From asa.openliberty at zenn.net  Tue Mar  4 08:04:48 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Tue, 4 Mar 2008 11:04:48 -0500
Subject: [wsf-dev] Naming, final round
Message-ID: <5374C1FA-607F-479B-BD23-CDAD6A074D5F@zenn.net>

Hi All,

I am ready to make a decision about changing the name of the  
ClientLib.  A press release is about to go out, and I'd love to have  
the new name in it.

The only name that resonates with me at this point is "OpenLiberty-J"

OpenLiberty-J  (The Java ID-WSF 2.0 WSC Library from openLiberty.org)

OpenLiberty-J would contain client code for now, with server code to  
be potentially added in the future.  If there were a c/C++  
implementation it would be called OpenLiberty-C, etc etc..

What say you all?  Nay? Yay?

thanks,

asa






--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7



From asa.openliberty at zenn.net  Tue Mar  4 08:06:24 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Tue, 4 Mar 2008 11:06:24 -0500
Subject: [wsf-dev] Naming, final round
In-Reply-To: <5374C1FA-607F-479B-BD23-CDAD6A074D5F@zenn.net>
References: <5374C1FA-607F-479B-BD23-CDAD6A074D5F@zenn.net>
Message-ID: <6CD9840C-9A0A-4B83-B49C-52E54A1F1B7F@zenn.net>


slight correction:

OpenLiberty-J  (The Java ID-WSF 2.0 Library from openLiberty.org)

asa


--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7

On Mar 4, 2008, at 11:04 AM, Asa Hardcastle wrote:

> OpenLiberty-J  (The Java ID-WSF 2.0 WSC Library from openLiberty.org)



From brett at projectliberty.org  Tue Mar  4 09:26:58 2008
From: brett at projectliberty.org (Brett McDowell)
Date: Tue, 4 Mar 2008 12:26:58 -0500
Subject: [wsf-dev] Naming, final round
In-Reply-To: <6CD9840C-9A0A-4B83-B49C-52E54A1F1B7F@zenn.net>
References: <5374C1FA-607F-479B-BD23-CDAD6A074D5F@zenn.net>
	<6CD9840C-9A0A-4B83-B49C-52E54A1F1B7F@zenn.net>
Message-ID: <a07fbebc0803040926s5bc9a6f2wd465cea68c5e63dd@mail.gmail.com>

Now would also be the time to change from openLiberty to OpenLiberty if you
all like that more.

Brett McDowell | Liberty Alliance <http://www.projectliberty.org> |
vCard<http://www.google.com/calendar/hosted/ictprojects.com/embed?src=brett%40ictprojects.com&ctz=America/New_York>|
Calendar<http://www.google.com/calendar/hosted/ictprojects.com/embed?src=brett%40ictprojects.com&ctz=America/New_York>


On Tue, Mar 4, 2008 at 11:06 AM, Asa Hardcastle <asa.openliberty at zenn.net>
wrote:

>
> slight correction:
>
> OpenLiberty-J  (The Java ID-WSF 2.0 Library from openLiberty.org)
>
> asa
>
>
> --
> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> Tel: +1.413.429.1044 Skype: subsystem7
>
> On Mar 4, 2008, at 11:04 AM, Asa Hardcastle wrote:
>
> > OpenLiberty-J  (The Java ID-WSF 2.0 WSC Library from openLiberty.org)
>
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
>
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080304/6975bc6d/attachment.html 

From Andrew.Patterson at Sun.COM  Tue Mar  4 09:37:45 2008
From: Andrew.Patterson at Sun.COM (Pat Patterson)
Date: Tue, 04 Mar 2008 09:37:45 -0800
Subject: [wsf-dev] Naming, final round
In-Reply-To: <a07fbebc0803040926s5bc9a6f2wd465cea68c5e63dd@mail.gmail.com>
References: <5374C1FA-607F-479B-BD23-CDAD6A074D5F@zenn.net>
	<6CD9840C-9A0A-4B83-B49C-52E54A1F1B7F@zenn.net>
	<a07fbebc0803040926s5bc9a6f2wd465cea68c5e63dd@mail.gmail.com>
Message-ID: <17D7F183-974D-427F-939F-86B059C556D1@sun.com>

+1 for OpenLiberty, FWIW

Cheers,

Pat

On Mar 4, 2008, at 9:26 AM, Brett McDowell wrote:

> Now would also be the time to change from openLiberty to OpenLiberty  
> if you all like that more.
>
> Brett McDowell | Liberty Alliance | vCard | Calendar
>
>
> On Tue, Mar 4, 2008 at 11:06 AM, Asa Hardcastle <asa.openliberty at zenn.net 
> > wrote:
>
> slight correction:
>
> OpenLiberty-J  (The Java ID-WSF 2.0 Library from openLiberty.org)
>
> asa
>
>
> --
> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> Tel: +1.413.429.1044 Skype: subsystem7
>
> On Mar 4, 2008, at 11:04 AM, Asa Hardcastle wrote:
>
> > OpenLiberty-J  (The Java ID-WSF 2.0 WSC Library from  
> openLiberty.org)
>
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org

- - - - -
Pat Patterson
Federation Architect, Sun Microsystems, Inc.
pat.patterson at sun.com - http://blogs.sun.com/superpat
- - - - -
Join OpenSSO today! http://opensso.dev.java.net/
- - - - -




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080304/6c83b1b6/attachment.html 

From asa.openliberty at zenn.net  Tue Mar  4 09:38:23 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Tue, 4 Mar 2008 12:38:23 -0500
Subject: [wsf-dev] Naming, final round
In-Reply-To: <a07fbebc0803040926s5bc9a6f2wd465cea68c5e63dd@mail.gmail.com>
References: <5374C1FA-607F-479B-BD23-CDAD6A074D5F@zenn.net>
	<6CD9840C-9A0A-4B83-B49C-52E54A1F1B7F@zenn.net>
	<a07fbebc0803040926s5bc9a6f2wd465cea68c5e63dd@mail.gmail.com>
Message-ID: <B08645E6-AE90-4E9A-9EDD-AD869D410B3D@zenn.net>

Is it possible to keep openLiberty for the website and OpenLiberty-*  
for the ID-WSF implementations?  Or is this too confusing?

asa

--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7



On Mar 4, 2008, at 12:26 PM, Brett McDowell wrote:

> Now would also be the time to change from openLiberty to OpenLiberty  
> if you all like that more.
>
> Brett McDowell | Liberty Alliance | vCard | Calendar
>
>
> On Tue, Mar 4, 2008 at 11:06 AM, Asa Hardcastle <asa.openliberty at zenn.net 
> > wrote:
>
> slight correction:
>
> OpenLiberty-J  (The Java ID-WSF 2.0 Library from openLiberty.org)
>
> asa
>
>
> --
> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> Tel: +1.413.429.1044 Skype: subsystem7
>
> On Mar 4, 2008, at 11:04 AM, Asa Hardcastle wrote:
>
> > OpenLiberty-J  (The Java ID-WSF 2.0 WSC Library from  
> openLiberty.org)
>
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080304/42dbd18a/attachment-0001.html 

From cantor.2 at osu.edu  Tue Mar  4 09:44:33 2008
From: cantor.2 at osu.edu (Scott Cantor)
Date: Tue, 4 Mar 2008 12:44:33 -0500
Subject: [wsf-dev] Naming, final round
In-Reply-To: <B08645E6-AE90-4E9A-9EDD-AD869D410B3D@zenn.net>
References: <5374C1FA-607F-479B-BD23-CDAD6A074D5F@zenn.net>
	<6CD9840C-9A0A-4B83-B49C-52E54A1F1B7F@zenn.net>
	<a07fbebc0803040926s5bc9a6f2wd465cea68c5e63dd@mail.gmail.com>
	<B08645E6-AE90-4E9A-9EDD-AD869D410B3D@zenn.net>
Message-ID: <016101c87e1f$688212a0$398637e0$@2@osu.edu>

> Is it possible to keep openLiberty for the website and OpenLiberty-* for
the
> ID-WSF implementations?  Or is this too confusing?

I think in practice few will note the difference. People will use the names
interchangeably, and web sites aren't case sensitive anyway, so I don't
think it really matters.

-- Scott





From gffletch at aol.com  Tue Mar  4 09:53:58 2008
From: gffletch at aol.com (George Fletcher)
Date: Tue, 04 Mar 2008 12:53:58 -0500
Subject: [wsf-dev] Naming, final round
In-Reply-To: <016101c87e1f$688212a0$398637e0$@2@osu.edu>
References: <5374C1FA-607F-479B-BD23-CDAD6A074D5F@zenn.net>	<6CD9840C-9A0A-4B83-B49C-52E54A1F1B7F@zenn.net>	<a07fbebc0803040926s5bc9a6f2wd465cea68c5e63dd@mail.gmail.com>	<B08645E6-AE90-4E9A-9EDD-AD869D410B3D@zenn.net>
	<016101c87e1f$688212a0$398637e0$@2@osu.edu>
Message-ID: <47CD8CB6.4010703@aol.com>

I agree. I don't think it will matter and OpenLiberty-* for the code is 
fine with me.

Thanks,
George

Scott Cantor wrote:
>> Is it possible to keep openLiberty for the website and OpenLiberty-* for
>>     
> the
>   
>> ID-WSF implementations?  Or is this too confusing?
>>     
>
> I think in practice few will note the difference. People will use the names
> interchangeably, and web sites aren't case sensitive anyway, so I don't
> think it really matters.
>
> -- Scott
>
>
>
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>
>   

-- 
Chief Architect                   AIM:  gffletch
Identity Services                 Work: george.fletcher at corp.aol.com
AOL LLC                           Home: gffletch at aol.com
Mobile: +1-703-462-3494
Office: +1-703-265-2544           Blog: http://practicalid.blogspot.com



From pjpritch at mac.com  Thu Mar 13 09:09:29 2008
From: pjpritch at mac.com (Peter Pritchard)
Date: Thu, 13 Mar 2008 12:09:29 -0400
Subject: [wsf-dev] ECP test harness
In-Reply-To: <BDFBCCA5-3C9E-4F64-9DB3-C1C279495329@mac.com>
References: <BDFBCCA5-3C9E-4F64-9DB3-C1C279495329@mac.com>
Message-ID: <A26E204D-BBFB-4F3C-A9F2-AC85FC66956C@mac.com>

Hey all,

I'm trying to run the ECP plugin against whatever I can to make sure  
it works right ... (which means it doesn't yet) ... although I am  
about to check in more changes today ...

Any and or all test harness / staging server links would be most  
appreciated.

I was going to send this email to Scott, but I guess I'm looking for  
help in general, not just targeting Scott.



The ECP now handles the response given from https://sp.example.org/cgi-bin/printenv

kinda ...

anyway, I get the response from the SP, and send a POST via  
XMLHttpRequest, with the filtered samlp:AuthnRequest node, like so ...

<?xml version="1.0" encoding="ISO-8859-1"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/ 
" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
   <SOAP-ENV:Body>
     <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol 
" AssertionConsumerServiceURL="https://sp.example.org/Shibboleth.sso/SAML2/ECP 
" ID="_fe0693b191d2daa228cfae76e1439d2a"  
IssueInstant="2008-03-13T15:10:55Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS 
" Version="2.0"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion 
">https://sp.example.org/shibboleth</saml:Issuer><samlp:NameIDPolicy  
AllowCreate="1"/><samlp:Scoping><samlp:IDPList><samlp:IDPEntry  
ProviderID="https://idp.example.org/shibboleth"/></samlp:IDPList></ 
samlp:Scoping></samlp:AuthnRequest>
   </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

to url (taken from IDPEntry providerID ) https://idp.example.org/shibboleth


with

Content-Type: text/xml
SOAPAction: ""

and I get a 404 response ... is this just because the IdP is not set  
up right, or because I'm doing something wrong ...
  any thoughts?

