Re: CA Server (Re: prc)
> > VeriSign Class 2 is 700USD/page per year IIRC. > > > > All the members to have Class2 *for free* would be reasonable. > > Plus, "donated" committers (e.g. 100USD) to have Class2 > > would be reasonable as well. > > Tetsuya, > > So can I clarify. Do you expect the ASF to pay for some 300 Class 2 > certificates from Verisign? > Then some further 1800 or more committer certificates? > > That is a staggeringly expensive project to even consider. Even if > they were donated to the ASF, that would be another component of an > already bustling infrastructure metropolis, we are just not geared up > for that yet. That's not to say we couldn't be, but at the moment we > are not. There could be one way: Members and committers: by the request, they can get (Members: free / Committers: 100 - 200 USD/yr) The best way would be -- as needless to say -- recruiting VeriSign as a Plutinum Sponsor :-) WDYT -- Tetsuya Kitahata - To unsubscribe, e-mail: community-unsubscr...@apache.org For additional commands, e-mail: community-h...@apache.org
Re: CA Server (Re: prc)
On 11 Jun 2009, at 00:53, Tetsuya Kitahata wrote: Plus, I personally think that all the committers post to anno...@apache.org etc. to use S/MIME. I am no longer an individual sponsor (by svn commit: r779649), so this is just IMHO: # By the way, why there could be no "emertus sponsor" # list? I donated to Python Software Foundation 4yrs ago # and still remain my name listed on the web. I think it # is rather Normal. Really Strange... VeriSign Class 2 is 700USD/page per year IIRC. All the members to have Class2 *for free* would be reasonable. Plus, "donated" committers (e.g. 100USD) to have Class2 would be reasonable as well. Tetsuya, So can I clarify. Do you expect the ASF to pay for some 300 Class 2 certificates from Verisign? Then some further 1800 or more committer certificates? That is a staggeringly expensive project to even consider. Even if they were donated to the ASF, that would be another component of an already bustling infrastructure metropolis, we are just not geared up for that yet. That's not to say we couldn't be, but at the moment we are not. Cheers, Tony Cheers, Tony Tony Stevenson t...@pc-tony.com - pct...@apache.org pct...@freenode.net - t...@caret.cam.ac.uk http://blog.pc-tony.com 1024D/51047D66 ECAF DC55 C608 5E82 0B5E 3359 C9C7 924E 5104 7D66 - To unsubscribe, e-mail: community-unsubscr...@apache.org For additional commands, e-mail: community-h...@apache.org
Re: CA Server (Re: prc)
Plus, I personally think that all the committers post to anno...@apache.org etc. to use S/MIME. I am no longer an individual sponsor (by svn commit: r779649), so this is just IMHO: # By the way, why there could be no "emertus sponsor" # list? I donated to Python Software Foundation 4yrs ago # and still remain my name listed on the web. I think it # is rather Normal. Really Strange... VeriSign Class 2 is 700USD/page per year IIRC. All the members to have Class2 *for free* would be reasonable. Plus, "donated" committers (e.g. 100USD) to have Class2 would be reasonable as well. WDYT? Tetsuya > Tetsuya Kitahata wrote: > > Seems that no response ... But don't care. > > > > MY Practical Proposal: > > Establishing CA Server in @apache.org > > (For S/MINE, PGP etc.) > > > > The Apache Software Foundation has numerous "fax"es or "paper"s from all > > of the committers at least, and they would be reliable. It's good idea for > > me (and YOU) > > to establish CA Center (Server) in apache. > > AIUI the main problem is that there aren't (or weren't) any CA servers > which did exactly what apache wanted. > > in general, apache tends to be use distributed trust models to avoid > single points of failure. so, a CA would need to be secure and embody > some of the same qualities. > > IIRC some folks started coding up a suitable application but i'm not > sure why it never made it into use. a major use case was going to be > managing client side certification for subversion access. > > AIUI infrastructure has been working hard implementing LDAP but that's > just about completed. now might be a good time to ask them about the CA > project. > > - - robert - Tetsuya Kitahata -- Terra-International, Inc. - President - E-mail: kitah...@99.alumni.u-tokyo.ac.jp http://www.terra-intl.com/ Apache News Online http://www.apachenews.org/ 1555 Doolittle.Dr Suite170 #200 San Leandro, CA, 94577 FAX: +1-4083512810 (USA) / +81-345209534 (Japan)/+44-2033182683(UK) Skype: tkitahata / ai.kojima - To unsubscribe, e-mail: community-unsubscr...@apache.org For additional commands, e-mail: community-h...@apache.org
