On 4/23/06, Berin Lautenbach <[EMAIL PROTECTED]> wrote: > Werner just stired the pot on this in another forum, so I thought I'd > come back to it again. > > Name aside (although I kinda like Sanctuary or some variant thereof), I > could just update the charter at the end of this trail and remove XML > from the words "XML Security" - so we end up with just stuff about > security technologies. That's a simple way forward - we create software > relating to security. > Cool name Sanctuary, really good +1. > I note also Raul's thought on lack of resources. My take on that is > that by promoting to TLP we are not immediately doing more - but we are > providing more visibility of what we are doing. That's probably the > best way to start getting a broader audience interested in what we are > doing. > Fine for me, only we need to take this into account.
Regards, > Thoughts welcome. > > Cheers, > Berin > > Jesse Pelton wrote: > > > Some random ideas to get the name game going, based on your indicated > > vision for the project: "SecureSoft," "Security Software," "Vault," > > "Shield," "Armor," "Guard," "Sanctuary," ,"Citadel," "Surety," "Security > > Blanket" (or "Linus," with a nod to Charles Schulz' "Peanuts," but you'd > > want to get permission). With the possible exception of the last, none > > of these indulge the Apache penchant for obscure references, though. > > > > But the name is really the last piece. You need a clearly articulated > > purpose and scope before you can come up with a name that fits. > > > > -----Original Message----- > > From: Berin Lautenbach [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, March 15, 2006 3:13 AM > > To: security-dev@xml.apache.org > > Subject: Re: TLP Resolution > > > > Thoughts welcome :>. > > > > Berin Lautenbach wrote: > > > > > >>OK - I'm going to take the idea to the board. > >> > >>Before I do - we need a couple of things. > >> > >>1. A name. I'd personally be against anything fancy or non-obvious. > >>But I don't really want to use "Apache Security" as I think it will > >>get too confusing against the security group within the ASF (the group > > > > > >>that looks after security bug reports etc.) "Apache Infosec"? > >>"Apache Secure"? Obviously there is a reason I never went into > > > > marketing :>. > > > >>2. A scope. Probably not hard. "...open-source software related to > >>security..." is a good place to start I suspect :>. > >> > >>I also wouldn't mind to take some first steps as to what we want to > > > > do. > > > >> Obviously set up xml-security and JuiCE, but I'd personally like to > >>see the ASF become a source of best practice for security software as > > > > well. > > > >> Longer term - but an interesting goal for a tlp within the ASF. And > >>if we are going to use this as an exercise in raising interest in what > > > > > >>we are doing inside/outside the ASF, then we want to think about what > >>kind of message we want to give people when the project goes to top > > > > level. > > > >>I'd also like to use it as a central point people can go to in order > >>to see all security related software in the ASF. Not to have projects > > > > > >>like WS-Security under the security project, but to have links to > >>other projects/efforts in the ASF that are related to security > > > > software. > > > >>Thoughts welcome! > >> > >>Cheers, > >> Berin > >> > >>Ben Laurie wrote: > >> > >> > >> > >>>Davanum Srinivas wrote: > >>> > >>> > >>> > >>>>Dear Ben and Dear Ben, > >>>> > >>>>what do you guys think? A Security Federation/TLP/PMC. Starting with > >>>>Apache XML-Security and Apache Juice. > >>> > >>> > >>>It sounds like a very good idea to me, I'd certainly support it. Of > >>>course, we already have a CA. Written in, errr, perl :-) > >>> > >>>Cheers, > >>> > >>>Ben. > >>> > >>> > >>> > >>> > >>>>thanks, > >>>>-- dims > >>>> > >>>>On 3/11/06, Berin Lautenbach <[EMAIL PROTECTED]> wrote: > >>>> > >>>> > >>>> > >>>>>I would be interested in widening it as well - with the proviso that > > > > > >>>>>it is like a federation. I.e. we use it to seed projects then build > > > > > >>>>>them and spawn them into TLPs once they grow to size. > >>>>> > >>>>>I might start sounding some people out. > >>>>> > >>>>>Dims - what's your thoughts? > >>>>> > >>>>>On the subject - having spent the most of Saturday searching for a > >>>>>decent Open Source CA, I'd now be interested in building one that > >>>>>doesn't use &[EMAIL PROTECTED] perl. I.e. do the core in C++ with > >>>>>perl/PHP > >>>>>being used for the interfacing only. > >>>>> > >>>>>Cheers, > >>>>> Berin > >>>>> > >>>>>Werner Dittmann wrote: > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>>+1 from me. > >>>>>> > >>>>>>Just a comment regarding the charter: is it really only Apache XML > >>>>>>Security? IMHO this