NOTE: I was expecting to get a 'Loc' attribute from the IDPEntry  
node ... and in other places I have seen other variants ... anyone  
have an IdP to test the ECP against?


NOTE #2: Am I supposed to have an IdP url cached on the ECP plugin  
side (by providerID) or get it from the user or UserAgent?

- Peter Pritchard

peter.openliberty at zenn.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080313/d853555c/attachment.html 

From cantor.2 at osu.edu  Thu Mar 13 12:32:21 2008
From: cantor.2 at osu.edu (Scott Cantor)
Date: Thu, 13 Mar 2008 15:32:21 -0400
Subject: [wsf-dev] ECP test harness
In-Reply-To: <A26E204D-BBFB-4F3C-A9F2-AC85FC66956C@mac.com>
References: <BDFBCCA5-3C9E-4F64-9DB3-C1C279495329@mac.com>
	<A26E204D-BBFB-4F3C-A9F2-AC85FC66956C@mac.com>
Message-ID: <013a01c88540$f50696b0$df13c410$@2@osu.edu>

> I was going to send this email to Scott, but I guess I'm looking for help
in
> general, not just targeting Scott.

That's good, because you're at the end of my ability to help. I don't have
an IdP to give you, and until you/we/somebody defines the HTTP/SOAP
authentication process you're expecting to use, nobody can have one to give
you.

> to url (taken from IDPEntry providerID )
https://idp.example.org/shibboleth

I suspect it's a quirk of the dummy configuration on that SP that it's
embedding an IdP to use in the request. Normally there probably wouldn't be.

> and I get a 404 response ... is this just because the IdP is not set up
> right, or because I'm doing something wrong ...

What IdP? That's not a real name, any more than sp.example.org is. If you
have an IdP that's willing to call itself by that entityID (much as that SP
is), then you can map a /etc/hosts entry to it, but otherwise, not.

> NOTE: I was expecting to get a 'Loc' attribute from the IDPEntry node ...
> and in other places I have seen other variants ... anyone have an IdP to
> test the ECP against?

I wouldn't expect to get an IDPEntry period. That's a bonus if you get one.

> NOTE #2: Am I supposed to have an IdP url cached on the ECP plugin side
(by
> providerID) or get it from the user or UserAgent?

You need to provision the plugin with the information it will need for each
IdP the user wants to pick from. Primarily the endpoint, I don't know off
hand if anything else will be crucial, possibly not.

You could do this many ways, loading in SAML metadata being the most generic
longterm.

-- Scott




From sampo at symlabs.com  Thu Mar 13 15:48:07 2008
From: sampo at symlabs.com (sampo at symlabs.com)
Date: Thu, 13 Mar 2008 23:48:07 +0100 (CET)
Subject: [wsf-dev] ECP test harness
In-Reply-To: <013a01c88540$f50696b0$df13c410$@2@osu.edu>
References: <BDFBCCA5-3C9E-4F64-9DB3-C1C279495329@mac.com>
	<A26E204D-BBFB-4F3C-A9F2-AC85FC66956C@mac.com>
	<013a01c88540$f50696b0$df13c410$@2@osu.edu>
Message-ID: <57756.192.18.37.228.1205448487.squirrel@galactus.symlabs.net>

Scott Cantor wrote:
>> I was going to send this email to Scott, but I guess I'm looking for
>> help
> in
>> general, not just targeting Scott.
>
> That's good, because you're at the end of my ability to help. I don't have
> an IdP to give you, and until you/we/somebody defines the HTTP/SOAP
> authentication process you're expecting to use, nobody can have one to
> give
> you.

Are you saying ECP enabled IdP is infeasible untils those prerequisites
are met?

I beg to disagree: all SAML 2.0 certified IdPs already have the
support. The authentication part is unspecified by SAML 2.0, but
certainly straight forward doable.

The Symlabs IdP instance Asa has been testing against has such support
without any change in configuration.

Cheers,
--Sampo

>> to url (taken from IDPEntry providerID )
> https://idp.example.org/shibboleth
>
> I suspect it's a quirk of the dummy configuration on that SP that it's
> embedding an IdP to use in the request. Normally there probably wouldn't
> be.
>
>> and I get a 404 response ... is this just because the IdP is not set up
>> right, or because I'm doing something wrong ...
>
> What IdP? That's not a real name, any more than sp.example.org is. If you
> have an IdP that's willing to call itself by that entityID (much as that
> SP
> is), then you can map a /etc/hosts entry to it, but otherwise, not.
>
>> NOTE: I was expecting to get a 'Loc' attribute from the IDPEntry node
>> ...
>> and in other places I have seen other variants ... anyone have an IdP to
>> test the ECP against?
>
> I wouldn't expect to get an IDPEntry period. That's a bonus if you get
> one.
>
>> NOTE #2: Am I supposed to have an IdP url cached on the ECP plugin side
> (by
>> providerID) or get it from the user or UserAgent?
>
> You need to provision the plugin with the information it will need for
> each
> IdP the user wants to pick from. Primarily the endpoint, I don't know off
> hand if anything else will be crucial, possibly not.
>
> You could do this many ways, loading in SAML metadata being the most
> generic
> longterm.
>
> -- Scott
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>




From cantor.2 at osu.edu  Thu Mar 13 16:21:30 2008
From: cantor.2 at osu.edu (Scott Cantor)
Date: Thu, 13 Mar 2008 19:21:30 -0400
Subject: [wsf-dev] ECP test harness
In-Reply-To: <57756.192.18.37.228.1205448487.squirrel@galactus.symlabs.net>
References: <BDFBCCA5-3C9E-4F64-9DB3-C1C279495329@mac.com>
	<A26E204D-BBFB-4F3C-A9F2-AC85FC66956C@mac.com>
	<013a01c88540$f50696b0$df13c410$%2@osu.edu>
	<57756.192.18.37.228.1205448487.squirrel@galactus.symlabs.net>
Message-ID: <019101c88560$f84f7290$e8ee57b0$@2@osu.edu>

> Are you saying ECP enabled IdP is infeasible untils those prerequisites
> are met?

I was saying that it's non-interoperable. Since you seemed surprised by
that, I actually looked at the conformance doc, and I have to assume you're
referring to section 3.5.

To be honest, that section originally never had anything to do with ECP, so
that would probably explain why I never noticed the possible connection
before. It makes sense, and the candidate approaches are the likely ones,
but that was really about server-side communication and I just never noticed
the language was so broad before.

(This is good. If I'm going to be wrong, and the spec is going to be
somewhat misinterpereted, this is a nice spot for it.)

> I beg to disagree: all SAML 2.0 certified IdPs already have the
> support. The authentication part is unspecified by SAML 2.0, but
> certainly straight forward doable.

Unless it's using section 3.5 (which I can see would be the logical choice,
notwithstanding that isn't what it originally meant), I have no idea what's
being used to certify them.

We haven't implemented anything because we haven't developed the use cases
such that we know what the appropriate mechanisms would be. We're not aiming
at conformance, but usability. TLS is a non-starter. Basic-auth is probably
somewhat workable given that it's a fat client (to address phishing), and
you can tunnel multi-factor inside that.

That's about as far as the thought process went, and given that no clients
of any consequence existed, it just hasn't been important to us in the past.

-- Scott




From conor.p.cahill at intel.com  Fri Mar 14 13:52:03 2008
From: conor.p.cahill at intel.com (Cahill, Conor P)
Date: Fri, 14 Mar 2008 13:52:03 -0700
Subject: [wsf-dev] ECP test harness
In-Reply-To: <013a01c88540$f50696b0$df13c410$@2@osu.edu>
References: <BDFBCCA5-3C9E-4F64-9DB3-C1C279495329@mac.com><A26E204D-BBFB-4F3C-A9F2-AC85FC66956C@mac.com>
	<013a01c88540$f50696b0$df13c410$@2@osu.edu>
Message-ID: <1B47D24854C7BC4FA8DA28BEBB59B0BA031C09EC@orsmsx419.amr.corp.intel.com>


> 
> That's good, because you're at the end of my ability to help. I don't
have
> an IdP to give you, and until you/we/somebody defines the HTTP/SOAP
> authentication process you're expecting to use, nobody can have one to
> give
> you.

I don't understand this.   I thought the process was that the IdP could
use
what ever form of authentication they wanted to (like any of the other
SSO
profiles) and that the ECP would look at the response  -- if it was an 
standard HTML message, it was passed to the browser (so it could be the
IdP's login page).   Later, the ECP would capture the authentication
response
from the IdP (so yeah, the ECP would have to peak at each message coming
back
from the IdP if there was a hanging authnrequest looking for the
response.

Conor



From cantor.2 at osu.edu  Fri Mar 14 14:08:36 2008
From: cantor.2 at osu.edu (Scott Cantor)
Date: Fri, 14 Mar 2008 17:08:36 -0400
Subject: [wsf-dev] ECP test harness
In-Reply-To: <1B47D24854C7BC4FA8DA28BEBB59B0BA031C09EC@orsmsx419.amr.corp.intel.com>
References: <BDFBCCA5-3C9E-4F64-9DB3-C1C279495329@mac.com>
	<A26E204D-BBFB-4F3C-A9F2-AC85FC66956C@mac.com>
	<013a01c88540$f50696b0$df13c410$%2@osu.edu>
	<1B47D24854C7BC4FA8DA28BEBB59B0BA031C09EC@orsmsx419.amr.corp.intel.com>
Message-ID: <021e01c88617$921c30f0$b65492d0$@2@osu.edu>

> I don't understand this.   I thought the process was that the IdP could
> use what ever form of authentication they wanted to (like any of the other
> SSO profiles) and that the ECP would look at the response  -- if it was an
> standard HTML message, it was passed to the browser (so it could be the
> IdP's login page).   Later, the ECP would capture the authentication
> response from the IdP (so yeah, the ECP would have to peak at each message
coming
> back from the IdP if there was a hanging authnrequest looking for the
> response.

Maybe. I have never seen a client or talked to anybody that built one.
Nobody until now has ever challenged the idea that the profile was
incomplete. I wasn't even the first person to say it, but I took silence as
assent.

Like I said, if I'm wrong that's a good thing.

I always assumed, though, that as with Cardspace, the way to do ECP was to
create a uniform interface to collect the password rather than just
pass-thru existing pages. I realize that it takes more than that to stop
phishing, and that doing it in user-space isn't really an answer, but I
assumed part of the point was to make some progress at least.

Taking that idea a bit farther, I could imagine encrypting the credentials
using the key in the IdP's metadata to bypass any use of commercial SSL as a
means to verify the identity of the IdP site, etc.

That's the sort of stuff I always had in my head when thinking about ECP.
Maybe that was part of my problem.

-- Scott




From cantor.2 at osu.edu  Fri Mar 14 14:43:51 2008
From: cantor.2 at osu.edu (Scott Cantor)
Date: Fri, 14 Mar 2008 17:43:51 -0400
Subject: [wsf-dev] ECP test harness
In-Reply-To: <563CE5F0-1758-407B-89BE-3EA0EDA45866@mac.com>
References: <BDFBCCA5-3C9E-4F64-9DB3-C1C279495329@mac.com>
	<A26E204D-BBFB-4F3C-A9F2-AC85FC66956C@mac.com>
	<013a01c88540$f50696b0$df13c410$%2@osu.edu>
	<1B47D24854C7BC4FA8DA28BEBB59B0BA031C09EC@orsmsx419.amr.corp.intel.com>
	<021e01c88617$921c30f0$b65492d0$%2@osu.edu>
	<563CE5F0-1758-407B-89BE-3EA0EDA45866@mac.com>
Message-ID: <022101c8861c$7ec69950$7c53cbf0$@2@osu.edu>

> The only thing I can see doing at this point (which is in progress)
> is this:

Well, what Conor's describing (and I imagine what Sampo meant) is clearly
the simplest way to build the client. The fact that it isn't what I had in
my mind doesn't mean they're wrong.