Re: CA Server (Re: prc)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tetsuya Kitahata wrote: > Seems that no response ... But don't care. > > MY Practical Proposal: > Establishing CA Server in @apache.org > (For S/MINE, PGP etc.) > > The Apache Software Foundation has numerous "fax"es or "paper"s from all > of the committers at least, and they would be reliable. It's good idea for me > (and YOU) > to establish CA Center (Server) in apache. AIUI the main problem is that there aren't (or weren't) any CA servers which did exactly what apache wanted. in general, apache tends to be use distributed trust models to avoid single points of failure. so, a CA would need to be secure and embody some of the same qualities. IIRC some folks started coding up a suitable application but i'm not sure why it never made it into use. a major use case was going to be managing client side certification for subversion access. AIUI infrastructure has been working hard implementing LDAP but that's just about completed. now might be a good time to ask them about the CA project. - - robert -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoc3GQACgkQQ617goCdfgNhpACg42tDtu6Uq8JIuy3mvZk22sGY +7AAoNs3TFkpWoBeMvoVrZ4hOxzk6rfK =ddsP -END PGP SIGNATURE- - To unsubscribe, e-mail: community-unsubscr...@apache.org For additional commands, e-mail: community-h...@apache.org
CA Server (Re: prc)
Seems that no response ... But don't care.
MY Practical Proposal:
Establishing CA Server in @apache.org
(For S/MINE, PGP etc.)
The Apache Software Foundation has numerous "fax"es or "paper"s from all
of the committers at least, and they would be reliable. It's good idea for me
(and YOU)
to establish CA Center (Server) in apache.
Please use my (sponsorship) money for it.
Any thoughts?
Thanks
Tetsuya Kitahata
-
> Dear ASF PRC Members
>
>
> #CC: commun...@a.o.
>
>
> Message From Tetsuya Kitahata wearing #Sponsor HAT#
>
> I am celebrating the 10th anniversary of the ASF and the success of
> ApacheCon EU. I am sorry to respond late because of the additional
> (personal) sponsorship things etc.
>
> About the doap things, any kinds of progress at ApacheCon EU 2009??
> Seemed that I could not see any progress... right?
>
> As for doaps, attached file (doaps.tar.gz) contains some "missing"
> doaps, so please use appropriately.
> (Includes recent news item projects -- Zookeeper, Mailet Base,
> CXF, PyLucene, Buildr, CouchDB etc. -- enhance, edit plz.
> I am afraid I could not describe correctly)
> I think that "evangelizing" this project (DOAP project) is ought to
> be more efficient. People (developers) can not find right project
> for their products etc. in apache.org now. Please take it seriously.
>
>
>
> By the way, I have a translation website of projects.apache.org
> at http://projects.terra-intl.com/ (Japanese)
> If possible, linking from http://projects.apache.org would be very
> impressive for japanese apache lovers. Plz add.
>
> # Maintained completely by doaps.
>
>
> Obrigado,
>
>
> -- Tetsuya Kitahata
>
>
>
>
> > Tetsuya - thanks for the note. I'm sending this just to prc@ since both
> > Jim and I are on that list.
> >
> > Tetsuya Kitahata wrote:
> > > As usual, corporate sponsor won't speak to PRC
> > > directly as a sponsor. Of course, I know that Apache
> > > should not be a slave of sponsors. What I would like to
> > > talk is not such a kind of thing. Please understand.
> >
> > Yes, I agree that the ASF should not be influenced or controlled by
> > sponsors ("slave"). However we (the ASF, and in particular the PRC) do
> > want to be responsive and open to hearing what our sponsors are
> > interested in and thinking about. So please do email prc@ with your
> > thoughts when wearing your #sponsor hat#!
> >
> > > 1. Congratulations on PRC & Fundraising Committee. Both working
> > > together would be beneficial to the foundation I believe.
> > > Plus, personally I think that this Committee also have "Communication"
> > > Committee. -- For example, jobs@, community@, woman@ management etc.
> > > and evolved to "Public Relations, Communications and Fundraising
> > > Committee".
