You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de> on 2003/01/29 08:40:38 UTC
Vote: "Movement back" Re: Objection on movement from xml-security
to ws-security
--On Mittwoch, 29. Januar 2003 17:57 +1100 berin@ozemail.com.au wrote:
>> FYI, Here's the email that was sent to all concerned projects
>> (http://marc.theaimsgroup.com/?l=xml-apache-general&m=104316088830105&w=
>> 2)
>
> I think the big problem here is that this came
> out a week ago, and a few days later the whole
> thing was signed and delivered with no "OK" vote
> from the security-dev project. (Might have been
> nice to have some discussion just within sec-dev.)
>
> Be that as it may - is there something somewhere
> that describes the charter of each project (XML
> and WS)? The resolution that is referenced above
> says something, but not much.
>
> Also, assuming the decision is made to bring
> back to XML (which appears the most sensible),
> what does that mean for the current refactoring
> of the XML project? Should the security-dev
> group be voting someone/some people in to
> represent on the PMC?
>
> Cheers,
> Berin
You're right. I must admit that I was sleeping when I saw Sam's mail on
"RESOLVED, that WS ... is tasked with the migration of the XML Security".
In all discussions and votes I've seen on general@xml and xerces-dev@xml
and whereever else, there was always this "I say +1" voting scheme. I and
no other of the two existing committers of XML-Security in fact did any
vote. I did not trigger any discussion on security-dev as I did not
understand that this involved a movement into a new sub project.
So there was no vote from the committers to move it from xml.apache.org to
ws.apache.org.
There must be a vote to move it back. If this really is the procedure, OK...
Hereby, Axl and Erwin, I officially ask you on your opinion whether we
should make the request to the board to bring back XML-Security from
ws.apache.org to xml.apache.org.
geuerp: +1
Kind regards,
Christian
Re: Vote: "Movement back" Re: Objection on movement from xml-security
to ws-security
Posted by Axl Mattheus <ax...@sun.com>.
Christian Geuer-Pollmann wrote:
>--On Mittwoch, 29. Januar 2003 17:57 +1100 berin@ozemail.com.au wrote:
>
>
>
>>>FYI, Here's the email that was sent to all concerned projects
>>>(http://marc.theaimsgroup.com/?l=xml-apache-general&m=104316088830105&w=
>>>2)
>>>
>>>
>>I think the big problem here is that this came
>>out a week ago, and a few days later the whole
>>thing was signed and delivered with no "OK" vote
>>from the security-dev project. (Might have been
>>nice to have some discussion just within sec-dev.)
>>
>>Be that as it may - is there something somewhere
>>that describes the charter of each project (XML
>>and WS)? The resolution that is referenced above
>>says something, but not much.
>>
>>Also, assuming the decision is made to bring
>>back to XML (which appears the most sensible),
>>what does that mean for the current refactoring
>>of the XML project? Should the security-dev
>>group be voting someone/some people in to
>>represent on the PMC?
>>
>>Cheers,
>> Berin
>>
>>
>
>
>You're right. I must admit that I was sleeping when I saw Sam's mail on
>"RESOLVED, that WS ... is tasked with the migration of the XML Security".
>In all discussions and votes I've seen on general@xml and xerces-dev@xml
>and whereever else, there was always this "I say +1" voting scheme. I and
>no other of the two existing committers of XML-Security in fact did any
>vote. I did not trigger any discussion on security-dev as I did not
>understand that this involved a movement into a new sub project.
>
Yip, your not the only one cauhgt napping.
>
>So there was no vote from the committers to move it from xml.apache.org to
>ws.apache.org.
>
>There must be a vote to move it back. If this really is the procedure, OK...
>
>Hereby, Axl and Erwin, I officially ask you on your opinion whether we
>should make the request to the board to bring back XML-Security from
>ws.apache.org to xml.apache.org.
>
As far as I can gather from the "use ours 'cause it is better - speak"
on the websites of the major Java component pushers (Sun, IBM, Oracle,
...), none of them ships XML DSig and XMLEnc with their "Web Services -
do it all toolkits". I might be wrong, I just scanned the web pages. I
guess it does make sense to keep Web Services and XML Security apart. It
may also be a good thing. XML Digital SIgnatures and XML Encryption will
most propably be used in terms of Web Services more that in any other
use case.
