RE: Prepare for 1.0.0-RC3
Thank you Sammi for the taking and trying to move on. A question is, I'm not sure if it's required or smooth for you to do this without the committer ship. Anyway, please let we know if you need help, thanks. Regards, Kai -Original Message- From: Chen, Sammi [mailto:sammi.c...@intel.com] Sent: Wednesday, October 12, 2016 7:01 PM To: 'kerby@directory.apache.org' Subject: RE: Prepare for 1.0.0-RC3 Hi All, Since there are no more suggestions, I 'm going to start the RC3 release progress. Regards, Sammi -Original Message- From: Chen, Sammi Sent: Tuesday, September 27, 2016 10:23 AM To: kerby@directory.apache.org Subject: RE: Prepare for 1.0.0-RC3 Hi All, Since Jiajia is taking leave, I will help to move on Kerby 1.0 release. Thanks for all your support. So far, following items are done, 1. Update the readme and Javadoc Done 2. Do some test of tools Done 3. Add logs to improve exception handle Done Please suggest if anything missed or should be handled before the release. Thanks, Sammi -Original Message- From: Li, Jiajia [mailto:jiajia...@intel.com] Sent: Wednesday, July 27, 2016 2:53 PM To: kerby@directory.apache.org Subject: Prepare for 1.0.0-RC3 Hi all, March 13, the 1.0.0-RC2 of Kerby was released. We're thinking about a new Kerby release(RC3). >From Mar 13 to Jul 27, 60 JIRA issues were resolved, including following >important features: 1. Kerby authorization support. Gerard and Richard provided the large patch 2. XDR support 3. Some remote kadmin API(add, delete and list) 4. Some important fixes for JWT pre-authentication and SimpleKdcServer I thinks the following issues should be solved before release: 1. Update the readme and javadoc 2. Do some tests of tools. What else did I miss here? How do you think about this? Thanks Jiajia
RE: Prepare for 1.0.0-RC3
Hi All, Since there are no more suggestions, I 'm going to start the RC3 release progress. Regards, Sammi -Original Message- From: Chen, Sammi Sent: Tuesday, September 27, 2016 10:23 AM To: kerby@directory.apache.org Subject: RE: Prepare for 1.0.0-RC3 Hi All, Since Jiajia is taking leave, I will help to move on Kerby 1.0 release. Thanks for all your support. So far, following items are done, 1. Update the readme and Javadoc Done 2. Do some test of tools Done 3. Add logs to improve exception handle Done Please suggest if anything missed or should be handled before the release. Thanks, Sammi -Original Message- From: Li, Jiajia [mailto:jiajia...@intel.com] Sent: Wednesday, July 27, 2016 2:53 PM To: kerby@directory.apache.org Subject: Prepare for 1.0.0-RC3 Hi all, March 13, the 1.0.0-RC2 of Kerby was released. We're thinking about a new Kerby release(RC3). >From Mar 13 to Jul 27, 60 JIRA issues were resolved, including following >important features: 1. Kerby authorization support. Gerard and Richard provided the large patch 2. XDR support 3. Some remote kadmin API(add, delete and list) 4. Some important fixes for JWT pre-authentication and SimpleKdcServer I thinks the following issues should be solved before release: 1. Update the readme and javadoc 2. Do some tests of tools. What else did I miss here? How do you think about this? Thanks Jiajia
RE: Prepare for 1.0.0-RC3
Hi All, Since Jiajia is taking leave, I will help to move on Kerby 1.0 release. Thanks for all your support. So far, following items are done, 1. Update the readme and Javadoc Done 2. Do some test of tools Done 3. Add logs to improve exception handle Done Please suggest if anything missed or should be handled before the release. Thanks, Sammi -Original Message- From: Li, Jiajia [mailto:jiajia...@intel.com] Sent: Wednesday, July 27, 2016 2:53 PM To: kerby@directory.apache.org Subject: Prepare for 1.0.0-RC3 Hi all, March 13, the 1.0.0-RC2 of Kerby was released. We're thinking about a new Kerby release(RC3). >From Mar 13 to Jul 27, 60 JIRA issues were resolved, including following >important features: 1. Kerby authorization support. Gerard and Richard provided the large patch 2. XDR support 3. Some remote kadmin API(add, delete and list) 4. Some important fixes for JWT pre-authentication and SimpleKdcServer I thinks the following issues should be solved before release: 1. Update the readme and javadoc 2. Do some tests of tools. What else did I miss here? How do you think about this? Thanks Jiajia
RE: Prepare for 1.0.0-RC3