> when I get an AuthnRequest from the SP, I check the IsPassive attribute
> 
> if it is true, the SP better have given me an IDPEntry that I can
> auth against ... because the spec prevents me from interacting with
> the user AT ALL ... (unless I have already chosen to associate a SP
> with a specific IdP by some other means ... read on)

I would assume the user would set a default to use, that shouldn't be a
barrier.

> 1. ProviderID
> 2. Human-readable Provider Name(optional)
> 3. ECP/SSO login url
> 4. (meta-data?)(certificate?)(uid & encrypted password?)
>     (about this part ... I may just have 3 radio buttons w/ a
> <textarea> widget to store the contents ... user is free to get it
> wrong)

I would think the first three are the trivial way to address it.
 
> I know the " User collected list " is outside of the scope of the ECP
> profile, but I need to be able to have the ability to test against
> multiple IdP's ...

It's outside the profile, but I think it's presumed.

> I plan on using the Password Manager in Firefox, to store encrypted
> passwords, but I presume I can store uid's and certificates sans
> encryption ... they are public domain ... yes?

I would hope that's an option. The password manager in Firefox is seriously
broken, so that isn't something anybody should require just to use the
plugin.

You shouldn't need the certificate for any reason I can think of unless you
were talking about the kind of advanced thing that I was totally off-base
about.

> There is some documentation on how to get Firefox to relay SmartCard
> insertion events, so I assume that by using the method I have in
> mind, that I'll be able to extend the functionality to SmartCards
> with little modification (... well ... without re-writing everything...)

Well...maybe. Comes back to how that interacts with the IdP. 

-- Scott




From conor.p.cahill at intel.com  Sat Mar 15 06:17:48 2008
From: conor.p.cahill at intel.com (Cahill, Conor P)
Date: Sat, 15 Mar 2008 06:17:48 -0700
Subject: [wsf-dev] ECP test harness
In-Reply-To: <021e01c88617$921c30f0$b65492d0$@2@osu.edu>
References: <BDFBCCA5-3C9E-4F64-9DB3-C1C279495329@mac.com>
	<A26E204D-BBFB-4F3C-A9F2-AC85FC66956C@mac.com>
	<013a01c88540$f50696b0$df13c410$%2@osu.edu>
	<1B47D24854C7BC4FA8DA28BEBB59B0BA031C09EC@orsmsx419.amr.corp.intel.com>
	<021e01c88617$921c30f0$b65492d0$@2@osu.edu>
Message-ID: <1B47D24854C7BC4FA8DA28BEBB59B0BA031FFE25@orsmsx419.amr.corp.intel.com>



> Maybe. I have never seen a client or talked to anybody that built one.

I think there were a few parties who wrote a LECP.  I'm checking with 
the parties I think were involved to see if I can bring them into this
discussion.  

> I always assumed, though, that as with Cardspace, the way to do ECP
was to
> create a uniform interface to collect the password rather than just
> pass-thru existing pages. I realize that it takes more than that to
stop
> phishing, and that doing it in user-space isn't really an answer, but
I
> assumed part of the point was to make some progress at least.
> 
> Taking that idea a bit farther, I could imagine encrypting the
credentials
> using the key in the IdP's metadata to bypass any use of commercial
SSL as
> a
> means to verify the identity of the IdP site, etc.
> 
> That's the sort of stuff I always had in my head when thinking about
ECP.
> Maybe that was part of my problem.

The issue with changing to this model is that you lock yourself into
text
based authentication protocols.  The redirect the browser model allows
you
to support any authentication model supported by the IdP through the
browser
(yes, the basic of those would be text based, but I could also see
additional
models supported with browser plugins as well).

That said, I do see a Cardspace like model as the future for ECP type 
implementations and would like to see Cardspace (or at least the
Identity
Selector Protocols) supported with documented authentication protocols 
beyond username/password and certificate (which I think are currently
the only ones supported).

Conor


From asa.openliberty at zenn.net  Mon Mar 17 14:48:01 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Mon, 17 Mar 2008 17:48:01 -0400
Subject: [wsf-dev] CreatePSObject in PS Request
Message-ID: <75A40256-C002-487E-8423-A9BA7C5A3FED@zenn.net>

Hi all,

What does a CreatePSObject element look like?

the XSD:

<xs:element name="CreatePSObject"/>

the documentation says:

"allows the WSC to indicate that it desires the PS provider to create  
(or verify the existence of) an object for the inviting user at the PS  
provider of the invited user (i.e. create or verify the reciprocal  
relationship.)"

So what the heck goes in this element? An "Object" defined as  
"ObjectType" by the PS xsd?

It seems unclear, but maybe I am missing something.


thanks,

asa


--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7



From phil.hunt at oracle.com  Thu Mar 20 13:53:16 2008
From: phil.hunt at oracle.com (Phil Hunt)
Date: Thu, 20 Mar 2008 13:53:16 -0700
Subject: [wsf-dev] Fwd: Naming of WSF and IGF
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
Message-ID: <C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>

Asa,

I have copied both lists since this discussion thread applies to both  
projects.

I think we should avoid the use of Liberty or Open Liberty, or Open.   
Since the parent organization is OpenLiberty, reusing the name  
Liberty, OpenLiberty, or even Open in the "product" or "project" name  
causes repitition.  E.g. OpenLiberty OpenWSF seems a little redundant.

Looking at the WSF stuff you are building, it is a lot bigger than I  
first thought. I thought it was just the client!

Leaving the development language issue aside, it almost looks like you  
are building a "WSF Toolkit" and re-packing it into a couple of open  
source products (e.g. WSF Client, WSF Server).

I'd almost go for WSF-J Toolkit (for people re-using the code), WSF-J  
Client and WSF-J Server for customers deploying as final products.

That still seems a little dry. Going back to Chuck Mortimore's comment  
about customers buy houses and not plumbing, I'd look for a higher  
level name. I'm not sure if this is any better, but how about Trust  
Fed.   So the full name would be something like:
openLiberty TrustFed-J ToolKit
openLiberty TrustFed-J AppKit
openLIberty TrustFed-J ProviderKit

That said, now that I have typed it out, "TrustFed" seems a little  
dry.  I'd still like to see something a little open source like.  
Project Panda or something goofy like that.  ;-)

Phil Hunt
Oracle


Begin forwarded message:

> From: Asa Hardcastle <asa.openliberty at zenn.net>
> Date: March 20, 2008 12:51:59 PM PDT (CA)
> To: Phil Hunt <phil.hunt at oracle.com>
> Cc: PRATEEK MISHRA <prateek.mishra at oracle.com>
> Subject: Re: Naming of WSF and IGF
>
> Good idea Phil.  Here is a start from me:
>
> An open source ID-WSF 2.0 implementation.
>
> Objectives:
> 	* a complete XML tooling of the entire ID-WSF 2.0 specifications  
> including ID-SIS
> 	* a client library that enables any application to easily take part  
> in an existing ID-WSF environment
> 	* a basic ID-WSF WSP along with libraries that are the basis for  
> creating new ID-WSF services   (Conor's work, Sampo's work)
> 	* a pattern that enables the establishment of an ID-SIS based or ID- 
> WSF based service clients
> 	* providing multiple software language versions of the above (to  
> date we have java WSP, java WSC client lib, C based WSP and WSC)
> 	* sample service and service consumer applications
> 	* a running and available ID-WSF environment for the purposes of  
> learning and testing
>
> That said, I'd like to bring the naming discussion back onto the wsf  
> list.
>
> Could the two of you join the id-wsf list temporarily so we can do  
> this together?
>
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>
> Maybe the use of "Liberty" could work:
>
> LibertyIGF
> LibertyWSF
>
> LFrameIGF/J
> LFrameWSF/J
>
>
> talk soon,
>
> asa
>
> --
> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> Tel: +1.413.429.1044 Skype: subsystem7
>
> On Mar 20, 2008, at 11:46 AM, Phil Hunt wrote:
>
>> I've been thinking about this naming business.  Before we name  
>> something, it would be nice to describe what are the "products" we  
>> are building in open source.
>>
>> For example, my understanding is that you are building the  
>> libraries a RP can use to participate in an ID-WSF system  
>> correct?   Or better, how would you describe it.
>>
>> For my part, in order to demonstrate the use of IGF, I actually  
>> have to create, and then use declarations across a set of  
>> protocols.  So I'm building an attribute services API kinda like  
>> JNDI or JDBC that allows the developers to access data.  However  
>> because of the benefits of pre-declaration, we can leave  
>> configuration out of the application code. So probably the key cool  
>> benefit of the new API is abstraction.  So if I were to describe  
>> the IGF Attr Svc API as a product I would say it:
>> * An API using layered architecture that allowing applications to  
>> access data via multiple protocols (LDAP, SAML, ID-WSF, WS-Fed,  
>> etc) without having to set special parameters for those protocol  
>> implementations at compile time.  Individual protocols are  
>> configured exclusively at deployment time.
>> * Allows use of standardized and industry vertical schemas
>> * Declarative API allows service providers to understand data and  
>> transaction requirements of an application -- a very generic client  
>> WSDL if you like.
>> * Declarative API allows for easier Privacy Impact Assessments.
>>
>> We could also run through some other thought exercises...but  
>> starting with the qualities of our products might be a good place.
>>
>> Phil Hunt
>> Oracle
>>
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080320/fd359a30/attachment-0001.html 

From asa.openliberty at zenn.net  Thu Mar 20 17:06:12 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Thu, 20 Mar 2008 20:06:12 -0400
Subject: [wsf-dev] Fwd: Naming of WSF and IGF
In-Reply-To: <C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
Message-ID: <1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>

So to give others some context: OpenLiberty/J turns out to be a little  
short sighted.   Since OpenLiberty has numerous projects, to which we  
are now adding regularly, we need to find a name that does not confuse  
this point.  So we are back in the naming game.

It may or may not be useful for us to have a convention across all  
projects. There is certainly something to be said for continuity.  So,  
any ideas?

Phil has made it clear that he does not like the idea of using "open"  
or "liberty" in the names, and has built an argument for this in the  
email I am responding too.

asa



--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7



On Mar 20, 2008, at 4:53 PM, Phil Hunt wrote:

> Asa,
>
> I have copied both lists since this discussion thread applies to  
> both projects.
>
> I think we should avoid the use of Liberty or Open Liberty, or  
> Open.  Since the parent organization is OpenLiberty, reusing the  
> name Liberty, OpenLiberty, or even Open in the "product" or  
> "project" name causes repitition.  E.g. OpenLiberty OpenWSF seems a  
> little redundant.
>
> Looking at the WSF stuff you are building, it is a lot bigger than I  
> first thought. I thought it was just the client!
>
> Leaving the development language issue aside, it almost looks like  
> you are building a "WSF Toolkit" and re-packing it into a couple of  
> open source products (e.g. WSF Client, WSF Server).
>
> I'd almost go for WSF-J Toolkit (for people re-using the code), WSF- 
> J Client and WSF-J Server for customers deploying as final products.
>
> That still seems a little dry. Going back to Chuck Mortimore's  
> comment about customers buy houses and not plumbing, I'd look for a  
> higher level name. I'm not sure if this is any better, but how about  
> Trust Fed.   So the full name would be something like:
> openLiberty TrustFed-J ToolKit
> openLiberty TrustFed-J AppKit
> openLIberty TrustFed-J ProviderKit
>
> That said, now that I have typed it out, "TrustFed" seems a little  
> dry.  I'd still like to see something a little open source like.  
> Project Panda or something goofy like that.  ;-)
>
> Phil Hunt
> Oracle
>
>
> Begin forwarded message:
>> From: Asa Hardcastle <asa.openliberty at zenn.net>
>> Date: March 20, 2008 12:51:59 PM PDT (CA)
>> To: Phil Hunt <phil.hunt at oracle.com>
>> Cc: PRATEEK MISHRA <prateek.mishra at oracle.com>
>> Subject: Re: Naming of WSF and IGF
>>
>> Good idea Phil.  Here is a start from me:
>>
>> An open source ID-WSF 2.0 implementation.
>>
>> Objectives:
>> 	* a complete XML tooling of the entire ID-WSF 2.0 specifications  
>> including ID-SIS
>> 	* a client library that enables any application to easily take  
>> part in an existing ID-WSF environment
>> 	* a basic ID-WSF WSP along with libraries that are the basis for  
>> creating new ID-WSF services   (Conor's work, Sampo's work)
>> 	* a pattern that enables the establishment of an ID-SIS based or  
>> ID-WSF based service clients
>> 	* providing multiple software language versions of the above (to  
>> date we have java WSP, java WSC client lib, C based WSP and WSC)
>> 	* sample service and service consumer applications
>> 	* a running and available ID-WSF environment for the purposes of  
>> learning and testing
>>
>> That said, I'd like to bring the naming discussion back onto the  
>> wsf list.
>>
>> Could the two of you join the id-wsf list temporarily so we can do  
>> this together?
>>
>> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>>
>> Maybe the use of "Liberty" could work:
>>
>> LibertyIGF
>> LibertyWSF
>>
>> LFrameIGF/J
>> LFrameWSF/J
>>
>>
>> talk soon,
>>
>> asa
>>
>> --
>> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
>> Tel: +1.413.429.1044 Skype: subsystem7
>>
>> On Mar 20, 2008, at 11:46 AM, Phil Hunt wrote:
>>
>>> I've been thinking about this naming business.  Before we name  
>>> something, it would be nice to describe what are the "products" we  
>>> are building in open source.
>>>
>>> For example, my understanding is that you are building the  
>>> libraries a RP can use to participate in an ID-WSF system  
>>> correct?   Or better, how would you describe it.
>>>
>>> For my part, in order to demonstrate the use of IGF, I actually  
>>> have to create, and then use declarations across a set of  
>>> protocols.  So I'm building an attribute services API kinda like  
>>> JNDI or JDBC that allows the developers to access data.  However  
>>> because of the benefits of pre-declaration, we can leave  
>>> configuration out of the application code. So probably the key  
>>> cool benefit of the new API is abstraction.  So if I were to  
>>> describe the IGF Attr Svc API as a product I would say it:
>>> * An API using layered architecture that allowing applications to  
>>> access data via multiple protocols (LDAP, SAML, ID-WSF, WS-Fed,  
>>> etc) without having to set special parameters for those protocol  
>>> implementations at compile time.  Individual protocols are  
>>> configured exclusively at deployment time.
>>> * Allows use of standardized and industry vertical schemas
>>> * Declarative API allows service providers to understand data and  
>>> transaction requirements of an application -- a very generic  
>>> client WSDL if you like.
>>> * Declarative API allows for easier Privacy Impact Assessments.
>>>
>>> We could also run through some other thought exercises...but  
>>> starting with the qualities of our products might be a good place.
>>>
>>> Phil Hunt
>>> Oracle
>>>
>>>
>>
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080320/37d9b38a/attachment.html 

From asa.openliberty at zenn.net  Thu Mar 20 17:15:05 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Thu, 20 Mar 2008 20:15:05 -0400
Subject: [wsf-dev] A big also....
Message-ID: <68E60D8C-DF60-410C-AA18-8B8F23DFC075@zenn.net>


Also, while we are considering naming again,  two things should be  
noted:

* Conor Cahill's ID-WSF WSP (java) and WSC (C) Library are being  
contributed to the OpenLiberty WSF project!  This brings advanced  
client support and a java Discovery service. Conor should clarify this  
for us.

* Sampo Kellom?ki's ZXID http://zxid.org/ is now part of OpenLiberty!   
ZXID brings SAML2 Federated SSO, SAML2 SP Role (perl,java,php,&c), WS- 
Fed 1, Liberty ID-FF 1.2, ID-WSF 2 and ID-WSF 1.   Sampo should  
elaborate on this, but he has checked in his code to the OpenLiberty  
code repository.  Sampo has also documented his work quite well.

Soon we will be adding more info to the site, but I would like to wait  
until we resolve the naming.

These are hugely important and noteworthy contributions.  I have been  
testing with Conor's server since the beginning.  Sampo has been  
providing me with support and access to a Symlabs Federated Identity  
Suite for the past several months, and I have just recently modeled a  
simple Java SP using zxid that will pass a disco epr to bootstrap ID- 
WSF.   ZXID allows you to create a SAML2 SP in 10 lines of code!!   My  
SP is 238 lines of code, but to be fair, I like white space, comments,  
and I am also dealing with extracting a disco epr.  Still, the code is  
extremely straightforward.

We are getting close to having quite a nice set of options for anyone  
who is interested in being in the liberty identity world.

asa



--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080320/f1a71dba/attachment.html 

From asa.openliberty at zenn.net  Fri Mar 21 10:58:31 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Fri, 21 Mar 2008 13:58:31 -0400
Subject: [wsf-dev] People Service Tooling Completed / CreatePSObject
Message-ID: <4FDCF370-8688-4AE1-A179-F548BA585512@zenn.net>

Hi all,

I have just finished the XML Tooling for the people service, which  
includes tooling for id mapping and subs/notifications.  The service  
client is also functionally API complete, I just need to add the  
actual construction of the requests.

I asked earlier about the CreatePSObject element which is used in  
AddKnownEntityRequest and AddEntityRequest. I understand that it  
indicates to the invoker's PS that the PS of the invited Entity should  
be asked/queried to add or confirm the existence of an Entity  
referring to the invoker.  But how?

simply the existence of the element?
<CreatePSObject />

maybe a boolean value?
<CreatePSObject>1</CreatePSObject>

maybe a full Entity Object representing the invoker?
<CreatePSObject><Object>... </Object></CreatePSObject>


This seems like an important People Service feature.  Please help!

later,

asa


--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7



From brett at projectliberty.org  Sat Mar 22 16:27:53 2008
From: brett at projectliberty.org (Brett McDowell)
Date: Sat, 22 Mar 2008 19:27:53 -0400
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
Message-ID: <a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>

If Phil has the premise correct -- i.e. if all the WSF projects do actually
breakdown neatly into Toolkit, AppKit, and ProviderKit -- then how about..

option A:
OpenLiberty TrustFed ToolKit
OpenLiberty TrustFed AppKit
OpenLiberty TrustFed ProviderKit

option B: (I'm just throwing something out there... it seems the heart of
WSF is the concept of "my services")
OpenLiberty MyServices ToolKit
OpenLiberty MyServices AppKit
OpenLiberty MyServices ProviderKit

option C (already one vote against this from Phil, but let's just keep the
options on the table until we get a decision):
OpenLiberty OpenWSF ToolKit
OpenLiberty OpenWSF AppKit
OpenLiberty OpenWSF ProviderKit

option D: (noting one vote for this from Phil... maybe)
OpenLiberty Panda ToolKit
OpenLiberty Panda AppKit
OpenLiberty Panda ProviderKit

option E ??

But I have a meta-question... who should be making this decision anyway?  I
think with Sampo, Conor and AOL (presumably George Fletcher) signing CLA's
(any day now?) we finally have an official independent group of contributors
to take over "governance" of this project.  And since this naming does
impact the other IGF project we need to add Phil and Prateek to that list.
So maybe only Phil, Prateek, Asa, Sampo, Conor, and George need to make this
decision?  Gentlemen, are we at that point yet?

Brett McDowell | Liberty Alliance <http://www.projectliberty.org> |
vCard<http://www.ictprojects.com/Brett_McDowell_LAP.vcf>|
Calendar<http://www.google.com/calendar/hosted/ictprojects.com/embed?src=brett%40ictprojects.com&ctz=America/New_York>


On Thu, Mar 20, 2008 at 8:06 PM, Asa Hardcastle <asa.openliberty at zenn.net>
wrote:

> So to give others some context: OpenLiberty/J turns out to be a little
> short sighted.   Since OpenLiberty has numerous projects, to which we are
> now adding regularly, we need to find a name that does not confuse this
> point.  So we are back in the naming game.
>
> It may or may not be useful for us to have a convention across all
> projects. There is certainly something to be said for continuity.  So, any
> ideas?
>
> Phil has made it clear that he does not like the idea of using "open" or
> "liberty" in the names, and has built an argument for this in the email I am
> responding too.
>
> asa
>
>
>
> --
> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> Tel: +1.413.429.1044 Skype: subsystem7
>
>
>
> On Mar 20, 2008, at 4:53 PM, Phil Hunt wrote:
>
> Asa,
> I have copied both lists since this discussion thread applies to both
> projects.
>
> I think we should avoid the use of Liberty or Open Liberty, or Open.
>  Since the parent organization is OpenLiberty, reusing the name Liberty,
> OpenLiberty, or even Open in the "product" or "project" name causes
> repitition.  E.g. OpenLiberty OpenWSF seems a little redundant.
>
> Looking at the WSF stuff you are building, it is a lot bigger than I first
> thought. I thought it was just the client!
>
> Leaving the development language issue aside, it almost looks like you are
> building a "WSF Toolkit" and re-packing it into a couple of open source
> products (e.g. WSF Client, WSF Server).
>
> I'd almost go for WSF-J Toolkit (for people re-using the code), WSF-J
> Client and WSF-J Server for customers deploying as final products.
>
> That still seems a little dry. Going back to Chuck Mortimore's comment
> about customers buy houses and not plumbing, I'd look for a higher level
> name. I'm not sure if this is any better, but how about Trust Fed.   So the
> full name would be something like:
> openLiberty TrustFed-J ToolKit
> openLiberty TrustFed-J AppKit
> openLIberty TrustFed-J ProviderKit
>
> That said, now that I have typed it out, "TrustFed" seems a little dry.
>  I'd still like to see something a little open source like. Project Panda or
> something goofy like that.  ;-)
>
> Phil Hunt
> Oracle
>
>
> Begin forwarded message:
>
> *From: *Asa Hardcastle <asa.openliberty at zenn.net>
> *Date: *March 20, 2008 12:51:59 PM PDT (CA)
> *To: *Phil Hunt <phil.hunt at oracle.com>
> *Cc: *PRATEEK MISHRA <prateek.mishra at oracle.com>
> *Subject: **Re: Naming of WSF and IGF*
>
> Good idea Phil.  Here is a start from me:
>
> An open source ID-WSF 2.0 implementation.
>
> Objectives:
> * a complete XML tooling of the entire ID-WSF 2.0 specifications including
> ID-SIS
> * a client library that enables any application to easily take part in an
> existing ID-WSF environment
> * a basic ID-WSF WSP along with libraries that are the basis for creating
> new ID-WSF services   (Conor's work, Sampo's work)
> * a pattern that enables the establishment of an ID-SIS based or ID-WSF
> based service clients
> * providing multiple software language versions of the above (to date we
> have java WSP, java WSC client lib, C based WSP and WSC)
> * sample service and service consumer applications
> * a running and available ID-WSF environment for the purposes of learning
> and testing
>
> That said, I'd like to bring the naming discussion back onto the wsf list.
>
> Could the two of you join the id-wsf list temporarily so we can do this
> together?
>
>
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>
> Maybe the use of "Liberty" could work:
>
> LibertyIGF
> LibertyWSF
>
> LFrameIGF/J
> LFrameWSF/J
>
>
> talk soon,
>
> asa
>
> --
> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> Tel: +1.413.429.1044 Skype: subsystem7
>
> On Mar 20, 2008, at 11:46 AM, Phil Hunt wrote:
>
> I've been thinking about this naming business.  Before we name something,
> it would be nice to describe what are the "products" we are building in open
> source.
>
>
> For example, my understanding is that you are building the libraries a RP
> can use to participate in an ID-WSF system correct?   Or better, how would
> you describe it.
>
>
> For my part, in order to demonstrate the use of IGF, I actually have to
> create, and then use declarations across a set of protocols.  So I'm
> building an attribute services API kinda like JNDI or JDBC that allows the
> developers to access data.  However because of the benefits of
> pre-declaration, we can leave configuration out of the application code. So
> probably the key cool benefit of the new API is abstraction.  So if I were
> to describe the IGF Attr Svc API as a product I would say it:
>
> * An API using layered architecture that allowing applications to access
> data via multiple protocols (LDAP, SAML, ID-WSF, WS-Fed, etc) without having
> to set special parameters for those protocol implementations at compile
> time.  Individual protocols are configured exclusively at deployment time.
>
> * Allows use of standardized and industry vertical schemas
>
> * Declarative API allows service providers to understand data and
> transaction requirements of an application -- a very generic client WSDL if
> you like.
>
> * Declarative API allows for easier Privacy Impact Assessments.
>
>
> We could also run through some other thought exercises...but starting with
> the qualities of our products might be a good place.
>
>
> Phil Hunt
>
> Oracle
>
>
>
>
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
>
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>
>
>
> _______________________________________________
> Igf-dev mailing list
> Igf-dev at lists.openliberty.org
>
> http://lists.openliberty.org/mailman/listinfo/igf-dev_lists.openliberty.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080322/1be29b71/attachment.html 

