On 11 October 2012 22:30, David Crossley wrote:
> Rob Weir wrote:
>> On Thu, Oct 11, 2012 at 3:53 PM, Benson Margulies
>> wrote:
>> > On Thu, Oct 11, 2012 at 3:38 PM, Rob Weir wrote:
>> >> On Wed, Oct 10, 2012 at 7:21 PM, Jukka Zitting
>> >> wrote:
>> >>> Hi,
>> >>>
>> >>> Thanks for the revi
[
https://issues.apache.org/jira/browse/PODLINGNAMESEARCH-13?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13474666#comment-13474666
]
Shane Curcuru commented on PODLINGNAMESEARCH-13:
Thanks for the
+1 to Apache Allura. Commented on your Jira.
If you truly want a "blessing", a little song or dance would be good,
but not strictly required. 8-)
- Shane
On 10/8/2012 10:41 AM, Rich Bowen wrote:
Trademarks folks,
I've done a name search for 'Allura' and the results of that search are
her
On Thu, Oct 11, 2012 at 4:52 PM, kishore g wrote:
> I may have to edit the Helix Proposal wiki. Can you please grant me
> the permission. My id is k4j
Done.
Marvin Humphrey
-
To unsubscribe, e-mail: general-unsubscr...@incubat
[
https://issues.apache.org/jira/browse/PODLINGNAMESEARCH-15?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13474595#comment-13474595
]
Shane Curcuru commented on PODLINGNAMESEARCH-15:
Geez, you misse
>-Original Message-
>From: Franklin, Matthew B. [mailto:mfrank...@mitre.org]
>Sent: Wednesday, October 10, 2012 9:18 PM
>To: general
>Subject: RE: Preparing for the October reports
>
>>-Original Message-
>>From: Jukka Zitting [mailto:jukka.zitt...@gmail.com]
>>Sent: Wednesday, Octo
I am concerned about the lack of mail list and JIRA activity for the podling
since the last reporting period. There has been very little activity, but the
report indicates a lot of work was completed. I did see a bunch of commits in
August, but the only e-mails on the list were from the commit
Rob Weir wrote:
> On Thu, Oct 11, 2012 at 3:53 PM, Benson Margulies
> wrote:
> > On Thu, Oct 11, 2012 at 3:38 PM, Rob Weir wrote:
> >> On Wed, Oct 10, 2012 at 7:21 PM, Jukka Zitting
> >> wrote:
> >>> Hi,
> >>>
> >>> Thanks for the reviews, Benson! I added you as a signer-off on these
> >>> re
Sent from my iPhone
On Oct 11, 2012, at 3:06 PM, Rob Weir wrote:
> On Thu, Oct 11, 2012 at 3:53 PM, Benson Margulies
> wrote:
>> On Thu, Oct 11, 2012 at 3:38 PM, Rob Weir wrote:
>>> On Wed, Oct 10, 2012 at 7:21 PM, Jukka Zitting
>>> wrote:
Hi,
Thanks for the reviews, Benso
On Thu, Oct 11, 2012 at 1:29 PM, Daniel Shahaf wrote:
> 1) RM prepares tarball, signs, uploads for voting
> 2) voting passes
> 3) mentor appends his signature to the .asc file
> 4) artifacts posted to dist/
>
> That solves the problem for end users until the RM attends a keysigning
> party.
+1
G
Marvin Humphrey wrote on Thu, Oct 11, 2012 at 11:46:23 -0700:
> In my opinion, general@incubator is an appropriate venue to explore ways in
> which the system can be improved. That will necessarily mean talking about
I am sure there are crypto minds in the ASF who aren't on general@incubator.