> > > (If "Communications" means internal and exrternal, "Public Relations"
> > > would
> > > be needless, maybe)
> >
> > Yes, the PRC (Public Relations Committee) is basically in charge of most
> > of those areas on the broad scale. Overall communication with the
> > public should be what the PRC manages, however we may not have always
> > formally taken charge of the various email lists and other topics. The
> > areas that the PRC clearly owns, and how the PRC sets policy and goes
> > about using then is still being defined over time.
> >
> > Several other PRC members and ASF members have been thinking about how
> > we do "outreach" - how we, as an open source and software organization,
> > can more actively attract developers and educate the public and
> > businesses about open source best practices. Here on prc@ is probably
> > the best place to work on those kinds of subjects.
> >
> >
> > > 2. Please encourage the doap files to be created more. Plus, I
> > > suppose doap files should not be maintained by each PMC,
> > > rather in one repository they should be put, I hope. Simple reason.
> > > When I find error in doap, I must put the opinions on each dev list,
> > > it is very painful for each other.
> > > (Sometimes it happened in the past: see attached file for example)
> > > #DOAP# repository would be OK. (all committers can edit) -- and
> > > current ones (in svn repositories in each projects) to be batch renewed
> > > daily or hourly.
> >
> > One of the things I hoped to do over ApacheCon next week is to create
> > and u
Re: prc
Dear ASF PRC Members
#CC: commun...@a.o.
Message From Tetsuya Kitahata wearing #Sponsor HAT#
I am celebrating the 10th anniversary of the ASF and the success of
ApacheCon EU. I am sorry to respond late because of the additional
(personal) sponsorship things etc.
About the doap things, any kinds of progress at ApacheCon EU 2009??
Seemed that I could not see any progress... right?
As for doaps, attached file (doaps.tar.gz) contains some "missing"
doaps, so please use appropriately.
(Includes recent news item projects -- Zookeeper, Mailet Base,
CXF, PyLucene, Buildr, CouchDB etc. -- enhance, edit plz.
I am afraid I could not describe correctly)
I think that "evangelizing" this project (DOAP project) is ought to
be more efficient. People (developers) can not find right project
for their products etc. in apache.org now. Please take it seriously.
By the way, I have a translation website of projects.apache.org
at http://projects.terra-intl.com/ (Japanese)
If possible, linking from http://projects.apache.org would be very
impressive for japanese apache lovers. Plz add.
# Maintained completely by doaps.
Obrigado,
-- Tetsuya Kitahata
> Tetsuya - thanks for the note. I'm sending this just to prc@ since both
> Jim and I are on that list.
>
> Tetsuya Kitahata wrote:
> > As usual, corporate sponsor won't speak to PRC
> > directly as a sponsor. Of course, I know that Apache
> > should not be a slave of sponsors. What I would like to
> > talk is not such a kind of thing. Please understand.
>
> Yes, I agree that the ASF should not be influenced or controlled by
> sponsors ("slave"). However we (the ASF, and in particular the PRC) do
> want to be responsive and open to hearing what our sponsors are
> interested in and thinking about. So please do email prc@ with your
> thoughts when wearing your #sponsor hat#!
>
> > 1. Congratulations on PRC & Fundraising Committee. Both working
> > together would be beneficial to the foundation I believe.
> > Plus, personally I think that this Committee also have "Communication"
> > Committee. -- For example, jobs@, community@, woman@ management etc.
> > and evolved to "Public Relations, Communications and Fundraising Committee".
> > (If "Communications" means internal and exrternal, "Public Relations" would
> > be needless, maybe)
>
> Yes, the PRC (Public Relations Committee) is basically in charge of most
> of those areas on the broad scale. Overall communication with the
> public should be what the PRC manages, however we may not have always
> formally taken charge of the various email lists and other topics. The
> areas that the PRC clearly owns, and how the PRC sets policy and goes
> about using then is still being defined over time.
>
> Several other PRC members and ASF members have been thinking about how
> we do "outreach" - how we, as an open source and software organization,
> can more actively attract developers and educate the public and
> businesses about open source best practices. Here on prc@ is probably
> the best place to work on those kinds of subjects.
>
>
> > 2. Please encourage the doap files to be created more. Plus, I
> > suppose doap files should not be maintained by each PMC,
> > rather in one repository they should be put, I hope. Simple reason.
