I am sending this to those on the Apache documentation list who have replied to emails related to SSL documentation (I am also copying the list to catch others that may be interested in this offer from Symantec/VeriSign). Here are a few comments I've seen about the existing Apache HTTPD documentation:
* "Most of ssl/ssl_faq.xml is rubbish" * "both the FAQ and the howto docs could stand to be completely scrapped. Unfortunately, SSL is one of the topics about which we seem to know the least." * "If the current arrangement of that doc or set of docs doesn't make sense, let's scrap it and start over. Most of that prose is a decade old, and was written by someone who, while a genius in the field, didn't have English as his first language." * "I'm a bit of a stickler for deciding what the scope of our documentation is, and then not straying too far outside of that. The scope of our docs is the Apache HTTP Server and how to configure it. While the theory of SSL itself intersects with configuring mod_ssl, they are separate topics." * "I think that the biggest problem in the past with the contributions has been twofold - one, the format made it difficult to integrate into the docs. (Translation: I'm basically lazy.) Two, many of us who are most active on the documentation are completely ignorant of SSL, and so feel unqualified to review any SSL content." Symantec (previously VeriSign/Thawte/GeoTrust) is willing to take on - for free - the rewriting of the SSL-related content for Apache HTTPD, but it is important to us that this work ends up being useful and valuable to the Apache community, and is not just a make-work project. We will do this in a CA-independent manner - we do not seek any advantage here, we just want to make it easier for Apache HTTPD users to understand what they need to know when implementing SSL (and 100% of them will do so, at some point). We expect to leverage our skills around writing/publishing meaningful content, along with the rich set of experiences we have from working with so many Apache HTTPD users as customers (e.g., what problems end up in our Customer Support that could be easily be fixed with some Apache documentation?). To that end, I will followup this email with a meeting request for Monday, April 23, at 1:00-1:30 pm Pacific. This will be a short conf call with any of those in Apache that have an interest in the SSL topic. The main goals for that call are: * Understand the scope of the project * Understand who from the Apache community we should work with * Understand Apache's timeframe for getting the rewritten documentation done Thanks... Geoff Geoffrey W. Noakes Director, Business Development Symantec Corporation geoffrey_noa...@symantec.com<mailto:geoffrey_noa...@symantec.com> +1-415-370-5980
