You are viewing a plain text version of this content. The canonical link for it is here.
Posted to docs@httpd.apache.org by Rich Bowen <rb...@rcbowen.com> on 2012/03/23 20:23:25 UTC
Re: Adding "Docs overhaul" to new_features_2_4
Having reviewed this document, I have a number of remarks.
1) This appears to be a document about "multi-use SSL certificates", whatever that is. While useful content, it doesn't appear to be directly relevant to the Apache HTTP Server, or have a place in the HTTP Server documentation. I think that ideally what we want is information that's directly useful in configuring the HTTP server.
2) Perhaps this content would be more readily accepted by the folks at openssl.org who are documenting stuff directly related to the SSL protocol itself. We could then heavily link to that resource over there.
I'm a bit of a stickler for deciding what the scope of our documentation is, and then not straying too far outside of that. The scope of our docs is the Apache HTTP Server and how to configure it. While the theory of SSL itself intersects with configuring mod_ssl, they are separate topics.
3) After private discussion with various people on the httpd documentation project, I've received a similar response from many of them, which goes something like this. If you want to participate in the httpd docs effort, please do. The way to do that is to engage in conversation on the docs mailing list. While we appreciate document contributions, the best way to get them integrated into the docs is to discuss it on list, and perhaps even to submit patches.
4) With this specific document, I'm rather concerned about copyright issues. If we incorporate this in the docs, we'd remove the "sponsored by" stuff, as well as (probably) the "about the authors" block. These don't really have a place in a document that is being re-released under the terms of the Apache Software License and will then be subject to the open editing by the docs project. There are a few places in the docs where individual names are mentioned, and these are largely historical artifacts. We're not generally in the habit of crediting authors in a document.
So, having said all of that, I should emphasize that this is one opinion, and there are many other voices on this mailing list. Which is, at least in part, why I might have come across as reluctant to discuss this on the phone, outside of the mailing list, and unilaterally declare the decision of the collective.
On Feb 20, 2012, at 12:55 PM, Geoffrey Noakes wrote:
> ATTENTION: any Apache members who contribute to the SSL-related portions of your HTTPD documentation.
>
> Symantec (aka VeriSign SSL, Geotrust, and Thawte) wants to contribute content to the SSL section. This will be done in a vendor-neutral, vendor-independent way. We seek no advantage here, rather, we want to clear up the misinformation and confusion around how wildcards and SAN certificates work.
>
> We are happy to contribute our content for others to incorporate into the Apache documents. I have attached the content we provided long ago. We are happy to work with anyone that can help us get this content into Apache’s documentation on SSL related to HTTPD.
>
> Also, we will be at RSA 2012. We would like to meet with Apache members who are attending RSA.
>
> Please contact me directly – it is difficult to sort through the many email notices I receive from docs@httpd.apache.org about this.
> Thanks..
>
> Geoff
>
> Geoffrey W. Noakes
> Director, Business Development
> Symantec Corporation
> geoffrey_noakes@symantec.com
> +1-415-370-5980
>
>
> From: Rich Bowen [mailto:rbowen@rcbowen.com]
> Sent: Monday, February 20, 2012 7:31 AM
> To: docs@httpd.apache.org
> Subject: Re: Adding "Docs overhaul" to new_features_2_4
>
> Ok, will do.
>
> I think that the SSL portion of the docs is mostly new, too, although I don't know for certain who worked on that.
>
> --Rich
>
>
> On Feb 20, 2012, at 9:40 AM, Rainer Jung wrote:
>
>
> Hi docs@, hi Rich,
>
> I think it would be nice to add a short statement about your documentation overhaul to our novelties page about 2.4:
>
> http://httpd.apache.org/docs/2.4/new_features_2_4.html
>
> I didn't follow the docs changes in detail, so I'm not sure what to highlight. I remember e.g. quite some commits to improve the Rewrite Guide, but I'm sure there is other stuff as well. Apart from the technical improvements I think we should also highlight the docs improvements, because IMHO there was much more work done for the docs than when releasing 2.2.
