Sounds good to me - please feel free to post. Thanks!
Les On Fri, Aug 13, 2010 at 10:37 AM, Kalle Korhonen <kalle.o.korho...@gmail.com> wrote: > I'm on a roll here - Les, I can start the IPMC recommendation vote > shortly unless you specifically want to do that. I think we'll just > start the vote right away and rephrase the resolution during the vote > if needed (though > http://incubator.apache.org/guides/graduation.html#toplevel suggests > posting the resolution on IPMC before the vote). Given that we already > had a discussion on the resolution and it was linked to community > vote, I doubt the wording in the proposed resolution is going to > create any controversy. > > Kalle > > > On Mon, Aug 9, 2010 at 10:42 AM, Les Hazlewood <lhazlew...@apache.org> wrote: >> Yep, that's it - our community vote and then the IPMC recommendation >> vote. Looks like we're in the home stretch! >> >> Les >> >> On Mon, Aug 9, 2010 at 10:08 AM, Kalle Korhonen >> <kalle.o.korho...@gmail.com> wrote: >>> From http://incubator.apache.org/guides/graduation.html#toplevel - >>> with suggested owners and timeline added >>> >>> Graduation to a top level project requires: >>> >>> * a charter for your project - done >>> * a positive community graduation VOTE - Kalle, this week (starting >>> (08/09) >>> * a positive IPMC recommendation VOTE - Les, next week (starting >>> (08/16 assuming community vote tallied and succeeded) >>> * the acceptance of the resolution by the Board (add it to the >>> September board meeting agenda as soon as recommendation vote >>> succeeds) >>> >>> The next board meeting is 3rd of September. The proposed timeline >>> should give us enough time to put it on the agenda. If no objections, >>> I'll send out the community vote email this evening. >>> >>> Kalle >>> >>> >>> >>> On Sun, Aug 8, 2010 at 6:03 PM, Alan D. Cabrera <l...@toolazydogs.com> >>> wrote: >>>> So what are the remaining items to kick this thing out of the Incubator? >>>> >>>> >>>> Regards, >>>> Alan >>>> >>>> On Aug 5, 2010, at 12:37 PM, Kalle Korhonen wrote: >>>> >>>>> Hey at least we got a discussion out of it. I agree, I think we'll >>>>> keep it as is unless somebody suggests otherwise. >>>>> >>>>> Kalle >>>>> >>>>> >>>>> On Thu, Aug 5, 2010 at 12:33 PM, Les Hazlewood <lhazlew...@apache.org> >>>>> wrote: >>>>>> I gotcha - and I'm glad your brought it up. As you said, that's what >>>>>> this email thread is for :) >>>>>> >>>>>> I think it is probably best that we leave it as the broad/general >>>>>> statement that it is - it is conceivable that we might add something >>>>>> else to the framework later on and I wouldn't want to be limited >>>>>> because our mission statement implies that it might be out of scope. >>>>>> I think that kind of stuff is better left to the community to decide. >>>>>> Just thinking out loud... >>>>>> >>>>>> Les >>>>>> >>>>>> On Thu, Aug 5, 2010 at 12:15 PM, Kalle Korhonen >>>>>> <kalle.o.korho...@gmail.com> wrote: >>>>>>> Security is still bigger than "authentication, authorization, session >>>>>>> management and cryptography" combined. Cryptography may be a huge part >>>>>>> of the project, but we are mainly users of the cryptographic >>>>>>> algorithms rather than providers of them. On session management I >>>>>>> agree, and probably should be noted if we wanted to be specific but >>>>>>> suppose it can be seen as being included in overall "related to >>>>>>> application security" statement. I'm fine leaving the statement broad >>>>>>> but that's about the only topic in the resolution we should discuss so >>>>>>> I wanted to make sure that we agree with it. >>>>>>> >>>>>>> Kalle >>>>>>> >>>>>>> >>>>>>> On Thu, Aug 5, 2010 at 11:35 AM, Les Hazlewood <lhazlew...@apache.org> >>>>>>> wrote: >>>>>>>> Yeah, I just copied Cayenne's resolution and changed only what >>>>>>>> absolutely needed to be changed to make it Shiro-specific. I thought >>>>>>>> this would be the 'safest' route to quickest approval since the >>>>>>>> Incubator graduation criteria page specifically recommended that it be >>>>>>>> used as an example from which we could create our own. >>>>>>>> >>>>>>>> And I'm surprised to hear the potential suggestion to limit our domain >>>>>>>> to only authentication and authorization. Session Management and >>>>>>>> Cryptography are two huge parts of the overall project! At least >>>>>>>> based on our project origins and current mission statement, Shiro is >>>>>>>> supposed to be the most comprehensive application security framework >>>>>>>> available. I personally feel that we should retain this mission, >>>>>>>> which is why I left the wording very general. >>>>>>>> >>>>>>>> Just my .02, >>>>>>>> >>>>>>>> Les >>>>>>>> >>>>>>>> On Thu, Aug 5, 2010 at 10:48 AM, Kalle Korhonen >>>>>>>> <kalle.o.korho...