Re: Revised OpenSAML proposal
Davanum Srinivas wrote: Incubator Folks, We have a proposal, an initial code base, identified committers, a willing web services pmcWhat's the next step? Please advise. We are walking on new ground here, so I'll step up to reply, but please take this as my personal opinions except on those matters where I won't be corrected. There are couple of points I'll like to see done, and then we'll get along with actually starting the creation of the project. Acceptance criteria: destination PMC vote -- I've read the proposal, and the first thing that I note is a *strong* willingness of the WS PMC to accept the project. This is very positive IMHO, and since we are not here to be gatekeepers for proposals already accepted by other PMCs, IMO it constitutes a 'yes' to the acceptance. Has the WS PMC voted on this? If not, I'd suggest that a vote is done and we will acknowledge the result. If it has been already done, please post here a link to the votes. Synergy - I cannot fail to remember that we have another possible candidate in line (Wyona) that uses saml already and has his implementation in Java. I have already asked them about spinning off some of their code to other projects in Apache, and they were very positive about it. This is another positive thing. Points to watch One active committer is not much... this will be our main point to watch, and see that it gains momentum. Blockers? --- "Are there IPR-related concerns with SAML (patents held by RSA but offered royalty free)?" Can you please elaborate more on this? -- Nicola Ken Barozzi [EMAIL PROTECTED] - verba volant, scripta manent - (discussions get forgotten, just code remains) - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Revised OpenSAML proposal
Nicola, WS PMC has not voted on it yet. i privately pinged a few folks who seemed receptive. I will let scott and his team answer the rest of the queries/concerns. As soon as we setup our mailing lists and archives etc (this weekend), i can initiate a vote. Thanks, dims --- Nicola Ken Barozzi <[EMAIL PROTECTED]> wrote: > > Davanum Srinivas wrote: > > Incubator Folks, > > > > We have a proposal, an initial code base, identified committers, a willing web >services > > pmcWhat's the next step? Please advise. > > We are walking on new ground here, so I'll step up to reply, but please > take this as my personal opinions except on those matters where I won't > be corrected. > > There are couple of points I'll like to see done, and then we'll get > along with actually starting the creation of the project. > > > Acceptance criteria: destination PMC vote > -- > > I've read the proposal, and the first thing that I note is a *strong* > willingness of the WS PMC to accept the project. This is very positive > IMHO, and since we are not here to be gatekeepers for proposals already > accepted by other PMCs, IMO it constitutes a 'yes' to the acceptance. > > Has the WS PMC voted on this? > If not, I'd suggest that a vote is done and we will acknowledge the > result. If it has been already done, please post here a link to the votes. > > > Synergy > - > > I cannot fail to remember that we have another possible candidate in > line (Wyona) that uses saml already and has his implementation in Java. > I have already asked them about spinning off some of their code to other > projects in Apache, and they were very positive about it. This is > another positive thing. > > > Points to watch > > > One active committer is not much... this will be our main point to > watch, and see that it gains momentum. > > > Blockers? > --- > > "Are there IPR-related concerns with SAML (patents held by RSA but > offered royalty free)?" > > Can you please elaborate more on this? > > > -- > Nicola Ken Barozzi [EMAIL PROTECTED] > - verba volant, scripta manent - > (discussions get forgotten, just code remains) > - > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > = Davanum Srinivas - http://xml.apache.org/~dims/ __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Revised OpenSAML proposal
> Points to watch > > One active committer is not much... this will be our main point to > watch, and see that it gains momentum. As the committer in question, I more than agree. My focus is and will be for a while on Shibboleth, so our goal has been to get to a stable state so that OpenSAML would have a life of its own if the interest is there. > Blockers? > --- > "Are there IPR-related concerns with SAML (patents held by RSA but > offered royalty free)?" > > Can you please elaborate more on this? I can't elaborate as much as I'd like, but the relevant OASIS pointer is: http://www.oasis-open.org/committees/security/rsa-ipr-statement-SAML3b-OASIS-2002-04-22.shtml The particulars in regard to a library like OpenSAML are that both the distributor of the toolkit (currently Internet2, presumably the ASF in this context) and any users of the toolkit have to obtain a royalty-free license. Past discussion with RSA's OASIS SSTC reps (not their lawyers I want to emphasize) are that RSA intends a fax-back type of license. Recent discussion has not really clarified much, and while I've heard rumors of more liberal terms (possibly none for toolkits), they are only rumors to me. RSA has yet to define the precise license or the terms, but has been urged to do so by the SSTC. Sun is already selling one product, for example. Anyway, I'm not a lawyer and I don't play one on TV. And I'm not about to argue for or against the patent claims (my own opinions notwithstanding). But certainly the web services (and web services security) space is full of this stuff, most of it often much less clear than this, so welcome to the thunderdome. -- Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Revised OpenSAML proposal
On Wed, 29 Jan 2003, Nicola Ken Barozzi wrote: > Synergy > - > > I cannot fail to remember that we have another possible candidate in > line (Wyona) that uses saml already and has his implementation in Java. > I have already asked them about spinning off some of their code to other > projects in Apache, and they were very positive about it. This is > another positive thing. You mean wyona.org? I don't see anything SAMLish in their distribution ... > Points to watch > > > One active committer is not much... this will be our main point to > watch, and see that it gains momentum. We'll have to see, but we've been getting lots of interest in this package, and heard about some other implementations as well; and of course there are many commercial implementations already from the companies that contributed to writing the spec. > Blockers? > --- > > "Are there IPR-related concerns with SAML (patents held by RSA but > offered royalty free)?" > > Can you please elaborate more on this? You never know, but the fact that it is now a full year after they first brought up this claim, and they still haven't had enough interest to come up with procedures for getting licenses (and why would they, since they're free), would lead one to believe that they aren't going to pursue enforcing any rights here very aggressively. As Scott said, there are so many nasty patent situations out there, this one seems quite friendly. - RL "Bob" - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Revised OpenSAML proposal
