Fwd: What about Kerberos becoming a separate project ?
Web Server forum
Back To The Forum Home!Search!Private Messaging System
Visit your User Control Panel!Register your FREE username now!Visit Our Calendar!View the Member List!Faqs!Search our Forums!

Web Server Talk Web Server Talk > Web Servers reviews > Apache Server configuration support > Apache Directory Project > Fwd: What about Kerberos becoming a separate project ?




  Last Thread   Next Thread Next
  Show Printable Version Email this Page Subscribe to this Thread      Post New Thread    Post A Reply      

    Fwd: What about Kerberos becoming a separate project ?  
Emmanuel Lecharny


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
09-24-07 12:11 AM

Oops, as usual, I just click on 'reply' instead of 'reply all' ...

So here is my reply to Alex's mail :

---------- Forwarded message ----------
From: Emmanuel Lecharny <elecharny-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Date: Sep 23, 2007 8:20 PM
Subject: Re: What about Kerberos becoming a separate project ?
To: Alex Karasulu <akarasulu-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org>


On 9/23/07, Alex Karasulu <akarasulu-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
> Ok let me try to clarify below ...
>
> On 9/22/07, Emmanuel Lecharny <elecharny-Re5JQEeQqe8AvxtiuMwx3w@public.gma
ne.org> wrote: 
>
> Yep I understand that.  But when you create another subproject it's like
> another offering of a product
> that is voted upon etc.  We must be able to support that product in the s=
ame
> manner that we support
> the server or studio for example.  Doing so is more than just a matter of
> project organization in this
> sense.   You're telling users that we're open for business and we simply =
are
> not.  Look at the situation
> we had with the guy who inquired about DNS.  No one could help him.

yeah, makes more sense to me now. I agree with you. Let's finish
Kerberos, let it be a community part before making it a separate
project. It will take time, so I have created a special branch to
evolve in this direction, without engaging the community to move
around code, tests, pom.xml, packaging, etc, before we are ready.

>
> As djencks said in another thread - I did not review a patch request.  Th=
is
> however is different from
> turning back users.  A dev issue can wait but the project really looks ba=
d
> when we tell users sorry
> that functionality we advertise is really unsupported and no one can help
> you with it.  Plus you have
> more users than developers waiting on feedback.

very true.

> 
>
> Does it make more sense now?

Yes, much more. Sorry if I didn't get the whole picture, it was not
obvious to me at first sight. My intention was good, but maybe a
little bit premature.

>
> This veto is with respect to this point in time of course.  This is not f=
or
> ever.  We can do with it what
> we like as long as we have community around the code.

Sure. And I'm working on it.

>
> Just a heads up on my modus operandi.  I like to take risks sometimes wit=
h
> new projects and we did
> that with studio and it was a total success.  It was a risk tho and still=
to
> some degree is because we
> only have two guys that deal with it.  Generally the rules are that we ne=
ed
> at least 3 active committers
> to start a subproject.  However going back risks are good to take and
> sometimes they produce good
> results.  Studio is an example of a risk that was very successful.

I think we debated about those kind of risks months ago. TripleSec,
Kerberos, DNS, NTP, etc, are such projects which put us on dire
straigth as soon as some users want to use them, because no more than
one committer is able to help them. We have had to sandbox Naming,
sar-plugin and we are talking about DNS sandbox or moiving it to Mina
for this exact reason. Other subprojects like OSGi are sandboxed just
because we can't work on it before we reach a stable version (namely,
2.0).

All those decision has to be balanced, and sometime, we win, sometime,
we loose. That's just life, I guess...

>
> Now I took the risk with the Kerberos stuff and softened the requirements
> because technically it was
> too attractive to forgo.  When Enrique wanted to do cool things with DNS =
and
> DHCP I was also very
> open but worried since it was moving too fast with a single guy at the he=
lm.
>  So then when we could
> not maintain the quality of support that's when I started battening down =
the
> hatches.

I agree. Kerberos is really a corner stone we can't neglect. My
proposal was just trying to get it under the sunligts, but I agree I
must finish my homeworks before kerberos being able to become a
standalone project. I must admit I haven't finished what I thought
would take me only a couple of weeks (a gross under evaluation), but
at the end, we should have a code which is owned by the community, ie
not only Enrique or me, but by anyone who can jump into the code,
patch it, improve it, use it. We are far from this point.

>
> Now I take no risks in this area.  There's just too much exposure here no=
w.
> It's time to hold back
> and fix our issues.

The fact is that ADS as a whole has grown up to a point that it's not
anymore a 3 men proects. David pointed out that may be we are trying
to keep the number of committers low by requesting new committers to
respect a full set of rules we don't even fulfill, but at some point,
I don't think this is what is happening. When I jumped into ADS, it
was Alex, Trustin, Enrique, Alan and a bunch of almost inactive
committers. It was 2,5 years. We are now 11 actives committers : Alex,
Chris, Christine, David, Enrique, Ersin, Martin, Pierre-Arnaud,
Stefan, Stefan and me. The community is vibrant, we have successfully
released 6 versions this year : ADS 1.0.1, 1.0.1, 1.5.0 and 1.5.1, and
Studio 1.0.0 and 1.0.1. More than 6800 people have downloaded Apache
Directory Studio, and around 3000 of them since sept, 1st. This is a
great success, but we are now in a situation where we must be more and
more carefull with the project.

>
> You Emmanuel are now getting into this code base and this is great.  Perh=
aps
> Enrique can help
> you and then both of you can help another person who comes on.  But once =
we
> have 3 people that
> can support this code then we're good to offer it as another product with
> all the exposure that brings.

Absolutly.

>
> I'm in love with the idea that we can offer Kerberos based products
> standalone or as plugins.  But
> we need to do it carefully.

For many reasons I also addressed in my previous comment, I'm 100%
with you on that.

>
> So keep on increasing the community and let's talk in 12 months. If the
> conditions change so will my
> vote.

Ok, np. It's up to us to make it happen. There is no hurry, we have to
be careful.

Thanks for having clarifying your position, this was good to have the
full picture. I'm backing you now !

E.
--
Regards,
Cordialement,
Emmanuel L=E9charny
www.iktek.com


--=20
Regards,
Cordialement,
Emmanuel L=E9charny
www.iktek.com




[ Post a follow-up to this message ]



    Sponsored Links  




 



   All times are GMT. The time now is 10:04 PM.      Post New Thread    Post A Reply      
  Last Thread   Next Thread Next


Most Popular forums 
Apache Server MySQL for Windows Sendmail
Red Hat Networking SuSe Linux Debian Linux
FreeBSD administration Sun Solaris administration Unix Shell programming
WebSphere Portal Server Exchange 2000 administration PostgreSQL administration
Linux Security Computer Security Firewalls

Forum Jump:
Rate This Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
 
Medical and Health forum | Computer Games Reviews | Graphics design forum

Back To The Top
Home | Usercp | Faq | Register