I'm seeking some objective guidance about the differences between RedHat
MRG and Apache Qpid Open Source.
There has been some discussion in my organisation about whether we
should go down the MRG route and I'm interested in the perspectives of
others.
One of the biggest concerns that seems to be being flagged is the
potential for security vulnerabilities and the responsiveness of an Open
Source versus commercial product with respect to patching identified
vulnerabilities. I'm also interested in whether there are any
significant performance differences.
Is there a difference between MRG and Qpid in this count?
My understanding was that there's a pretty tight synergy between MRG and
Qpid and that patches make it back and forth in quick succession. It was
also my understanding that RedHat was a key sponsor and RedHat was also
part of the Open Source community - I've noticed a few RedHat email
addresses on this Mailing list.
I'd really appreciate an unbiased comparison. If going MRG means my
organisation funding the Open Source community in a round about way
perhaps I ought to be encouraging it, but conversely I don't want to see
uninformed bad mouthing of the strategy for managing vulnerabilities in
Open Source projects propagating in my organisation. So if MRG is no
more secure than Qpid I'd like to make that clear and to have a decision
on MRG versus Qpid decided on merit rather than assumption.
Many thanks,
Frase
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