From asa.openliberty at zenn.net  Sat Mar 22 19:13:31 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Sat, 22 Mar 2008 22:13:31 -0400
Subject: [wsf-dev] Governance & Naming
In-Reply-To: <a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
Message-ID: <F425D0D3-B248-48AC-94B8-6924E9777541@zenn.net>

governance:

I think we need to get the CLAs signed as Brett has suggested.  Any  
guidelines on project naming should be decided by this smaller  
governance group.  My suggestion is that we do this first, and then go  
about naming our own projects.  This smaller group should decide on  
things like whether or not we want to have a convention that ties the  
projects together e.g. "All projects begin with BeerAndWings, sub  
projects are denoted with a suffix indicating their language, /J /C"


as for project naming in general:


On Naming an open source project:
http://www.advogato.org/article/67.html

Here is a list of apache top level projects, many are headers for lots  
of other projects (down below the list I make my point):

HTTP Server
ActiveMQ
Ant
APR
Beehive
Cayenne
Cocoon
Commons
Continuum
DB
Directory
Excalibur
Felix
Forrest
Geronimo
Gump
Hadoop
Harmony
HiveMind
HttpComponents
iBATIS
Incubator
Jackrabbit
Jakarta
James
Labs
Lenya
Logging
Lucene
Maven
Mina
MyFaces
ODE
OFBiz
OpenEJB
OpenJPA
Perl
POI
Portals
Roller
Santuario
ServiceMix
Shale
SpamAssassin
STDCXX
Struts
Synapse
Tapestry
TCL
Tiles
Tomcat
  Turbine
Velocity
Wicket
Web Services
Xalan
Xerces
XML
XMLBeans
XML Graphics


Hmm.... seems all over the road in terms of naming conventions, yet, I  
know of, use, and refer to many of these projects all the time.  I'd  
like to note also that "HTTP Server" is actually the apache web  
server, as I am sure you all know.  So this supports Phil's point  
about not calling the ID-WSF 2 libraries "OpenLiberty." Obviously at  
the highest level (Apache foundation's list of projects) they decided  
it should not be referred to as apache, even though it is apache  
everywhere else in the world... there's a lot in a name.

more later when I have had some time to think,

asa






--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7




On Mar 22, 2008, at 7:27 PM, Brett McDowell wrote:

> If Phil has the premise correct -- i.e. if all the WSF projects do  
> actually breakdown neatly into Toolkit, AppKit, and ProviderKit --  
> then how about..
>
> option A:
> OpenLiberty TrustFed ToolKit
> OpenLiberty TrustFed AppKit
> OpenLiberty TrustFed ProviderKit
>
> option B: (I'm just throwing something out there... it seems the  
> heart of WSF is the concept of "my services")
> OpenLiberty MyServices ToolKit
> OpenLiberty MyServices AppKit
> OpenLiberty MyServices ProviderKit
>
> option C (already one vote against this from Phil, but let's just  
> keep the options on the table until we get a decision):
> OpenLiberty OpenWSF ToolKit
> OpenLiberty OpenWSF AppKit
> OpenLiberty OpenWSF ProviderKit
>
> option D: (noting one vote for this from Phil... maybe)
> OpenLiberty Panda ToolKit
> OpenLiberty Panda AppKit
> OpenLiberty Panda ProviderKit
>
> option E ??
>
> But I have a meta-question... who should be making this decision  
> anyway?  I think with Sampo, Conor and AOL (presumably George  
> Fletcher) signing CLA's (any day now?) we finally have an official  
> independent group of contributors to take over "governance" of this  
> project.  And since this naming does impact the other IGF project we  
> need to add Phil and Prateek to that list.  So maybe only Phil,  
> Prateek, Asa, Sampo, Conor, and George need to make this decision?   
> Gentlemen, are we at that point yet?
>
> Brett McDowell | Liberty Alliance | vCard | Calendar
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080322/e0bebafe/attachment-0001.html 

From cantor.2 at osu.edu  Sun Mar 23 14:43:18 2008
From: cantor.2 at osu.edu (Scott Cantor)
Date: Sun, 23 Mar 2008 17:43:18 -0400
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
Message-ID: <47E6CEF6.9090501@osu.edu>

Brett McDowell wrote:
> option A:
> OpenLiberty TrustFed ToolKit

I really don't see what TrustFed has to do with the project. All of the 
trust-related code, last I knew, was from OpenSAML.

> option B: (I'm just throwing something out there... it seems the heart 
> of WSF is the concept of "my services")
> OpenLiberty MyServices ToolKit

I could certainly imagine calling it the OpenLiberty WebServices ToolKit.

> option C (already one vote against this from Phil, but let's just keep 
> the options on the table until we get a decision):
> OpenLiberty OpenWSF ToolKit

I definitely disagree with Phil on the issue of the word Open, which I think 
is both essential to the name, and well worth repeating, as well as 
self-documenting.

> option D: (noting one vote for this from Phil... maybe)
> OpenLiberty Panda ToolKit

I don't think Phil would advocate for a hybrid. If you want to call it 
Panda, then that's the name, by itself.

>     So to give others some context: OpenLiberty/J turns out to be a
>     little short sighted.   Since OpenLiberty has numerous projects, to
>     which we are now adding regularly, we need to find a name that does
>     not confuse this point.  So we are back in the naming game.

To be clear, I wasn't being short sighted at all in advocating for that 
name. It was to *prevent* exactly this argument by subsuming all of the 
possible project code under one heading.

Disagreement is certainly fine and expected, but I wanted my motivation to 
be clear. I *wanted* to force all of the projects to just accept an umbrella 
name, so to the extent people object to that, that's the point of my arguing 
for it.

-- Scott


From asa.openliberty at zenn.net  Sun Mar 23 16:24:37 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Sun, 23 Mar 2008 19:24:37 -0400
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <47E6CEF6.9090501@osu.edu>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<47E6CEF6.9090501@osu.edu>
Message-ID: <B5F97C06-5D24-4D51-9845-05FDCAF26FE4@zenn.net>

All of the ID-WSF code will be under a single heading, wsc & wsp, java  
& c, etc...

Are you saying that you believe that IGF & The ECP Firefox Plugin  
should also be under the same umbrella name as the wsf libraries?  Can  
you give an example of how you would see this working if the ID-WSF  
were called OpenLiberty/J /C etc?  Would IGF be a facet of OpenLiberty/ 
J?

gracias se?or,  & for those of you who don't know, Scott released v2.0  
of OpenSAML C++ Edition yesterday!

asa



On Mar 23, 2008, at 5:43 PM, Scott Cantor wrote:

>>
>>   So to give others some context: OpenLiberty/J turns out to be a
>>   little short sighted.   Since OpenLiberty has numerous projects, to
>>   which we are now adding regularly, we need to find a name that does
>>   not confuse this point.  So we are back in the naming game.
>
> To be clear, I wasn't being short sighted at all in advocating for  
> that
> name. It was to *prevent* exactly this argument by subsuming all of  
> the
> possible project code under one heading.
>
> Disagreement is certainly fine and expected, but I wanted my  
> motivation to
> be clear. I *wanted* to force all of the projects to just accept an  
> umbrella
> name, so to the extent people object to that, that's the point of my  
> arguing
> for it.

--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7



From cantor.2 at osu.edu  Sun Mar 23 20:52:56 2008
From: cantor.2 at osu.edu (Scott Cantor)
Date: Sun, 23 Mar 2008 23:52:56 -0400
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <0166AD8F-2829-49B2-98CE-6F5A6104BF0E@mac.com>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<47E6CEF6.9090501@osu.edu>
	<0166AD8F-2829-49B2-98CE-6F5A6104BF0E@mac.com>
Message-ID: <47E72598.20408@osu.edu>

Asa Hardcastle wrote:
> All of the ID-WSF code will be under a single heading, wsc & wsp, java & 
> c, etc...

Right, I realize that's the immediate issue.

> Are you saying that you believe that IGF & The ECP Firefox Plugin should 
> also be under the same umbrella name as the wsf libraries?  Can you give 
> an example of how you would see this working if the ID-WSF were called 
> OpenLiberty/J /C etc?  Would IGF be a facet of OpenLiberty/J?

That was my suggestion, yes. I just don't personally believe the "facets" 
we're talking about have enough mindshare to stand on their own if they're 
named in a technology-oriented way. In that sense, I would agree with Phil 
that a cutesy name is probably better than a bunch projects named after 
obscure acronyms. But those kind of names are difficult to decide on, and 
are time-consuming to "vet" against existing trademarks.

My suggestion was to try and leverage the Liberty name to attract attention 
to whatever the various projects happen to be.

-- Scott


From phil.hunt at oracle.com  Sun Mar 23 22:42:10 2008
From: phil.hunt at oracle.com (Phil Hunt)
Date: Sun, 23 Mar 2008 22:42:10 -0700
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <47E72598.20408@osu.edu>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<47E6CEF6.9090501@osu.edu>
	<0166AD8F-2829-49B2-98CE-6F5A6104BF0E@mac.com>
	<47E72598.20408@osu.edu>
Message-ID: <ACFF4891-5121-444D-922F-ED4638D88C70@oracle.com>

IGF is orthogonal to the ID-WSF code.  ID-WSF is just one protocol/ 
family that IGF will support. For example, IGF has to support other  
protocols including non-federation protocols like LDAP.

While there is obviously a key "intersecting" relationship here, to  
say there is a hierarchical one would be *extremely* problematic and  
be a disservice to either project by artificially limiting their  
respective potential "mindshare".

I think Asa has it right. There are several projects running under a  
common organization. Following the Apache model might be the best way  
to go.