>
> Regards,
>
> Rainer
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
> For additional commands, e-mail: docs-help@httpd.apache.org
>
>
> --
> Rich Bowen
> rbowen@rcbowen.com :: @rbowen
> rbowen@apache.org
>
>
>
>
>
>
> <Understanding Multi-Use Digital Certificates_Final.doc>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
> For additional commands, e-mail: docs-help@httpd.apache.org
--
Rich Bowen
rbowen@rcbowen.com :: @rbowen
rbowen@apache.org
Re: Adding "Docs overhaul" to new_features_2_4
Posted by Eric Covener <co...@gmail.com>.
On Fri, Mar 23, 2012 at 3:23 PM, Rich Bowen <rb...@rcbowen.com> wrote:
> Having reviewed this document, I have a number of remarks.
>
> 1) This appears to be a document about "multi-use SSL certificates",
> whatever that is. While useful content, it doesn't appear to be directly
> relevant to the Apache HTTP Server, or have a place in the HTTP Server
> documentation. I think that ideally what we want is information that's
> directly useful in configuring the HTTP server.
>
> 2) Perhaps this content would be more readily accepted by the folks at
> openssl.org who are documenting stuff directly related to the SSL protocol
> itself. We could then heavily link to that resource over there.
>
> I'm a bit of a stickler for deciding what the scope of our documentation is,
> and then not straying too far outside of that. The scope of our docs is the
> Apache HTTP Server and how to configure it. While the theory of SSL itself
> intersects with configuring mod_ssl, they are separate topics.
+1, I read the wiki link from the older thread, and the content seemed
more along the lines of a whitepaper (we'd potentially link to) but
nothing that would live in the Apache manual.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org
Re: Adding "Docs overhaul" to new_features_2_4
Posted by Daniel Gruno <ru...@cord.dk>.
On 23-03-2012 20:23, Rich Bowen wrote:
> Having reviewed this document, I have a number of remarks.
>
> 1) This appears to be a document about "multi-use SSL certificates",
> whatever that is. While useful content, it doesn't appear to be
> directly relevant to the Apache HTTP Server, or have a place in the
> HTTP Server documentation. I think that ideally what we want is
> information that's directly useful in configuring the HTTP server.
>
> 2) Perhaps this content would be more readily accepted by the folks at
> openssl.org <http://openssl.org> who are documenting stuff directly
> related to the SSL protocol itself. We could then heavily link to that
> resource over there.
>
> I'm a bit of a stickler for deciding what the scope of our
> documentation is, and then not straying too far outside of that. The
> scope of our docs is the Apache HTTP Server and how to configure it.
> While the theory of SSL itself intersects with configuring mod_ssl,
> they are separate topics.
>
> 3) After private discussion with various people on the httpd
> documentation project, I've received a similar response from many of
> them, which goes something like this. If you want to participate in
> the httpd docs effort, please do. The way to do that is to engage in
> conversation on the docs mailing list. While we appreciate document
> contributions, the best way to get them integrated into the docs is to
> discuss it on list, and perhaps even to submit patches.
>
> 4) With this specific document, I'm rather concerned about copyright
> issues. If we incorporate this in the docs, we'd remove the "sponsored
> by" stuff, as well as (probably) the "about the authors" block. These
> don't really have a place in a document that is being re-released
> under the terms of the Apache Software License and will then be
> subject to the open editing by the docs project. There are a few
> places in the docs where individual names are mentioned, and these are
> largely historical artifacts. We're not generally in the habit of
> crediting authors in a document.
>
>
> So, having said all of that, I should emphasize that this is one
> opinion, and there are many other voices on this mailing list. Which
> is, at least in part, why I might have come across as reluctant to
> discuss this on the phone, outside of the mailing list, and
> unilaterally declare the decision of the collective.
