>>> >>>>> Incubator >>>> >>>> >>>>> are >>>>>>> ok with 'Apache Security', I think we should try to use that as the >>>>>>> project >>>>>>> name. >>>>>>> >>>>>>> This would certainly open up the floodgates for lots of contributions >>>>>>> >>>>>>> >>>>>> from >>>>> >>>>> >>>>>> the ASF community and new ideas, given that it would have wider >>>>>>> visibility. >>>>>>> Many projects (Geronimo, Tomcat, et. al) could all help guide us as >>>>>>> to >>>>>>> what >>>>>>> they would want. I think that'd be great for the project's >>>>>>> >>>>>>> >>>>>> livelihood, >>>> >>>> >>>>> as >>>>> >>>>> >>>>>> well as be nice for the ASF community as a place where they could >>>>>>> consolidate and focus efforts. >>>>>>> >>>>>>> >>>>>>> >>>>>> That's the case for us right now. Interest in this project is based >>>>>> >>>>>> >>>>> solely >>>>> >>>>> >>>>>> on the product itself and the openness of the community, not by the >>>>>> implication of the name. >>>>>> >>>>>> Mentors - do you think we could use that name? (Or Apache Security >>>>>> API >>>>>> >>>>>> >>>>> or >>>>> >>>>> >>>>>> Apache Security Framework, or whatever)? >>>>>>> >>>>>>> >>>>>>> >>>>>> There would be HUGE resistance from the other projects that are doing >>>>>> >>>>>> >>>>> their >>>>> >>>>> >>>>>> own security mechanisms. >>>>>> >>>>>> IMO, let a thousand flowers bloom. >>>>>> >>>>>> >>>>>> Regards, >>>>>> Alan >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> On Fri, Mar 13, 2009 at 4:14 AM, Emmanuel Lecharny < >>>>>>> >>>>>>> >>>>>> [email protected] >>>>> >>>>> >>>>>> wrote: >>>>>>>> >>>>>>>> >>>>>>> David Jencks wrote: >>>>>>> >>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> On Mar 12, 2009, at 11:50 AM, Les Hazlewood wrote: >>>>>>>>> >>>>>>>>> Per this thread: >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>> http://www.jsecurity.org/node/1081#comment-289 >>>>>>>>>> >>>>>>>>>> It appears that we can't use Ki. >>>>>>>>>> >>>>>>>>>> So far the development team seems to be happy with "Apache >>>>>>>>>> Security >>>>>>>>>> API", >>>>>>>>>> which can have (good) far reaching implications for a good quality >>>>>>>>>> framework. Any objections? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> I think it implies that this project is happy to include all java >>>>>>>>> security >>>>>>>>> work at apache. For instance, would you be happy to include a >>>>>>>>> xamcl >>>>>>>>> jacc >>>>>>>>> implementation that did not use your Subject but rather the JAAS >>>>>>>>> subject? >>>>>>>>> It would certainly be a java security implementation but AFAICT has >>>>>>>>> little >>>>>>>>> to no overlap with what you are doing now. >>>>>>>>> >>>>>>>>> I think it also has a connotation that apache has somehow approved >>>>>>>>> >>>>>>>>> >>>>>>>> your >>>>> >>>>> >>>>>> api and all projects needing java security are expected to use it. >>>>>>>>> >>>>>>>>> Dunno if anyone else gets these ideas from the name but I do. And >>>>>>>>> >>>>>>>>> >>>>>>>> I'm >>>> >>>> >>>>> certainly not implying anything about the nature or quality of this >>>>>>>>> project.... just that naming one project for the entire field of >>>>>>>>> >>>>>>>>> >>>>>>>> which >>>> >>>> >>>>> it is >>>>>>>>> an example may not be without problems and implications. >>>>>>>>> >>>>>>>>> There is some implication that need to be overviewed, that's for >>>>>>>>> >>>>>>>>> >>>>>>>> sure. >>>>> >>>>> >>>>>> Now, >>>>>>>> we may need a general security umbrella for many different project >>>>>>>> related >>>>>>>> to security. This could be a good starting point. >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> -- >>>>>>>> >>>>>>>> cordialement, regards, >>>>>>>> Emmanuel Lécharny >>>>>>>> www.iktek.com >>>>>>>> directory.apache.org >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>> >>> >> >> >