Phil Hunt
Oracle


On 23-Mar-08, at 8:52 PM, Scott Cantor wrote:

> Asa Hardcastle wrote:
>> All of the ID-WSF code will be under a single heading, wsc & wsp,  
>> java &
>> c, etc...
>
> Right, I realize that's the immediate issue.
>
>> Are you saying that you believe that IGF & The ECP Firefox Plugin  
>> should
>> also be under the same umbrella name as the wsf libraries?  Can you  
>> give
>> an example of how you would see this working if the ID-WSF were  
>> called
>> OpenLiberty/J /C etc?  Would IGF be a facet of OpenLiberty/J?
>
> That was my suggestion, yes. I just don't personally believe the  
> "facets"
> we're talking about have enough mindshare to stand on their own if  
> they're
> named in a technology-oriented way. In that sense, I would agree  
> with Phil
> that a cutesy name is probably better than a bunch projects named  
> after
> obscure acronyms. But those kind of names are difficult to decide  
> on, and
> are time-consuming to "vet" against existing trademarks.
>
> My suggestion was to try and leverage the Liberty name to attract  
> attention
> to whatever the various projects happen to be.
>
> -- Scott
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org



From cantor.2 at osu.edu  Mon Mar 24 07:51:35 2008
From: cantor.2 at osu.edu (Scott Cantor)
Date: Mon, 24 Mar 2008 10:51:35 -0400
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <ACFF4891-5121-444D-922F-ED4638D88C70@oracle.com>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<47E6CEF6.9090501@osu.edu>
	<0166AD8F-2829-49B2-98CE-6F5A6104BF0E@mac.com>
	<47E72598.20408@osu.edu>
	<ACFF4891-5121-444D-922F-ED4638D88C70@oracle.com>
Message-ID: <001d01c88dbe$8f31fe20$ad95fa60$@2@osu.edu>

> IGF is orthogonal to the ID-WSF code.  ID-WSF is just one protocol/
> family that IGF will support. For example, IGF has to support other
> protocols including non-federation protocols like LDAP.

I never implied otherwise.

> While there is obviously a key "intersecting" relationship here, to
> say there is a hierarchical one would be *extremely* problematic and
> be a disservice to either project by artificially limiting their
> respective potential "mindshare".

I see nothing about the OpenLiberty name that implies WSF. It implies
Liberty, but if that alone is an issue, I'm not sure what the code is doing
here to begin with.

> I think Asa has it right. There are several projects running under a
> common organization. Following the Apache model might be the best way
> to go.

There is no Apache model. Apache leaves naming up to each project. That
means a bunch of arguments instead of one, and that's all I was trying to
avoid. If you have the appetite, have at it.

-- Scott




From phil.hunt at oracle.com  Mon Mar 24 08:47:28 2008
From: phil.hunt at oracle.com (Phil Hunt)
Date: Mon, 24 Mar 2008 08:47:28 -0700
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <001d01c88dbe$8f31fe20$ad95fa60$%2@osu.edu>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<47E6CEF6.9090501@osu.edu>
	<0166AD8F-2829-49B2-98CE-6F5A6104BF0E@mac.com>
	<47E72598.20408@osu.edu>
	<ACFF4891-5121-444D-922F-ED4638D88C70@oracle.com>
	<001d01c88dbe$8f31fe20$ad95fa60$%2@osu.edu>
Message-ID: <4DCB54E1-22F3-4850-867C-D593D4F9150B@oracle.com>

I'm confused. You seemed to want to call the WSF project the  
OpenLiberty/J project.  My objection was that one project should not  
have the same name as the organization name.

Phil Hunt
Oracle


On 24-Mar-08, at 7:51 AM, Scott Cantor wrote:

>> IGF is orthogonal to the ID-WSF code.  ID-WSF is just one protocol/
>> family that IGF will support. For example, IGF has to support other
>> protocols including non-federation protocols like LDAP.
>
> I never implied otherwise.
>
>> While there is obviously a key "intersecting" relationship here, to
>> say there is a hierarchical one would be *extremely* problematic and
>> be a disservice to either project by artificially limiting their
>> respective potential "mindshare".
>
> I see nothing about the OpenLiberty name that implies WSF. It implies
> Liberty, but if that alone is an issue, I'm not sure what the code  
> is doing
> here to begin with.
>
>> I think Asa has it right. There are several projects running under a
>> common organization. Following the Apache model might be the best way
>> to go.
>
> There is no Apache model. Apache leaves naming up to each project.  
> That
> means a bunch of arguments instead of one, and that's all I was  
> trying to
> avoid. If you have the appetite, have at it.
>
> -- Scott
>
>



From cantor.2 at osu.edu  Mon Mar 24 09:07:40 2008
From: cantor.2 at osu.edu (Scott Cantor)
Date: Mon, 24 Mar 2008 12:07:40 -0400
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <4DCB54E1-22F3-4850-867C-D593D4F9150B@oracle.com>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<47E6CEF6.9090501@osu.edu>
	<0166AD8F-2829-49B2-98CE-6F5A6104BF0E@mac.com>
	<47E72598.20408@osu.edu>
	<ACFF4891-5121-444D-922F-ED4638D88C70@oracle.com>
	<001d01c88dbe$8f31fe20$ad95fa60$%2@osu.edu>
	<4DCB54E1-22F3-4850-867C-D593D4F9150B@oracle.com>
Message-ID: <002601c88dc9$2fa9a8d0$8efcfa70$@2@osu.edu>

> I'm confused. You seemed to want to call the WSF project the
> OpenLiberty/J project.  My objection was that one project should not
> have the same name as the organization name.

No, I wanted to use a single "umbrella" name derived from the organization
and just deliver the subsets of function with more specific technical names
or provide the option to download specific pieces, whatever makes sense.

What I was suggesting was that people looking for code are going to
recognize the name Liberty but will not in general recognize WSF or IGF. And
I'm suggesting that every project will now have to repeat the same difficult
argument, and I was just trying to avoid that.

Otherwise, I would argue that it's better to just pick a consistent
convention and use OpenWSF, OpenIGF, etc. As I said earlier, I strongly
disagree with you about the word Open.

But since I guess people want to leave it to each project, all I can say is
have fun. At least Sampo's code has a name already. ;-)

-- Scott




From asa.openliberty at zenn.net  Mon Mar 24 14:15:10 2008
From: asa.openliberty at zenn.net (Asa Hardcastle)
Date: Mon, 24 Mar 2008 17:15:10 -0400
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <002601c88dc9$2fa9a8d0$8efcfa70$@2@osu.edu>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<47E6CEF6.9090501@osu.edu>
	<0166AD8F-2829-49B2-98CE-6F5A6104BF0E@mac.com>
	<47E72598.20408@osu.edu>
	<ACFF4891-5121-444D-922F-ED4638D88C70@oracle.com>
	<001d01c88dbe$8f31fe20$ad95fa60$%2@osu.edu>
	<4DCB54E1-22F3-4850-867C-D593D4F9150B@oracle.com>
	<002601c88dc9$2fa9a8d0$8efcfa70$@2@osu.edu>
Message-ID: <EA7C213B-509D-4265-8130-77E8242DB90D@zenn.net>

I agree with Scott on this point.  We are stronger if there is a  
perception of a whole.  Personally I like Open, but I am completely  
_open_ to a better idea if there is one out there.

OpenSAML (obviously not an OpenLiberty project, but all of the  
clientlib tooling is based on it)
OpenWSF
OpenIGF
OpenECP Plugin

My preference is to keep the names short, easy to say, recognizable,  
and as meaningful as possible.

later,

asa

--
Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
Tel: +1.413.429.1044 Skype: subsystem7



On Mar 24, 2008, at 12:07 PM, Scott Cantor wrote:

>> I'm confused. You seemed to want to call the WSF project the
>> OpenLiberty/J project.  My objection was that one project should not
>> have the same name as the organization name.
>
> No, I wanted to use a single "umbrella" name derived from the  
> organization
> and just deliver the subsets of function with more specific  
> technical names
> or provide the option to download specific pieces, whatever makes  
> sense.
>
> What I was suggesting was that people looking for code are going to
> recognize the name Liberty but will not in general recognize WSF or  
> IGF. And
> I'm suggesting that every project will now have to repeat the same  
> difficult
> argument, and I was just trying to avoid that.
>
> Otherwise, I would argue that it's better to just pick a consistent
> convention and use OpenWSF, OpenIGF, etc. As I said earlier, I  
> strongly
> disagree with you about the word Open.
>
> But since I guess people want to leave it to each project, all I can  
> say is
> have fun. At least Sampo's code has a name already. ;-)
>
> -- Scott
>
>
>
> _______________________________________________
> Wsf-dev mailing list
> Wsf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org



From phil.hunt at oracle.com  Mon Mar 24 14:35:05 2008
From: phil.hunt at oracle.com (Phil Hunt)
Date: Mon, 24 Mar 2008 14:35:05 -0700
Subject: [wsf-dev] [Igf-dev]  Fwd: Naming of WSF and IGF
In-Reply-To: <EA7C213B-509D-4265-8130-77E8242DB90D@zenn.net>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<47E6CEF6.9090501@osu.edu>
	<0166AD8F-2829-49B2-98CE-6F5A6104BF0E@mac.com>
	<47E72598.20408@osu.edu>
	<ACFF4891-5121-444D-922F-ED4638D88C70@oracle.com>
	<001d01c88dbe$8f31fe20$ad95fa60$%2@osu.edu>
	<4DCB54E1-22F3-4850-867C-D593D4F9150B@oracle.com>
	<002601c88dc9$2fa9a8d0$8efcfa70$%2@osu.edu>
	<EA7C213B-509D-4265-8130-77E8242DB90D@zenn.net>
Message-ID: <18422B71-88A2-497B-989C-DE9B7A0D5B2F@oracle.com>

I think we should call a conference call on this.  This is starting to  
go in circles. :-)

Phil Hunt
Oracle


On 24-Mar-08, at 2:15 PM, Asa Hardcastle wrote:

> I agree with Scott on this point.  We are stronger if there is a  
> perception of a whole.  Personally I like Open, but I am completely  
> _open_ to a better idea if there is one out there.
>
> OpenSAML (obviously not an OpenLiberty project, but all of the  
> clientlib tooling is based on it)
> OpenWSF
> OpenIGF
> OpenECP Plugin
>
> My preference is to keep the names short, easy to say, recognizable,  
> and as meaningful as possible.
>
> later,
>
> asa
>
> --
> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> Tel: +1.413.429.1044 Skype: subsystem7
>
>
>
> On Mar 24, 2008, at 12:07 PM, Scott Cantor wrote:
>
>>> I'm confused. You seemed to want to call the WSF project the
>>> OpenLiberty/J project.  My objection was that one project should not
>>> have the same name as the organization name.
>>
>> No, I wanted to use a single "umbrella" name derived from the  
>> organization
>> and just deliver the subsets of function with more specific  
>> technical names
>> or provide the option to download specific pieces, whatever makes  
>> sense.
>>
>> What I was suggesting was that people looking for code are going to
>> recognize the name Liberty but will not in general recognize WSF or  
>> IGF. And
>> I'm suggesting that every project will now have to repeat the same  
>> difficult
>> argument, and I was just trying to avoid that.
>>
>> Otherwise, I would argue that it's better to just pick a consistent
>> convention and use OpenWSF, OpenIGF, etc. As I said earlier, I  
>> strongly
>> disagree with you about the word Open.
>>
>> But since I guess people want to leave it to each project, all I  
>> can say is
>> have fun. At least Sampo's code has a name already. ;-)
>>
>> -- Scott
>>
>>
>>
>> _______________________________________________
>> Wsf-dev mailing list
>> Wsf-dev at lists.openliberty.org
>> http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org
>



From brett at projectliberty.org  Tue Mar 25 10:21:50 2008
From: brett at projectliberty.org (Brett McDowell)
Date: Tue, 25 Mar 2008 13:21:50 -0400
Subject: [wsf-dev] [Igf-dev] Governance & Naming
In-Reply-To: <47E9329D.7010808@oracle.com>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<F425D0D3-B248-48AC-94B8-6924E9777541@zenn.net>
	<47E9329D.7010808@oracle.com>
Message-ID: <a07fbebc0803251021t3f6c2fc8t9bbd57d7433da18f@mail.gmail.com>

Yes you and Phil are full OpenLiberty.org contributors based on the CLA
Oracle signed.