I agree with your poinit, we should add some log info for debugging in catch clauses. Thanks Jiajia -Original Message- From: Colm O hEigeartaigh [mailto:cohei...@apache.org] Sent: Thursday, July 28, 2016 10:36 PM To: kerby@directory.apache.org Subject: Re: Prepare for 1.0.0-RC3 Just one more point on a 1.0.0 release. The code base could really benefit from a quick scan of all "catch" clauses to see what we are doing with exceptions. For example, the server TokenPreAuth contains the following: } catch (FileNotFoundException e) { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); } We should either be logging exceptions properly or propagating them accordingly. Colm. On Wed, Jul 27, 2016 at 2:01 PM, Colm O hEigeartaigh wrote: > +1 for a release. However, I believe there to be a security issue with > anonymous pkinit as per my recent mail, so I'd like this to be > addressed in the release first. > > Colm. > > On Wed, Jul 27, 2016 at 10:09 AM, Emmanuel Lécharny > > wrote: > >> Le 27/07/16 à 10:54, Zheng, Kai a écrit : >> > Maybe we could release this version as 1.0.0 directly? Any concern? >> > I >> don't see any. We could claim the authorization feature and remote >> kadmin support as [EXPERIMENTAL]. >> > >> > Sorry too busy recently and don't have bandwidth on this. Hope it >> > can >> move forward anyway. >> >> That's really up to you ! If there were no complain with the latest >> RC, then, yes, delivering a 1.0 would totally make sense. >> >> FTR, in the past, we had a convoluted versionning pattern at >> Directory for projects, with numerous milestones. This was plain >> stupid. I really like the way Chrome and Firefox are released those >> days, with a quick incremental version : each new features added >> deserve a separate version, with some potential minor versions for urgent >> bug fixes. >> >> But this is something you have to discuss, my friends ;-) >> > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
Re: Prepare for 1.0.0-RC3
Just one more point on a 1.0.0 release. The code base could really benefit from a quick scan of all "catch" clauses to see what we are doing with exceptions. For example, the server TokenPreAuth contains the following: } catch (FileNotFoundException e) { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); } We should either be logging exceptions properly or propagating them accordingly. Colm. On Wed, Jul 27, 2016 at 2:01 PM, Colm O hEigeartaigh wrote: > +1 for a release. However, I believe there to be a security issue with > anonymous pkinit as per my recent mail, so I'd like this to be addressed in > the release first. > > Colm. > > On Wed, Jul 27, 2016 at 10:09 AM, Emmanuel Lécharny > wrote: > >> Le 27/07/16 à 10:54, Zheng, Kai a écrit : >> > Maybe we could release this version as 1.0.0 directly? Any concern? I >> don't see any. We could claim the authorization feature and remote kadmin >> support as [EXPERIMENTAL]. >> > >> > Sorry too busy recently and don't have bandwidth on this. Hope it can >> move forward anyway. >> >> That's really up to you ! If there were no complain with the latest RC, >> then, yes, delivering a 1.0 would totally make sense. >> >> FTR, in the past, we had a convoluted versionning pattern at Directory >> for projects, with numerous milestones. This was plain stupid. I really >> like the way Chrome and Firefox are released those days, with a quick >> incremental version : each new features added deserve a separate >> version, with some potential minor versions for urgent bug fixes. >> >> But this is something you have to discuss, my friends ;-) >> > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
Re: Prepare for 1.0.0-RC3
+1 for a release. However, I believe there to be a security issue with anonymous pkinit as per my recent mail, so I'd like this to be addressed in the release first. Colm. On Wed, Jul 27, 2016 at 10:09 AM, Emmanuel Lécharny wrote: > Le 27/07/16 à 10:54, Zheng, Kai a écrit : > > Maybe we could release this version as 1.0.0 directly? Any concern? I > don't see any. We could claim the authorization feature and remote kadmin > support as [EXPERIMENTAL]. > > > > Sorry too busy recently and don't have bandwidth on this. Hope it can > move forward anyway. > > That's really up to you ! If there were no complain with the latest RC, > then, yes, delivering a 1.0 would totally make sense. > > FTR, in the past, we had a convoluted versionning pattern at Directory > for projects, with numerous milestones. This was plain stupid. I really > like the way Chrome and Firefox are released those days, with a quick > incremental version : each new features added deserve a separate > version, with some potential minor versions for urgent bug fixes. > > But this is something you have to discuss, my friends ;-) > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