>
>
> On Feb 20, 2012, at 12:55 PM, Geoffrey Noakes wrote:
>
>> ATTENTION: any Apache members who contribute to the SSL-related
>> portions of your HTTPD documentation.
>> Symantec (aka VeriSign SSL, Geotrust, and Thawte) wants to contribute
>> content to the SSL section. This will be done in a vendor-neutral,
>> vendor-independent way. We seek no advantage here, rather, we want
>> to clear up the misinformation and confusion around how wildcards and
>> SAN certificates work.
>> We are happy to contribute our content for others to incorporate into
>> the Apache documents. I have attached the content we provided long
>> ago. We are happy to work with anyone that can help us get this
>> content into Apache’s documentation on SSL related to HTTPD.
>> Also, we will be at RSA 2012. We would like to meet with Apache
>> members who are attending RSA.
>> Please contact me directly – it is difficult to sort through the many
>> email notices I receive fromdocs@httpd.apache.org
>> <ma...@httpd.apache.org>about this.
>> Thanks..
>> Geoff
>> Geoffrey W. Noakes
>> Director, Business Development
>> Symantec Corporation
>> geoffrey_noakes@symantec.com <ma...@symantec.com>
>> +1-415-370-5980
>> *From:*Rich Bowen [mailto:rbowen@rcbowen.com]
>> *Sent:*Monday, February 20, 2012 7:31 AM
>> *To:*docs@httpd.apache.org <ma...@httpd.apache.org>
>> *Subject:*Re: Adding "Docs overhaul" to new_features_2_4
>> Ok, will do.
>> I think that the SSL portion of the docs is mostly new, too, although
>> I don't know for certain who worked on that.
>> --Rich
>> On Feb 20, 2012, at 9:40 AM, Rainer Jung wrote:
>>
>>
>> Hi docs@, hi Rich,
>>
>> I think it would be nice to add a short statement about your
>> documentation overhaul to our novelties page about 2.4:
>>
>> http://httpd.apache.org/docs/2.4/new_features_2_4.html
>>
>> I didn't follow the docs changes in detail, so I'm not sure what to
>> highlight. I remember e.g. quite some commits to improve the Rewrite
>> Guide, but I'm sure there is other stuff as well. Apart from the
>> technical improvements I think we should also highlight the docs
>> improvements, because IMHO there was much more work done for the docs
>> than when releasing 2.2.
>>
>> Regards,
>>
>> Rainer
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
>> <ma...@httpd.apache.org>
>> For additional commands, e-mail: docs-help@httpd.apache.org
>> <ma...@httpd.apache.org>
>>
>> --
>> Rich Bowen
>> rbowen@rcbowen.com <ma...@rcbowen.com>:: @rbowen
>> rbowen@apache.org <ma...@apache.org>
>>
>>
>>
>>
>> <Understanding Multi-Use Digital Certificates_Final.doc>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:docs-unsubscribe@httpd.apache.org
>> <ma...@httpd.apache.org>
>> For additional commands, e-mail:docs-help@httpd.apache.org
>> <ma...@httpd.apache.org>
>
> --
> Rich Bowen
> rbowen@rcbowen.com <ma...@rcbowen.com> :: @rbowen
> rbowen@apache.org <ma...@apache.org>
>
>
>
>
>
>
+1
I have read the paper, and I have found some of it useful as perhaps an
introduction to SSL and/or Wildcards and SAN. However, I feel it lacks
an overall perspective towards httpd, and, as it stands currently, would
be better suited hosted off-site and possibly linked to. As Rich also
mentioned, we cannot accept the paper in its current forms with explicit
mentions of companies and authors, it would both clash against the
general rule set of the httpd docs, as well as our individual agreements
with the ASF on publishing material.
If you could try to tune the text in to a more httpd oriented
perspective, so it would have its specific reasons to be in the httpd
documentation, I would welcome it with open arms, as we could surely use
some updated documentation.
With regards,
Daniel.