@gmail.com> wrote: >>>>>>>>> Back to the original matter now. I added Craig on the resolution and >>>>>>>>> didn't make other edits. I think it should be called "Project >>>>>>>>> Resolution" rather than "Graduation Resolution" but since it'd change >>>>>>>>> the url and only the content matters I didn't bother. I'm not a huge >>>>>>>>> fan of the fancy sentences either (I do not believe for a second that >>>>>>>>> legal language for some reason needs to be complicated) but I don't >>>>>>>>> think we have a lot of leeway in the matter and even if we did, it's >>>>>>>>> not worth the effort. While the resolution is not the same as a >>>>>>>>> mission statement, it includes a mission statement which is the only >>>>>>>>> part in it that matters to me and which we might want to expand on a >>>>>>>>> bit. Specifically the resolution says "The Apache Shiro Project be and >>>>>>>>> hereby is >>>>>>>>> responsible for the creation and maintenance of a software >>>>>>>>> project related to application security". Does that cover all and only >>>>>>>>> what the project and we are set to do? I don't have any exact >>>>>>>>> suggestions - it's a bit short but could do even as is. We could >>>>>>>>> though specifically limit our domain to "authentication and >>>>>>>>> authorization" - security as a whole is more than just those two >>>>>>>>> aspects. >>>>>>>>> >>>>>>>>> Kalle >>>>>>>>> >>>>>>>>> >>>>>>>>> On Wed, Aug 4, 2010 at 12:40 PM, Kalle Korhonen >>>>>>>>> <kalle.o.korho...@gmail.com> wrote: >>>>>>>>>> Thanks Les, will review. >>>>>>>>>> >>>>>>>>>> I don't want to turn this into a voting thread and I don't think we >>>>>>>>>> need a formal vote on it either, but +1 from me as well for Craig to >>>>>>>>>> stay on, we couldn't have gotten this far without him! >>>>>>>>>> >>>>>>>>>> Kalle >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Wed, Aug 4, 2010 at 11:59 AM, Les Hazlewood >>>>>>>>>> <lhazlew...@apache.org> wrote: >>>>>>>>>>> A huge +1 from me for Craig joining the PMC. Thanks for offering >>>>>>>>>>> Craig! >>>>>>>>>>> >>>>>>>>>>> Les >>>>>>>>>>> >>>>>>>>>>> On Wed, Aug 4, 2010 at 11:40 AM, Craig L Russell >>>>>>>>>>> <craig.russ...@oracle.com> wrote: >>>>>>>>>>>> >>>>>>>>>>>> On Aug 4, 2010, at 11:03 AM, Alan D. Cabrera wrote: >>>>>>>>>>>> >>>>>>>>>>>>> You are correct. Mentors do not automatically become project >>>>>>>>>>>>> members. >>>>>>>>>>>> >>>>>>>>>>>> Correct. >>>>>>>>>>>> >>>>>>>>>>>> However, it's generally considered a good idea to have at least >>>>>>>>>>>> one Apache >>>>>>>>>>>> Foundation Member on each PMC. Often this is the PMC chair. >>>>>>>>>>>> Sometimes the >>>>>>>>>>>> mentors volunteer to stay on at least for a while to help the new >>>>>>>>>>>> PMC get >>>>>>>>>>>> settled. >>>>>>>>>>>> >>>>>>>>>>>> I'd be happy to help out by being on the new PMC if you'll have me. >>>>>>>>>>>> >>>>>>>>>>>> Craig >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Regards, >>>>>>>>>>>>> Alan >>>>>>>>>>>>> >>>>>>>>>>>>> On Aug 4, 2010, at 10:31 AM, Les Hazlewood wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> A quick note: >>>>>>>>>>>>>> >>>>>>>>>>>>>> I assume Mentors are not to be automatically listed as project >>>>>>>>>>>>>> members >>>>>>>>>>>>>> since their relationship with the project is to help through the >>>>>>>>>>>>>> incubation process, and (formally) their responsibility with the >>>>>>>>>>>>>> incubator podling is released upon graduation (per the last >>>>>>>>>>>>>> paragraph >>>>>>>>>>>>>> in the Graduation Resolution). >>>>>>>>>>>>>> >>>>>>>>>>>>>> This is *not* a reflection of any desire not to have them as >>>>>>>>>>>>>> project >>>>>>>>>>>>>> members should they wish to participate - it merely reflects my >>>>>>>>>>>>>> understanding of the role/scope of an Incubator Mentor. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Cheers, >>>>>>>>>>>>>> >>>>>>>>>>>>>> Les >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Wed, Aug 4, 2010 at 10:23 AM, Les Hazlewood >>>>>>>>>>>>>> <lhazlew...@apache.org> >>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I've posted my initial draft of the Apache TLP Graduation >>>>>>>>>>>>>>> Resolution >>>>>>>>>>>>>>> here: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> https://cwiki.apache.org/confluence/display/SHIRO/Graduation+Resolution >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Please review and comment. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks! >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Les >>>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Craig L Russell >>>>>>>>>>>> Architect, Oracle >>>>>>>>>>>> http://db.apache.org/jdo >>>>>>>>>>>> 408 276-5638 mailto:craig.russ...@oracle.com >>>>>>>>>>>> P.S. A good JDO? O, Gasp! >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>> >>>> >>> >> >
