I'd suggest simply moving XML-Security to a TLP and not worry about it
needing to have a broader role. There is no problem with a "small"
TLP.
I think any sort of "security federation" would be handled similarly
to the site-dev mailing list and its care/feeding of www.apache.org.
(and I might even suggest just putting the federation there, rather
than foo.apache.org)
Cheers,
-g
On 6/22/06, Berin Lautenbach <[EMAIL PROTECTED]> wrote:
Roy T. Fielding wrote:
> It sounds like a decent idea for a federation, but a terrible idea
> for a project. Projects need to be responsible for a product or they
> just end up in the weeds. A federation of projects can simply maintain
> a general mailing list and website.
It would be responsible for code - the current xml-security stuff that
sits within the XML project/federation. And it would look to start new
things as well - with an absolute intent to move them to TLP when
necessary (i.e. when it became clear the Santuario PMC did not have
direct oversite).
I know we are trying not to create umbrella projects - I'm trying to
walk a middle ground to see if we can make something like this work with
a community that fosters this area. It's a bit of a community
experiment as well as a technical one.
Cheers,
Berin
--
Greg Stein, http://www.lyra.org/