Re: Prepare for 1.0.0-RC3
Le 27/07/16 à 10:54, Zheng, Kai a écrit : > Maybe we could release this version as 1.0.0 directly? Any concern? I don't > see any. We could claim the authorization feature and remote kadmin support > as [EXPERIMENTAL]. > > Sorry too busy recently and don't have bandwidth on this. Hope it can move > forward anyway. That's really up to you ! If there were no complain with the latest RC, then, yes, delivering a 1.0 would totally make sense. FTR, in the past, we had a convoluted versionning pattern at Directory for projects, with numerous milestones. This was plain stupid. I really like the way Chrome and Firefox are released those days, with a quick incremental version : each new features added deserve a separate version, with some potential minor versions for urgent bug fixes. But this is something you have to discuss, my friends ;-)
RE: Prepare for 1.0.0-RC3
Maybe we could release this version as 1.0.0 directly? Any concern? I don't see any. We could claim the authorization feature and remote kadmin support as [EXPERIMENTAL]. Sorry too busy recently and don't have bandwidth on this. Hope it can move forward anyway. Regards, Kai -Original Message- From: Emmanuel Lécharny [mailto:elecha...@gmail.com] Sent: Wednesday, July 27, 2016 3:20 PM To: kerby@directory.apache.org Subject: Re: Prepare for 1.0.0-RC3 Le 27/07/16 à 08:52, Li, Jiajia a écrit : > Hi all, > > March 13, the 1.0.0-RC2 of Kerby was released. We're thinking about a new > Kerby release(RC3). > From Mar 13 to Jul 27, 60 JIRA issues were resolved, including following > important features: > > 1. Kerby authorization support. Gerard and Richard provided the large > patch 2. XDR support 3. Some remote kadmin API(add, delete and list) > 4. Some important fixes for JWT pre-authentication and SimpleKdcServer > > I thinks the following issues should be solved before release: > 1. Update the readme and javadoc > 2. Do some tests of tools. > What else did I miss here? > > How do you think about this? Hi Jiajia, this is all good news ! However, I would suggest strongly that for the next iteration of Kerby (ie, 2.0 or whatever fits your need), you stop using RC when you add features in the project. There is nothing wrong in releasing many incremental versions (1.0, 2.0, 3.0..., à la Firefox/Chrome), even if it's every few months. OTOH, cutting 3 RCs with added features is conveying a mixed messages to users. I'm not asking Kerby people to stop doing so know, the train is already on its way, I'm just suggesting a different approach in the near future :-) Many thanks and keep going the good work !
Re: Prepare for 1.0.0-RC3
Le 27/07/16 à 08:52, Li, Jiajia a écrit : > Hi all, > > March 13, the 1.0.0-RC2 of Kerby was released. We're thinking about a new > Kerby release(RC3). > From Mar 13 to Jul 27, 60 JIRA issues were resolved, including following > important features: > > 1. Kerby authorization support. Gerard and Richard provided the large patch > 2. XDR support > 3. Some remote kadmin API(add, delete and list) > 4. Some important fixes for JWT pre-authentication and SimpleKdcServer > > I thinks the following issues should be solved before release: > 1. Update the readme and javadoc > 2. Do some tests of tools. > What else did I miss here? > > How do you think about this? Hi Jiajia, this is all good news ! However, I would suggest strongly that for the next iteration of Kerby (ie, 2.0 or whatever fits your need), you stop using RC when you add features in the project. There is nothing wrong in releasing many incremental versions (1.0, 2.0, 3.0..., à la Firefox/Chrome), even if it's every few months. OTOH, cutting 3 RCs with added features is conveying a mixed messages to users. I'm not asking Kerby people to stop doing so know, the train is already on its way, I'm just suggesting a different approach in the near future :-) Many thanks and keep going the good work !