>
>geuerp: +1
>
axlm: +1 - Because I don't have a clear opinion yet.
>
>Kind regards,
>Christian
>
>
>
>
>
Re: Vote-o-mania for xml-security
Posted by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de>.
--On Donnerstag, 30. Januar 2003 21:08 +1100 Berin Lautenbach
<be...@ozemail.com.au> wrote:
>> As long as it is seperated enough from the Java distribution:
>> vdkoogh +1
> Which raises a really good point.
>
> My initial thinking was to create a "c" subdirectory from the main CVS
> for _anything_ related to the C++ version. Fits in with the convention
> already used for Xalan. Anything not in "c" relates to the Java project.
> That way there is a clear separation between the two code-bases.
> Distributions would be done separately as well.
>
> OK?
This means that we do not touch the current directory structure but only
add a c/ directory? Sounds good and easy.
Another way (a little bit more work) would be something like
./docs/
./c/
./java/
./README.txt
./index.html
> Second question - the Apache license header used in the Java version
> includes some riders around original contributions from the WebSig
> project. Strictly speaking that's not relevant to the C++ version, but I
> think it better to keep a single license header accross all the source.
> (Also I have every intention of every now and then taking pieces from the
> Java version where appropriate :> - I haven't up until now but....).
>
> Sound OK?
No problem.
Kind regards,
Christian
Re: Vote-o-mania for xml-security
Posted by Berin Lautenbach <be...@ozemail.com.au>.
Erwin van der Koogh wrote:
>>from the incubator process <http://incubator.apache.org/process.html>, the
>>C/C++ impl. does not necessarily have to be moved to the incubator, I guess
>>the same applies to the encryption code from Axl.
>>
>>(1) I hereby vote to include the C/C++ code into the Apache XML-Security
>>project.
>>
>>geuerp: +1
>>
>>
>As long as it is seperated enough from the Java distribution:
>vdkoogh +1
>
>
Which raises a really good point.
My initial thinking was to create a "c" subdirectory from the main CVS
for _anything_ related to the C++ version. Fits in with the convention
already used for Xalan. Anything not in "c" relates to the Java
project. That way there is a clear separation between the two
code-bases. Distributions would be done separately as well.
OK?
Second question - the Apache license header used in the Java version
includes some riders around original contributions from the WebSig
project. Strictly speaking that's not relevant to the C++ version, but
I think it better to keep a single license header accross all the
source. (Also I have every intention of every now and then taking
pieces from the Java version where appropriate :> - I haven't up until
now but....).
Sound OK?
Cheers,
Berin
Re: Vote-o-mania for xml-security
Posted by Erwin van der Koogh <vd...@apache.org>.
> from the incubator process <http://incubator.apache.org/process.html>, the
> C/C++ impl. does not necessarily have to be moved to the incubator, I guess
> the same applies to the encryption code from Axl.
>
> (1) I hereby vote to include the C/C++ code into the Apache XML-Security
> project.
>
> geuerp: +1
As long as it is seperated enough from the Java distribution:
vdkoogh +1
> (2) I hereby nominate Berin Lautenbach <be...@ozemail.com.au> as committer
> #4 to the XML-Security project to be responsible to the C/C++ code he has
> written.
>
> geuerp: +1
vdkoogh +1
> (3) I hereby vote to include the Encryption code into the Apache
> XML-Security project.
> geuerp: +1
vdkoogh: +1
Erwin
Vote-o-mania for xml-security
Posted by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de>.
OK,
from the incubator process <http://incubator.apache.org/process.html>, the
C/C++ impl. does not necessarily have to be moved to the incubator, I guess
the same applies to the encryption code from Axl.
(1) I hereby vote to include the C/C++ code into the Apache XML-Security
project.
geuerp: +1
(2) I hereby nominate Berin Lautenbach <be...@ozemail.com.au> as committer
#4 to the XML-Security project to be responsible to the C/C++ code he has
written.
geuerp: +1
(3) I hereby vote to include the Encryption code into the Apache
XML-Security project.
geuerp: +1
Kind regards,
Christian
--On Mittwoch, 29. Januar 2003 09:59 +0100 Christian Geuer-Pollmann
<ge...@nue.et-inf.uni-siegen.de> wrote:
> Hi Berin,
>
> what's the status of the C/C++ code? As I understood, you're signed the
> contributor agreement with the ASF. What happens with the code now? Does
> it go into the incubator or into xml-security or what are the next steps?