Brett McDowell | Liberty Alliance <http://www.projectliberty.org> |
vCard<http://www.ictprojects.com/Brett_McDowell_LAP.vcf>|
Calendar<http://www.google.com/calendar/hosted/ictprojects.com/embed?src=brett%40ictprojects.com&ctz=America/New_York>


On Tue, Mar 25, 2008 at 1:13 PM, Prateek Mishra <prateek.mishra at oracle.com>
wrote:

> Sounds like a plan, I think Phil and I have CLAs signed for the IGF work
> at least
>
> I liked  the article - unfortunately, I do think naming is a reasonable
> big deal - we are hoping that these projects are long-lived and some
> kind of compact handle is really, really good thing. I am worried about
> the proliferation of too many open's - OpenLiberty Panda or OpenLiberty
> XXX sounds about right to me.
>
> Anywayz, as you suggest, we should discuss this as a group of
> contributors and agree on some basic guidelines...
>
> - prateek
> > governance:
> >
> > I think we need to get the CLAs signed as Brett has suggested.
> >  Any *guidelines* on project naming should be decided by this smaller
> > governance group.  My suggestion is that we do this first, and then go
> > about naming our own projects.  This smaller group should decide on
> > things like whether or not we want to have a convention that ties the
> > projects together e.g. "All projects begin with BeerAndWings, sub
> > projects are denoted with a suffix indicating their language, /J /C"
> >
> >
> > as for project naming in general:
> >
> >
> > On Naming an open source project:
> > http://www.advogato.org/article/67.html
> >
> > Here is a list of apache top level projects, many are headers for lots
> > of other projects (down below the list I make my point):
> >
> > # HTTP Server <http://httpd.apache.org/>
> > # ActiveMQ <http://activemq.apache.org/>
> > # Ant <http://ant.apache.org/>
> > # APR <http://apr.apache.org/>
> > # Beehive <http://beehive.apache.org/>
> > # Cayenne <http://cayenne.apache.org/>
> > # Cocoon <http://cocoon.apache.org/>
> > # Commons <http://commons.apache.org/>
> > # Continuum <http://continuum.apache.org/>
> > # DB <http://db.apache.org/>
> > # Directory <http://directory.apache.org/>
> > # Excalibur <http://excalibur.apache.org/>
> > # Felix <http://felix.apache.org/>
> > # Forrest <http://forrest.apache.org/>
> > # Geronimo <http://geronimo.apache.org/>
> > # Gump <http://gump.apache.org/>
> > # Hadoop <http://hadoop.apache.org/>
> > # Harmony <http://harmony.apache.org/>
> > # HiveMind <http://hivemind.apache.org/>
> > # HttpComponents <http://hc.apache.org/>
> > # iBATIS <http://ibatis.apache.org/>
> > # Incubator <http://incubator.apache.org/>
> > # Jackrabbit <http://jackrabbit.apache.org/>
> > # Jakarta <http://jakarta.apache.org/>
> > # James <http://james.apache.org/>
> > # Labs <http://labs.apache.org/>
> > # Lenya <http://lenya.apache.org/>
> > # Logging <http://logging.apache.org/>
> > # Lucene <http://lucene.apache.org/>
> > # Maven <http://maven.apache.org/>
> > # Mina <http://mina.apache.org/>
> > # MyFaces <http://myfaces.apache.org/>
> > # ODE <http://ode.apache.org/>
> > # OFBiz <http://ofbiz.apache.org/>
> > # OpenEJB <http://openejb.apache.org/>
> > # OpenJPA <http://openjpa.apache.org/>
> > # Perl <http://perl.apache.org/>
> > # POI <http://poi.apache.org/>
> > # Portals <http://portals.apache.org/>
> > # Roller <http://roller.apache.org/>
> > # Santuario <http://santuario.apache.org/>
> > # ServiceMix <http://servicemix.apache.org/>
> > # Shale <http://shale.apache.org/>
> > # SpamAssassin <http://spamassassin.apache.org/>
> > # STDCXX <http://stdcxx.apache.org/>
> > # Struts <http://struts.apache.org/>
> > # Synapse <http://synapse.apache.org/>
> > # Tapestry <http://tapestry.apache.org/>
> > # TCL <http://tcl.apache.org/>
> > # Tiles <http://tiles.apache.org/>
> > # Tomcat <http://tomcat.apache.org/>
> > #  Turbine <http://turbine.apache.org/>
> > # Velocity <http://velocity.apache.org/>
> > # Wicket <http://wicket.apache.org/>
> > # Web Services <http://ws.apache.org/>
> > # Xalan <http://xalan.apache.org/>
> > # Xerces <http://xerces.apache.org/>
> > # XML <http://xml.apache.org/>
> > # XMLBeans <http://xmlbeans.apache.org/>
> > # XML Graphics <http://xmlgraphics.apache.org/>
> >
> >
> > Hmm.... seems all over the road in terms of naming conventions, yet, I
> > know of, use, and refer to many of these projects all the time.  I'd
> > like to note also that "HTTP Server" is actually the apache web
> > server, as I am sure you all know.  So this supports Phil's point
> > about not calling the ID-WSF 2 libraries "OpenLiberty." Obviously at
> > the highest level (Apache foundation's list of projects) they decided
> > it should not be referred to as apache, even though it is apache
> > everywhere else in the world... there's a lot in a name.
> >
> > more later when I have had some time to think,
> >
> > asa
> >
> >
> >
> >
> >
> >
> > --
> > Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> > Tel: +1.413.429.1044 Skype: subsystem7
> >
> >
> >
> >
> > On Mar 22, 2008, at 7:27 PM, Brett McDowell wrote:
> >
> >> If Phil has the premise correct -- i.e. if all the WSF projects do
> >> actually breakdown neatly into Toolkit, AppKit, and ProviderKit --
> >> then how about..
> >>
> >> option A:
> >> OpenLiberty TrustFed ToolKit
> >> OpenLiberty TrustFed AppKit
> >> OpenLiberty TrustFed ProviderKit
> >>
> >> option B: (I'm just throwing something out there... it seems the
> >> heart of WSF is the concept of "my services")
> >> OpenLiberty MyServices ToolKit
> >> OpenLiberty MyServices AppKit
> >> OpenLiberty MyServices ProviderKit
> >>
> >> option C (already one vote against this from Phil, but let's just
> >> keep the options on the table until we get a decision):
> >> OpenLiberty OpenWSF ToolKit
> >> OpenLiberty OpenWSF AppKit
> >> OpenLiberty OpenWSF ProviderKit
> >>
> >> option D: (noting one vote for this from Phil... maybe)
> >> OpenLiberty Panda ToolKit
> >> OpenLiberty Panda AppKit
> >> OpenLiberty Panda ProviderKit
> >>
> >> option E ??
> >>
> >> But I have a meta-question... who should be making this decision
> >> anyway?  I think with Sampo, Conor and AOL (presumably George
> >> Fletcher) signing CLA's (any day now?) we finally have an official
> >> independent group of contributors to take over "governance" of this
> >> project.  And since this naming does impact the other IGF project we
> >> need to add Phil and Prateek to that list.  So maybe only Phil,
> >> Prateek, Asa, Sampo, Conor, and George need to make this decision?
> >> Gentlemen, are we at that point yet?
> >>
> >> Brett McDowell | Liberty Alliance <http://www.projectliberty.org> |
> >> vCard <http://www.ictprojects.com/Brett_McDowell_LAP.vcf> | Calendar
> >> <
> http://www.google.com/calendar/hosted/ictprojects.com/embed?src=brett%40ictprojects.com&ctz=America/New_York
> >
> >>
> >>
> >>
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Igf-dev mailing list
> > Igf-dev at lists.openliberty.org
> >
> http://lists.openliberty.org/mailman/listinfo/igf-dev_lists.openliberty.org
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev_lists.openliberty.org/attachments/20080325/46986d1a/attachment.html 

From prateek.mishra at oracle.com  Tue Mar 25 10:13:01 2008
From: prateek.mishra at oracle.com (Prateek Mishra)
Date: Tue, 25 Mar 2008 13:13:01 -0400
Subject: [wsf-dev] [Igf-dev] Governance & Naming
In-Reply-To: <F425D0D3-B248-48AC-94B8-6924E9777541@zenn.net>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<F425D0D3-B248-48AC-94B8-6924E9777541@zenn.net>
Message-ID: <47E9329D.7010808@oracle.com>

Sounds like a plan, I think Phil and I have CLAs signed for the IGF work 
at least

I liked  the article - unfortunately, I do think naming is a reasonable 
big deal - we are hoping that these projects are long-lived and some 
kind of compact handle is really, really good thing. I am worried about 
the proliferation of too many open's - OpenLiberty Panda or OpenLiberty 
XXX sounds about right to me.

Anywayz, as you suggest, we should discuss this as a group of 
contributors and agree on some basic guidelines...

- prateek
> governance:
>
> I think we need to get the CLAs signed as Brett has suggested. 
>  Any *guidelines* on project naming should be decided by this smaller 
> governance group.  My suggestion is that we do this first, and then go 
> about naming our own projects.  This smaller group should decide on 
> things like whether or not we want to have a convention that ties the 
> projects together e.g. "All projects begin with BeerAndWings, sub 
> projects are denoted with a suffix indicating their language, /J /C"  
>
>
> as for project naming in general:
>
>
> On Naming an open source project:
> http://www.advogato.org/article/67.html
>
> Here is a list of apache top level projects, many are headers for lots 
> of other projects (down below the list I make my point):
>
> # HTTP Server <http://httpd.apache.org/>
> # ActiveMQ <http://activemq.apache.org/>
> # Ant <http://ant.apache.org/>
> # APR <http://apr.apache.org/>
> # Beehive <http://beehive.apache.org/>
> # Cayenne <http://cayenne.apache.org/>
> # Cocoon <http://cocoon.apache.org/>
> # Commons <http://commons.apache.org/>
> # Continuum <http://continuum.apache.org/>
> # DB <http://db.apache.org/>
> # Directory <http://directory.apache.org/>
> # Excalibur <http://excalibur.apache.org/>
> # Felix <http://felix.apache.org/>
> # Forrest <http://forrest.apache.org/>
> # Geronimo <http://geronimo.apache.org/>
> # Gump <http://gump.apache.org/>
> # Hadoop <http://hadoop.apache.org/>
> # Harmony <http://harmony.apache.org/>
> # HiveMind <http://hivemind.apache.org/>
> # HttpComponents <http://hc.apache.org/>
> # iBATIS <http://ibatis.apache.org/>
> # Incubator <http://incubator.apache.org/>
> # Jackrabbit <http://jackrabbit.apache.org/>
> # Jakarta <http://jakarta.apache.org/>
> # James <http://james.apache.org/>
> # Labs <http://labs.apache.org/>
> # Lenya <http://lenya.apache.org/>
> # Logging <http://logging.apache.org/>
> # Lucene <http://lucene.apache.org/>
> # Maven <http://maven.apache.org/>
> # Mina <http://mina.apache.org/>
> # MyFaces <http://myfaces.apache.org/>
> # ODE <http://ode.apache.org/>
> # OFBiz <http://ofbiz.apache.org/>
> # OpenEJB <http://openejb.apache.org/>
> # OpenJPA <http://openjpa.apache.org/>
> # Perl <http://perl.apache.org/>
> # POI <http://poi.apache.org/>
> # Portals <http://portals.apache.org/>
> # Roller <http://roller.apache.org/>
> # Santuario <http://santuario.apache.org/>
> # ServiceMix <http://servicemix.apache.org/>
> # Shale <http://shale.apache.org/>
> # SpamAssassin <http://spamassassin.apache.org/>
> # STDCXX <http://stdcxx.apache.org/>
> # Struts <http://struts.apache.org/>
> # Synapse <http://synapse.apache.org/>
> # Tapestry <http://tapestry.apache.org/>
> # TCL <http://tcl.apache.org/>
> # Tiles <http://tiles.apache.org/>
> # Tomcat <http://tomcat.apache.org/>
> #  Turbine <http://turbine.apache.org/>
> # Velocity <http://velocity.apache.org/>
> # Wicket <http://wicket.apache.org/>
> # Web Services <http://ws.apache.org/>
> # Xalan <http://xalan.apache.org/>
> # Xerces <http://xerces.apache.org/>
> # XML <http://xml.apache.org/>
> # XMLBeans <http://xmlbeans.apache.org/>
> # XML Graphics <http://xmlgraphics.apache.org/>
>
>
> Hmm.... seems all over the road in terms of naming conventions, yet, I 
> know of, use, and refer to many of these projects all the time.  I'd 
> like to note also that "HTTP Server" is actually the apache web 
> server, as I am sure you all know.  So this supports Phil's point 
> about not calling the ID-WSF 2 libraries "OpenLiberty." Obviously at 
> the highest level (Apache foundation's list of projects) they decided 
> it should not be referred to as apache, even though it is apache 
> everywhere else in the world... there's a lot in a name.  
>
> more later when I have had some time to think,
>
> asa
>
>
>
>
>
>
> --
> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> Tel: +1.413.429.1044 Skype: subsystem7
>
>
>
>
> On Mar 22, 2008, at 7:27 PM, Brett McDowell wrote:
>
>> If Phil has the premise correct -- i.e. if all the WSF projects do 
>> actually breakdown neatly into Toolkit, AppKit, and ProviderKit -- 
>> then how about..
>>
>> option A:
>> OpenLiberty TrustFed ToolKit
>> OpenLiberty TrustFed AppKit
>> OpenLiberty TrustFed ProviderKit
>>
>> option B: (I'm just throwing something out there... it seems the 
>> heart of WSF is the concept of "my services")
>> OpenLiberty MyServices ToolKit
>> OpenLiberty MyServices AppKit
>> OpenLiberty MyServices ProviderKit
>>
>> option C (already one vote against this from Phil, but let's just 
>> keep the options on the table until we get a decision):
>> OpenLiberty OpenWSF ToolKit
>> OpenLiberty OpenWSF AppKit
>> OpenLiberty OpenWSF ProviderKit
>>
>> option D: (noting one vote for this from Phil... maybe)
>> OpenLiberty Panda ToolKit
>> OpenLiberty Panda AppKit
>> OpenLiberty Panda ProviderKit
>>
>> option E ??
>>
>> But I have a meta-question... who should be making this decision 
>> anyway?  I think with Sampo, Conor and AOL (presumably George 
>> Fletcher) signing CLA's (any day now?) we finally have an official 
>> independent group of contributors to take over "governance" of this 
>> project.  And since this naming does impact the other IGF project we 
>> need to add Phil and Prateek to that list.  So maybe only Phil, 
>> Prateek, Asa, Sampo, Conor, and George need to make this decision?  
>> Gentlemen, are we at that point yet?
>>
>> Brett McDowell | Liberty Alliance <http://www.projectliberty.org> | 
>> vCard <http://www.ictprojects.com/Brett_McDowell_LAP.vcf> | Calendar 
>> <http://www.google.com/calendar/hosted/ictprojects.com/embed?src=brett%40ictprojects.com&ctz=America/New_York> 
>>
>>
>>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Igf-dev mailing list
> Igf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/igf-dev_lists.openliberty.org
>   