> > When I find error in doap, I must put the opinions on each dev list,
> > it is very painful for each other.
> > (Sometimes it happened in the past: see attached file for example)
> > #DOAP# repository would be OK. (all committers can edit) -- and
> > current ones (in svn repositories in each projects) to be batch renewed
> > daily or hourly.
>
> One of the things I hoped to do over ApacheCon next week is to create
> and update more project's DOAP files to ensure we have complete
> coverage. In many cases if we send a patch to the dev@ list for a
> project, I expect they'll check it in for us.
>
> I disagree that the DOAP files should be in a central repository. The
> best place to create and store these is in the individual project
> repositories, since the individual projects really need to be
> responsible to keep them updated. Part of the problem with poor
> maintenance of the DOAP files is that projects don't realize how much of
> a strategic value to the ASF overall they can be.
>
> > 3. I had thought that the announcements at annou...@apache.org how
> > to be more polished.
>
> I agree that we'd like to have more polished announcements. The PRC
> should work to craft better guidelines for announcements, with very
> clear and easy to follow instructions (to make it as
Re: PRC [WAS Re: ASF Board Summary for June 23, 2004]
Er, let's step back here. I view the PRC as being responsible for policy, standards, meta-content that goes onto *.apache.org websites. infrastructure@ will still be responsible for actually running the websites. So, no, please do *not* post website patches to PRC lists! In particular, other than suggesting some policies for overall Apache visibility on our websites, I expect individual PMCs to continue to manage their own web presences, working with infrastructure to actually keep the technical details up. Also, we need various updates for the PRC, like updating membership records, having a section on the website, and publishing to the ASF community what our mailing lists are and which one is for which (hint: we primarily rely on fundraising@ and press@ so far). - Shane Working both in the PRC and on the PRC (oh, and did you mean 'federation' from the XML world? No, we're not changing that as far as I know 8-) previous posts > does this mean that the right place to post patches for the federation > website will change from infrastructure to PRC? No (and I'm assuming that you mean "Foundation" when you say "federation"). More than anything, it means that for the first time, someone is responsible for oversight of the www.apache.org website. That someone is the PRC. > what about the websites for projects and sub-projects: is there going > to be any changes in the way that these are managed? No. I don't see any changes in the day-to-day operation of *.apache.org websites. But, for example, if the PRC were to spearhead a website redesign for the ASF, then all project websites would be (eventually) expected to conform to the new design. = - Shane http://apachecon.com/ November in Vegas, baby!" /> - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: PRC [WAS Re: ASF Board Summary for June 23, 2004]
On Jun 28, 2004, at 3:25 PM, robert burrell donkin wrote: On 27 Jun 2004, at 12:23, Greg Stein wrote: * The Board approved the formation of the Public Relations Committee (PRC). This new committee replaces the Fundraising Committee and also rolls in the responsibility and management of our press activities, public relations, and management of our web sites. The intent is to present a coherent message to the press, our sponsors, and all interested parties. This new committee is chaired by Brian Fitzpatrick. how's this going to work in practice (with regard to the websites)? does this mean that the right place to post patches for the federation website will change from infrastructure to PRC? No (and I'm assuming that you mean "Foundation" when you say "federation"). More than anything, it means that for the first time, someone is responsible for oversight of the www.apache.org website. That someone is the PRC. what about the websites for projects and sub-projects: is there going to be any changes in the way that these are managed? No. I don't see any changes in the day-to-day operation of *.apache.org websites. But, for example, if the PRC were to spearhead a website redesign for the ASF, then all project websites would be (eventually) expected to conform to the new design. -Fitz - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
PRC [WAS Re: ASF Board Summary for June 23, 2004]
On 27 Jun 2004, at 12:23, Greg Stein wrote: * The Board approved the formation of the Public Relations Committee (PRC). This new committee replaces the Fundraising Committee and also rolls in the responsibility and management of our press activities, public relations, and management of our web sites. The intent is to present a coherent message to the press, our sponsors, and all interested parties. This new committee is chaired by Brian Fitzpatrick. how's this going to work in practice (with regard to the websites)? does this mean that the right place to post patches for the federation website will change from infrastructure to PRC? what about the websites for projects and sub-projects: is there going to be any changes in the way that these are managed? - robert - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