RL 'Bob' Morgan wrote: On Wed, 29 Jan 2003, Nicola Ken Barozzi wrote: Synergy - I cannot fail to remember that we have another possible candidate in line (Wyona) that uses saml already and has his implementation in Java. I have already asked them about spinning off some of their code to other projects in Apache, and they were very positive about it. This is another positive thing. You mean wyona.org? I don't see anything SAMLish in their distribution Well, I guess Nicola was probably mislead by us (wyona.org) mentioning to him that we are using something similar to XACML for authorization. But I agree very much with Nicola that there are a lot of synergies and we certainly don't mind collaborating on this. I think it would help a lot if we could focus on one "Authentication/Authorization Framework", especially since there seem to be so many within Apache already. At least we (wyona.org) don't want to start another one. Thanks Michael ... Points to watch One active committer is not much... this will be our main point to watch, and see that it gains momentum. We'll have to see, but we've been getting lots of interest in this package, and heard about some other implementations as well; and of course there are many commercial implementations already from the companies that contributed to writing the spec. Blockers? --- "Are there IPR-related concerns with SAML (patents held by RSA but offered royalty free)?" Can you please elaborate more on this? You never know, but the fact that it is now a full year after they first brought up this claim, and they still haven't had enough interest to come up with procedures for getting licenses (and why would they, since they're free), would lead one to believe that they aren't going to pursue enforcing any rights here very aggressively. As Scott said, there are so many nasty patent situations out there, this one seems quite friendly. - RL "Bob" - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[STATUS] (incubator) Wed Jan 29 23:45:57 EST 2003
APACHE INCUBATOR PROJECT STATUS: -*-indented-text-*- Last modified at [$Date: 2002/10/27 15:23:52 $] Background: o See the bottom of this file for the official resolution/ charter-as-it-stands o IRC channel #apache-incubator on irc.openprojects.net traffic is logged to http://Source-Zone.Org/apache-irc/> so that the content of interactive discussions is available to everyone o Mailing lists: - [EMAIL PROTECTED] (send to [EMAIL PROTECTED]) o This status file is mailed to [EMAIL PROTECTED] every Wednesday Project committers (as of 2002-10-27): o incubator: abannert,coar,fielding,fitz,gstein,jim,nicolaken,striker o incubator-site: abannert,coar,fielding,fitz,gstein,jim,nicolaken,striker Release: none yet; still ramping up Resolved Issues: none yet; still ramping up Pending issues: o Coming up with a set of bylaws for the project o the Website. Use Forrest? Possible topics for educational documents o A document which describes the 'ideal' way a project has to go to be successfully integrated into the ASF: the flow of the normal incubation process should be pictured o Glossary of important ASF terms and phrases (this was considered as very helpful on the reorg@ list) o Compact, but also encyclopedic link-directory which points to important info on the other ASF sites (e.g. to the Jakarta Charter or to the HTTPd dev pages) o General License-/Licensing documentation (ASL1.1, ASL2.2, TCK, JSPA) The complete text of the resolution that was passed which created this project is: WHEREAS, the Board of Directors deems it to be in the best interests of the Foundation and consistent with the Foundation's purpose to establish a Project Management Committee charged with accepting new products into the Foundation, providing guidance and support to help each new product engender their own collaborative community, educating new developers in the philosophy and guidelines for collaborative development as defined by the members of the Foundation, and proposing to the board the promotion of such products to independent PMC status once their community has reached maturity. NOW, THEREFORE, BE IT RESOLVED, that a Project Management Committee (PMC), to be known as the "Apache Incubator PMC", be and hereby is established pursuant to the Bylaws of the Foundation; and be it further RESOLVED, that the Apache Incubator PMC be and hereby is responsible for the acceptance and oversight of new products submitted or proposed to become part of the Foundation; and be it further RESOLVED, that the Apache Incubator PMC is responsible for providing guidance and ensuring that subprojects under its purview develop products according to the Foundation's philosophy and guidelines for collaborative development; and be it further RESOLVED, that the Apache Incubator PMC is responsible for regularly evaluating products under its purview and making the determination in each case of whether the product should be abandoned, continue to receive guidance and support, or proposed to the board for promotion to full project status as part of an existing or new Foundation PMC; and be it further RESOLVED, that the office of "Vice President, Apache Incubator" be and hereby is created, the person holding such office to serve at the direction of the Board of Directors as the chair of the Apache Incubator PMC, and to have primary responsibility for management of the subprojects within the scope and responsibility of the Apache Incubator PMC; and be it further RESOLVED, that the persons listed immediately below be and hereby are appointed to serve as the initial members of the Apache Incubator PMC: Aaron Bannert Nicola Ken Barozzi Ken Coar Roy T. Fielding B. W. Fitzpatrick Jim Jagielski Greg Stein Sander Striker NOW, THEREFORE, BE IT FURTHER RESOLVED, that Jim Jagielski be and hereby is appointed to the office of Vice President, Apache Incubator, to serve in accordance with and subject to the direction of the Board of Directors and the Bylaws of the Foundation until death, resignation, retirement, removal or disqualification, or until a successor is appointed; and be it further RESOLVED, that the initial Apache Incubator PMC be and hereby is tasked with the creation of a set of bylaws intended to encourage open development and increased participation in the Apache Incubator Project. # # Local Variables: # mode: indented-text #
