Ok we passed the incubator vote with flying colors. Les, please send the TLP submission to the Board's next meeting agenda, following instructions at http://incubator.apache.org/guides/graduation.html#toplevel. I suppose we are not in a hurry, but it needs to done at least 72 hours hours before the next meeting. Enormous thanks to Craig and Alan at this point, your mentoring has been invaluable!
There's a list of chores to do after we become a TLP but we'll cross that bridge when we get there. In the meantime, we can work on getting 1.1 ready for release right after we are official. Kalle On Fri, Aug 13, 2010 at 11:59 AM, Les Hazlewood <lhazlew...@apache.org> wrote: > Sounds good to me - please feel free to post. > > Thanks! > > Les > > On Fri, Aug 13, 2010 at 10:37 AM, Kalle Korhonen > <kalle.o.korho...@gmail.com> wrote: >> I'm on a roll here - Les, I can start the IPMC recommendation vote >> shortly unless you specifically want to do that. I think we'll just >> start the vote right away and rephrase the resolution during the vote >> if needed (though >> http://incubator.apache.org/guides/graduation.html#toplevel suggests >> posting the resolution on IPMC before the vote). Given that we already >> had a discussion on the resolution and it was linked to community >> vote, I doubt the wording in the proposed resolution is going to >> create any controversy. >> >> Kalle >> >> >> On Mon, Aug 9, 2010 at 10:42 AM, Les Hazlewood <lhazlew...@apache.org> wrote: >>> Yep, that's it - our community vote and then the IPMC recommendation >>> vote. Looks like we're in the home stretch! >>> >>> Les >>> >>> On Mon, Aug 9, 2010 at 10:08 AM, Kalle Korhonen >>> <kalle.o.korho...@gmail.com> wrote: >>>> From http://incubator.apache.org/guides/graduation.html#toplevel - >>>> with suggested owners and timeline added >>>> >>>> Graduation to a top level project requires: >>>> >>>> * a charter for your project - done >>>> * a positive community graduation VOTE - Kalle, this week (starting >>>> (08/09) >>>> * a positive IPMC recommendation VOTE - Les, next week (starting >>>> (08/16 assuming community vote tallied and succeeded) >>>> * the acceptance of the resolution by the Board (add it to the >>>> September board meeting agenda as soon as recommendation vote >>>> succeeds) >>>> >>>> The next board meeting is 3rd of September. The proposed timeline >>>> should give us enough time to put it on the agenda. If no objections, >>>> I'll send out the community vote email this evening. >>>> >>>> Kalle >>>> >>>> >>>> >>>> On Sun, Aug 8, 2010 at 6:03 PM, Alan D. Cabrera <l...@toolazydogs.com> >>>> wrote: >>>>> So what are the remaining items to kick this thing out of the Incubator? >>>>> >>>>> >>>>> Regards, >>>>> Alan >>>>> >>>>> On Aug 5, 2010, at 12:37 PM, Kalle Korhonen wrote: >>>>> >>>>>> Hey at least we got a discussion out of it. I agree, I think we'll >>>>>> keep it as is unless somebody suggests otherwise. >>>>>> >>>>>> Kalle >>>>>> >>>>>> >>>>>> On Thu, Aug 5, 2010 at 12:33 PM, Les Hazlewood <lhazlew...@apache.org> >>>>>> wrote: >>>>>>> I gotcha - and I'm glad your brought it up. As you said, that's what >>>>>>> this email thread is for :) >>>>>>> >>>>>>> I think it is probably best that we leave it as the broad/general >>>>>>> statement that it is - it is conceivable that we might add something >>>>>>> else to the framework later on and I wouldn't want to be limited >>>>>>> because our mission statement implies that it might be out of scope. >>>>>>> I think that kind of stuff is better left to the community to decide. >>>>>>> Just thinking out loud... >>>>>>> >>>>>>> Les >>>>>>> >>>>>>> On Thu, Aug 5, 2010 at 12:15 PM, Kalle Korhonen >>>>>>> <kalle.o.korho...@gmail.com> wrote: >>>>>>>> Security is still bigger than "authentication, authorization, session >>>>>>>> management and cryptography" combined. Cryptography may be a huge part >>>>>>>> of the project, but we are mainly users of the cryptographic >>>>>>>> algorithms rather than providers of them. On session management I >>>>>>>> agree, and probably should be noted if we wanted to be specific but >>>>>>>> suppose it can be seen as being included in overall "related to >>>>>>>> application security" statement. I'm fine leaving the statement broad >>>>>>>> but that's about the only topic in the resolution we should discuss so >>>>>>>> I wanted to make sure that we agree with it. >>>>>>>> >>>>>>>> Kalle >>>>>>>> >>>>>>>> >>>>>>>> On Thu, Aug 5, 2010 at 11:35 AM, Les Hazlewood <lhazlew...@apache.org> >>>>>>>> wrote: >>>>>>>>> Yeah, I just copied Cayenne's resolution and changed only what >>>>>>>>> absolutely needed to be changed to make it Shiro-specific. I thought >>>>>>>>> this would be the 'safest' route to quickest approval since the >>>>>>>>> Incubator graduation criteria page specifically recommended that it be >>>>>>>>> used as an example from which we could create our own. >>>>>>>>> >>>>>>>>> And I'm surprised to hear the potential suggestion to limit our domain >>>>>>>>> to only authentication and authorization. Session Management and >>>>>>>>> Cryptography are two huge parts of the overall project! At least >>>>>>>>> based on our project origins and current mission statement, Shiro is >>>>>>>>> supposed to be the most comprehensive application security framework >>>>>>>>> available. I personally feel that we should retain this mission, >>>>>>>>> which is why I left the wording very general. >>>>>>>>> >>>>>>>>> Just my .02, >>>>>>>>> >>>>>>>>> Les >>>>>>>>> >>>>>>>>> On Thu, Aug 5, 2010 at 10:48 AM, Kalle Korhonen >>>>>>>>> <kalle.o.korho...