would be a bit too narrow, for example JuiCE is > > > > > >>>>>>not dependent on XML, maybe other security related software will be > > > > > >>>>>>pop up later as well. > >>>>>> > >>>>>>I would like to see an "Apache Security" PMC that would address all > > > > > >>>>>>kind of security relevant software and act as a solid base to > >>>>>>deliver security functions to other Apache projects. Also we may > >>>>>>think to browse existing Apache projects to see if there is already > > > > > >>>>>>software (maybe even multiply implemented) and pool them here. > >>>>>> > >>>>>>BTW, I would be happy to be a part of this activity. > >>>>>> > >>>>>>Regards, > >>>>>>Werner > >>>>>> > >>>>>>Berin Lautenbach wrote: > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>>>Peoples, > >>>>>>> > >>>>>>>Sometime back we talked about becoming a TLP. With the recent > >>>>>>>JuiCE efforts, + JSR 105 + XKMS we are starting to see a few > >>>>>>>different things occuring. I'd be hugely in favour of starting > >>>>>>>something at a higher level in Apache to get some visibility. > >>>>>>> > >>>>>>>I'm also toying with the idea of creating a broader security > >>>>>>>project/federation to encourage that kind of software within the > > > > ASF. > > > >>>>>>>Thoughts? > >>>>>>> > >>>>>>>Draft proposal for the board below. If we want to do this - all > >>>>>>>active committers will need to vote either on this or on a broader > > > > > >>>>>>>(or even > >>>>>>>narrower!) charter terms of reference that we all can agree to. > >>>>>>> > >>>>>>>Cheers, > >>>>>>> Berin > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> WHEREAS, the Board of Directors deems it to be in the best > >>>>>>> interests of the Foundation and consistent with the > >>>>>>> Foundation's purpose to establish a Project Management > >>>>>>> Committee charged with the creation and maintenance of > >>>>>>> open-source software related to XML security technologies, > >>>>>>> for distribution at no charge to the public. > >>>>>>> > >>>>>>> NOW, THEREFORE, BE IT RESOLVED, that a Project Management > >>>>>>> Committee (PMC), to be known as the "Apache XML Security > > > > PMC", > > > >>>>>>> be and hereby is established pursuant to Bylaws of the > >>>>>>> Foundation; and be it further > >>>>>>> > >>>>>>> RESOLVED, that the Apache XML Security PMC be and hereby is > >>>>>>> responsible for the creation and maintenance of software > >>>>>>> related to creation and maintenance of open-source software > >>>>>>> related to XML security technologies based on software > > > > licensed > > > >>>>>>> to the Foundation; and be it further > >>>>>>> > >>>>>>> RESOLVED, that the office of "Vice President, Apache XML > >>>>>>> Security" be and hereby is created, the person holding such > >>>>>>> office to serve at the direction of the Board of Directors as > >>>>>>> the chair of the Apache XML Security PMC, and to have primary > >>>>>>> responsibility for management of the projects within the > > > > scope > > > >>>>>>> of responsibility of the Apache XML Security PMC; and be it > >>>>>>> further > >>>>>>> > >>>>>>> RESOLVED, that the persons listed immediately below be and > >>>>>>> hereby are appointed to serve as the initial members of the > >>>>>>> Apache XML Security PMC: > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> <!-- List out all committers in format of > >>>>>>> Berin Lautenbach <[EMAIL PROTECTED]> --> > >>>>>>> > >>>>>>> > >>>>>>> NOW, THEREFORE, BE IT FURTHER RESOLVED, than ?? > >>>>>>> <[EMAIL PROTECTED]> appointed to the office of Vice President, > >>>>>>> Apache XML Security, to serve in accordance with and subject > >>>>>>> to the direction of the Board of Directors and the Bylaws of > > > > the > > > >>>>>>> Foundation until death, resignation, retirement, removal or > >>>>>>> disqualification, or until a successor is appointed; and be > > > > it > > > >>>>>>> further > >>>>>>> > >>>>>>> RESOLVED, that the initial Apache XML Security PMC be and > > > > hereby > > > >>>>>>> is tasked with the creation of a set of bylaws intended to > >>>>>>> encourage open development and increased participation in the > >>>>>>> Apache XML Security Project; and be it further > >>>>>>> > >>>>>>> RESOLVED, that the initial Apache XML Security PMC be and > > > > hereby > > > >>>>>>> is tasked with the migration and rationalization of the > > > > Apache > > > >>>>>>> XML PMC XML Security subproject; and be it further > >>>>>>> > >>>>>>> RESOLVED, that all responsibility pertaining to the XML XML > >>>>>>> Security sub-project and encumbered upon the Apache XML PMC > > > > are > > > >>>>>>> hereafter discharged. > >>>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>-- > >>>>Davanum Srinivas : http://wso2.com/blogs/ > >>>> > >>>> > >>> > >>> > >>> > >> > > > > > -- http://r-bg.com