>
> If it goes into xml-security, I have to nominate you as committer asap.
>
> Kind regards,
> Christian
C/C++ Security implementation
Posted by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de>.
Hi Berin,
what's the status of the C/C++ code? As I understood, you're signed the
contributor agreement with the ASF. What happens with the code now? Does it
go into the incubator or into xml-security or what are the next steps?
If it goes into xml-security, I have to nominate you as committer asap.
Kind regards,
Christian
Re: Vote: "Movement back" Re: Objection on movement from xml-security
to ws-security
Posted by Berin Lautenbach <be...@ozemail.com.au>.
For what it's worth - I'm of the same opinion - should sit with XML.
Cheers,
Berin
Christian Geuer-Pollmann wrote:
>--On Mittwoch, 29. Januar 2003 17:57 +1100 berin@ozemail.com.au wrote:
>
>
>
>>>FYI, Here's the email that was sent to all concerned projects
>>>(http://marc.theaimsgroup.com/?l=xml-apache-general&m=104316088830105&w=
>>>2)
>>>
>>>
>>I think the big problem here is that this came
>>out a week ago, and a few days later the whole
>>thing was signed and delivered with no "OK" vote
>>from the security-dev project. (Might have been
>>nice to have some discussion just within sec-dev.)
>>
>>Be that as it may - is there something somewhere
>>that describes the charter of each project (XML
>>and WS)? The resolution that is referenced above
>>says something, but not much.
>>
>>Also, assuming the decision is made to bring
>>back to XML (which appears the most sensible),
>>what does that mean for the current refactoring
>>of the XML project? Should the security-dev
>>group be voting someone/some people in to
>>represent on the PMC?
>>
>>Cheers,
>> Berin
>>
>>
>
>
>You're right. I must admit that I was sleeping when I saw Sam's mail on
>"RESOLVED, that WS ... is tasked with the migration of the XML Security".
>In all discussions and votes I've seen on general@xml and xerces-dev@xml
>and whereever else, there was always this "I say +1" voting scheme. I and
>no other of the two existing committers of XML-Security in fact did any
>vote. I did not trigger any discussion on security-dev as I did not
>understand that this involved a movement into a new sub project.
>
>So there was no vote from the committers to move it from xml.apache.org to
>ws.apache.org.
>
>There must be a vote to move it back. If this really is the procedure, OK...
>
>Hereby, Axl and Erwin, I officially ask you on your opinion whether we
>should make the request to the board to bring back XML-Security from
>ws.apache.org to xml.apache.org.
>
>geuerp: +1
>
>Kind regards,
>Christian
>
>
>
>
>
Re: Vote: "Movement back" Re: Objection on movement from xml-security to ws-security
Posted by Erwin van der Koogh <er...@koogh.com>.
> You're right. I must admit that I was sleeping when I saw Sam's mail on
> "RESOLVED, that WS ... is tasked with the migration of the XML Security".
> In all discussions and votes I've seen on general@xml and xerces-dev@xml
> and whereever else, there was always this "I say +1" voting scheme. I and
> no other of the two existing committers of XML-Security in fact did any
> vote. I did not trigger any discussion on security-dev as I did not
> understand that this involved a movement into a new sub project.
I just started a new job and have only been skimming apache mails for about a
week and it turned out to be resolved :)
> So there was no vote from the committers to move it from xml.apache.org to
> ws.apache.org.
>
> There must be a vote to move it back. If this really is the procedure, OK...
>
> Hereby, Axl and Erwin, I officially ask you on your opinion whether we
> should make the request to the board to bring back XML-Security from
> ws.apache.org to xml.apache.org.
It makes almost as much sense to move this to a WS project as it does moving
Xalan and Xerces, so I would vote against the move to WS and for a move back to
XML.
> geuerp: +1
vdkoogh +1