@gmail.com> wrote: >>>>>>>>>> Back to the original matter now. I added Craig on the resolution and >>>>>>>>>> didn't make other edits. I think it should be called "Project >>>>>>>>>> Resolution" rather than "Graduation Resolution" but since it'd change >>>>>>>>>> the url and only the content matters I didn't bother. I'm not a huge >>>>>>>>>> fan of the fancy sentences either (I do not believe for a second that >>>>>>>>>> legal language for some reason needs to be complicated) but I don't >>>>>>>>>> think we have a lot of leeway in the matter and even if we did, it's >>>>>>>>>> not worth the effort. While the resolution is not the same as a >>>>>>>>>> mission statement, it includes a mission statement which is the only >>>>>>>>>> part in it that matters to me and which we might want to expand on a >>>>>>>>>> bit. Specifically the resolution says "The Apache Shiro Project be >>>>>>>>>> and >>>>>>>>>> hereby is >>>>>>>>>> responsible for the creation and maintenance of a software >>>>>>>>>> project related to application security". Does that cover all and >>>>>>>>>> only >>>>>>>>>> what the project and we are set to do? I don't have any exact >>>>>>>>>> suggestions - it's a bit short but could do even as is. We could >>>>>>>>>> though specifically limit our domain to "authentication and >>>>>>>>>> authorization" - security as a whole is more than just those two >>>>>>>>>> aspects. >>>>>>>>>> >>>>>>>>>> Kalle >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Wed, Aug 4, 2010 at 12:40 PM, Kalle Korhonen >>>>>>>>>> <kalle.o.korho...@gmail.com> wrote: >>>>>>>>>>> Thanks Les, will review. >>>>>>>>>>> >>>>>>>>>>> I don't want to turn this into a voting thread and I don't think we >>>>>>>>>>> need a formal vote on it either, but +1 from me as well for Craig to >>>>>>>>>>> stay on, we couldn't have gotten this far without him! >>>>>>>>>>> >>>>>>>>>>> Kalle >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Wed, Aug 4, 2010 at 11:59 AM, Les Hazlewood >>>>>>>>>>> <lhazlew...@apache.org> wrote: >>>>>>>>>>>> A huge +1 from me for Craig joining the PMC. Thanks for offering >>>>>>>>>>>> Craig! >>>>>>>>>>>> >>>>>>>>>>>> Les >>>>>>>>>>>> >>>>>>>>>>>> On Wed, Aug 4, 2010 at 11:40 AM, Craig L Russell >>>>>>>>>>>> <craig.russ...@oracle.com> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>> On Aug 4, 2010, at 11:03 AM, Alan D. Cabrera wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> You are correct. Mentors do not automatically become project >>>>>>>>>>>>>> members. >>>>>>>>>>>>> >>>>>>>>>>>>> Correct. >>>>>>>>>>>>> >>>>>>>>>>>>> However, it's generally considered a good idea to have at least >>>>>>>>>>>>> one Apache >>>>>>>>>>>>> Foundation Member on each PMC. Often this is the PMC chair. >>>>>>>>>>>>> Sometimes the >>>>>>>>>>>>> mentors volunteer to stay on at least for a while to help the new >>>>>>>>>>>>> PMC get >>>>>>>>>>>>> settled. >>>>>>>>>>>>> >>>>>>>>>>>>> I'd be happy to help out by being on the new PMC if you'll have >>>>>>>>>>>>> me. >>>>>>>>>>>>> >>>>>>>>>>>>> Craig >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>> Alan >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Aug 4, 2010, at 10:31 AM, Les Hazlewood wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> A quick note: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I assume Mentors are not to be automatically listed as project >>>>>>>>>>>>>>> members >>>>>>>>>>>>>>> since their relationship with the project is to help through the >>>>>>>>>>>>>>> incubation process, and (formally) their responsibility with the >>>>>>>>>>>>>>> incubator podling is released upon graduation (per the last >>>>>>>>>>>>>>> paragraph >>>>>>>>>>>>>>> in the Graduation Resolution). >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> This is *not* a reflection of any desire not to have them as >>>>>>>>>>>>>>> project >>>>>>>>>>>>>>> members should they wish to participate - it merely reflects my >>>>>>>>>>>>>>> understanding of the role/scope of an Incubator Mentor. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Cheers, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Les >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Wed, Aug 4, 2010 at 10:23 AM, Les Hazlewood >>>>>>>>>>>>>>> <lhazlew...@apache.org> >>>>>>>>>>>>>>> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> I've posted my initial draft of the Apache TLP Graduation >>>>>>>>>>>>>>>> Resolution >>>>>>>>>>>>>>>> here: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> https://cwiki.apache.org/confluence/display/SHIRO/Graduation+Resolution >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Please review and comment. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Thanks! >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Les >>>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Craig L Russell >>>>>>>>>>>>> Architect, Oracle >>>>>>>>>>>>> http://db.apache.org/jdo >>>>>>>>>>>>> 408 276-5638 mailto:craig.russ...@oracle.com >>>>>>>>>>>>> P.S. A good JDO? O, Gasp! >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> >>>>> >>>>> >>>> >>> >> >