From jason.rouault at hp.com  Tue Mar 25 11:00:04 2008
From: jason.rouault at hp.com (Rouault, Jason (Security Management))
Date: Tue, 25 Mar 2008 18:00:04 +0000
Subject: [wsf-dev] [Igf-dev] Governance & Naming
In-Reply-To: <47E9329D.7010808@oracle.com>
References: <D591CA66-5050-4B53-9CE1-843A18FDA720@zenn.net>
	<C15F8E4F-3C59-4407-A5A0-833C4BD64E84@oracle.com>
	<1FF648C0-A5C3-4A50-9B69-F5215B9F01A7@zenn.net>
	<a07fbebc0803221627r53108c88s35b883773dd9ca17@mail.gmail.com>
	<F425D0D3-B248-48AC-94B8-6924E9777541@zenn.net>
	<47E9329D.7010808@oracle.com>
Message-ID: <C38343C8EF768045851A80E1001137ACFA67AFDC83@G1W0486.americas.hpqcorp.net>

For what it's worth...

I agree with Prateek.

OpenLiberty is the home community, projects then reside under that.... as for what those projects are called, I can care less.

Jason

-----Original Message-----
From: wsf-dev-bounces at lists.openliberty.org [mailto:wsf-dev-bounces at lists.openliberty.org] On Behalf Of Prateek Mishra
Sent: Tuesday, March 25, 2008 11:13 AM
To: Asa Hardcastle
Cc: wsf-dev at openliberty.org; igf-dev at lists.openliberty.org
Subject: Re: [wsf-dev] [Igf-dev] Governance & Naming

Sounds like a plan, I think Phil and I have CLAs signed for the IGF work
at least

I liked  the article - unfortunately, I do think naming is a reasonable
big deal - we are hoping that these projects are long-lived and some
kind of compact handle is really, really good thing. I am worried about
the proliferation of too many open's - OpenLiberty Panda or OpenLiberty
XXX sounds about right to me.

Anywayz, as you suggest, we should discuss this as a group of
contributors and agree on some basic guidelines...

- prateek
> governance:
>
> I think we need to get the CLAs signed as Brett has suggested.
>  Any *guidelines* on project naming should be decided by this smaller
> governance group.  My suggestion is that we do this first, and then go
> about naming our own projects.  This smaller group should decide on
> things like whether or not we want to have a convention that ties the
> projects together e.g. "All projects begin with BeerAndWings, sub
> projects are denoted with a suffix indicating their language, /J /C"
>
>
> as for project naming in general:
>
>
> On Naming an open source project:
> http://www.advogato.org/article/67.html
>
> Here is a list of apache top level projects, many are headers for lots
> of other projects (down below the list I make my point):
>
> # HTTP Server <http://httpd.apache.org/>
> # ActiveMQ <http://activemq.apache.org/>
> # Ant <http://ant.apache.org/>
> # APR <http://apr.apache.org/>
> # Beehive <http://beehive.apache.org/>
> # Cayenne <http://cayenne.apache.org/>
> # Cocoon <http://cocoon.apache.org/>
> # Commons <http://commons.apache.org/>
> # Continuum <http://continuum.apache.org/>
> # DB <http://db.apache.org/>
> # Directory <http://directory.apache.org/>
> # Excalibur <http://excalibur.apache.org/>
> # Felix <http://felix.apache.org/>
> # Forrest <http://forrest.apache.org/>
> # Geronimo <http://geronimo.apache.org/>
> # Gump <http://gump.apache.org/>
> # Hadoop <http://hadoop.apache.org/>
> # Harmony <http://harmony.apache.org/>
> # HiveMind <http://hivemind.apache.org/>
> # HttpComponents <http://hc.apache.org/>
> # iBATIS <http://ibatis.apache.org/>
> # Incubator <http://incubator.apache.org/>
> # Jackrabbit <http://jackrabbit.apache.org/>
> # Jakarta <http://jakarta.apache.org/>
> # James <http://james.apache.org/>
> # Labs <http://labs.apache.org/>
> # Lenya <http://lenya.apache.org/>
> # Logging <http://logging.apache.org/>
> # Lucene <http://lucene.apache.org/>
> # Maven <http://maven.apache.org/>
> # Mina <http://mina.apache.org/>
> # MyFaces <http://myfaces.apache.org/>
> # ODE <http://ode.apache.org/>
> # OFBiz <http://ofbiz.apache.org/>
> # OpenEJB <http://openejb.apache.org/>
> # OpenJPA <http://openjpa.apache.org/>
> # Perl <http://perl.apache.org/>
> # POI <http://poi.apache.org/>
> # Portals <http://portals.apache.org/>
> # Roller <http://roller.apache.org/>
> # Santuario <http://santuario.apache.org/>
> # ServiceMix <http://servicemix.apache.org/>
> # Shale <http://shale.apache.org/>
> # SpamAssassin <http://spamassassin.apache.org/>
> # STDCXX <http://stdcxx.apache.org/>
> # Struts <http://struts.apache.org/>
> # Synapse <http://synapse.apache.org/>
> # Tapestry <http://tapestry.apache.org/>
> # TCL <http://tcl.apache.org/>
> # Tiles <http://tiles.apache.org/>
> # Tomcat <http://tomcat.apache.org/>
> #  Turbine <http://turbine.apache.org/>
> # Velocity <http://velocity.apache.org/>
> # Wicket <http://wicket.apache.org/>
> # Web Services <http://ws.apache.org/>
> # Xalan <http://xalan.apache.org/>
> # Xerces <http://xerces.apache.org/>
> # XML <http://xml.apache.org/>
> # XMLBeans <http://xmlbeans.apache.org/>
> # XML Graphics <http://xmlgraphics.apache.org/>
>
>
> Hmm.... seems all over the road in terms of naming conventions, yet, I
> know of, use, and refer to many of these projects all the time.  I'd
> like to note also that "HTTP Server" is actually the apache web
> server, as I am sure you all know.  So this supports Phil's point
> about not calling the ID-WSF 2 libraries "OpenLiberty." Obviously at
> the highest level (Apache foundation's list of projects) they decided
> it should not be referred to as apache, even though it is apache
> everywhere else in the world... there's a lot in a name.
>
> more later when I have had some time to think,
>
> asa
>
>
>
>
>
>
> --
> Asa Hardcastle, Technical Lead, openLiberty ID-WSF ClientLib
> Tel: +1.413.429.1044 Skype: subsystem7
>
>
>
>
> On Mar 22, 2008, at 7:27 PM, Brett McDowell wrote:
>
>> If Phil has the premise correct -- i.e. if all the WSF projects do
>> actually breakdown neatly into Toolkit, AppKit, and ProviderKit --
>> then how about..
>>
>> option A:
>> OpenLiberty TrustFed ToolKit
>> OpenLiberty TrustFed AppKit
>> OpenLiberty TrustFed ProviderKit
>>
>> option B: (I'm just throwing something out there... it seems the
>> heart of WSF is the concept of "my services")
>> OpenLiberty MyServices ToolKit
>> OpenLiberty MyServices AppKit
>> OpenLiberty MyServices ProviderKit
>>
>> option C (already one vote against this from Phil, but let's just
>> keep the options on the table until we get a decision):
>> OpenLiberty OpenWSF ToolKit
>> OpenLiberty OpenWSF AppKit
>> OpenLiberty OpenWSF ProviderKit
>>
>> option D: (noting one vote for this from Phil... maybe)
>> OpenLiberty Panda ToolKit
>> OpenLiberty Panda AppKit
>> OpenLiberty Panda ProviderKit
>>
>> option E ??
>>
>> But I have a meta-question... who should be making this decision
>> anyway?  I think with Sampo, Conor and AOL (presumably George
>> Fletcher) signing CLA's (any day now?) we finally have an official
>> independent group of contributors to take over "governance" of this
>> project.  And since this naming does impact the other IGF project we
>> need to add Phil and Prateek to that list.  So maybe only Phil,
>> Prateek, Asa, Sampo, Conor, and George need to make this decision?
>> Gentlemen, are we at that point yet?
>>
>> Brett McDowell | Liberty Alliance <http://www.projectliberty.org> |
>> vCard <http://www.ictprojects.com/Brett_McDowell_LAP.vcf> | Calendar
>> <http://www.google.com/calendar/hosted/ictprojects.com/embed?src=brett%40ictprojects.com&ctz=America/New_York>
>>
>>
>>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Igf-dev mailing list
> Igf-dev at lists.openliberty.org
> http://lists.openliberty.org/mailman/listinfo/igf-dev_lists.openliberty.org
>


_______________________________________________
Wsf-dev mailing list
Wsf-dev at lists.openliberty.org
http://lists.openliberty.org/mailman/listinfo/wsf-dev_lists.openliberty.org