Marvin Humphrey wrote on Thu, Oct 11, 2012 at 11:46:23 -0700:
> On Wed, Oct 10, 2012 at 2:36 PM, Nick Kew wrote:
> > On 10 Oct 2012, at 17:04, Marvin Humphrey wrote:
> >
> >> In my opinion, we have sufficient expertise here at the ASF to devise an
> >> authentication protocol whose reliability exc
On Thu, Oct 11, 2012 at 3:53 PM, Benson Margulies wrote:
> On Thu, Oct 11, 2012 at 3:38 PM, Rob Weir wrote:
>> On Wed, Oct 10, 2012 at 7:21 PM, Jukka Zitting
>> wrote:
>>> Hi,
>>>
>>> Thanks for the reviews, Benson! I added you as a signer-off on these
>>> reports.
>>>
>>> As reported and disc
On Thu, Oct 11, 2012 at 3:38 PM, Rob Weir wrote:
> On Wed, Oct 10, 2012 at 7:21 PM, Jukka Zitting
> wrote:
>> Hi,
>>
>> Thanks for the reviews, Benson! I added you as a signer-off on these reports.
>>
>> As reported and discussed, Kafka remains ready to graduate and will
>> hopefully complete th
On Wed, Oct 10, 2012 at 7:21 PM, Jukka Zitting wrote:
> Hi,
>
> Thanks for the reviews, Benson! I added you as a signer-off on these reports.
>
> As reported and discussed, Kafka remains ready to graduate and will
> hopefully complete that transition shortly.
>
> On Fri, Oct 5, 2012 at 3:19 PM, Be
@Marvin,
Can you say more about Multi-factor? I know commonly-claimed schemes involve
the same factor multiple times (e.g., more things that a party knows, like Aunt
Gracie's dress size). I agree that confirming a picture ID (something the
individual has) is another factor. What other factor
On Thu, Oct 11, 2012 at 10:41 AM, Roman Shaposhnik wrote:
> However, see my 'how would it help to clear 3 +1 IPMC votes hurdle' question
> on this thread'?
If you help to audit the IP of the podling and to instill good habits and
values, it will make it considerably easier for the formal Mentors
On Wed, Oct 10, 2012 at 2:36 PM, Nick Kew wrote:
> On 10 Oct 2012, at 17:04, Marvin Humphrey wrote:
>
>> In my opinion, we have sufficient expertise here at the ASF to devise an
>> authentication protocol whose reliability exceeds that of individuals
>> participating unsupervised in a web of trust
+1 (binding)
On Thu, Oct 11, 2012 at 6:04 PM, Gord Tanner wrote:
> Please cast your votes!
>
> [ ] +1, recommend Ripple to move into the incubator
> [ ] +0, abstain/don't care
> [ ] -1, do not recommend Ripple to move into the incubator,because...
>
>
>
> Ripple, A Mobile Environment Emulator
> =
On Thu, Oct 11, 2012 at 12:00 AM, Branko Čibej wrote:
> So instead of giving too much credence to government-issued IDs, you'd
> prefer to give credence to a service provided "for free" by a commercial
> entity with a conceivable interest in inserting backdoors in software or
> subverting trust i
+1 binding
Sent from mobile, forgive terseness and errors
On Oct 11, 2012 5:05 PM, "Gord Tanner" wrote:
> Please cast your votes!
>
> [ ] +1, recommend Ripple to move into the incubator
> [ ] +0, abstain/don't care
> [ ] -1, do not recommend Ripple to move into the incubator,because...
>
>
>
> R
+1 (non-binding)
On 11 Oct 2012, at 18:04, Gord Tanner wrote:
> Please cast your votes!
>
> [ ] +1, recommend Ripple to move into the incubator
> [ ] +0, abstain/don't care
> [ ] -1, do not recommend Ripple to move into the incubator,because...
>
>
>
> Ripple, A Mobile Environment Emulator
>
On Thu, Oct 11, 2012 at 10:33 AM, Jakob Homan wrote:
> You go and help the community out in general and, when it comes time
> for a release, you do all the things a regular mentor would do. If
> you catch issues with the release, this will be a big help. No one is
> going to ignore your assistan
On 11 Oct 2012, at 17:14, Dennis E. Hamilton wrote:
> @Nick
>
> I don't understand the supposed attack vector concerning the file digests
> being of no value and the WoT being essential.
>
> - Dennis
>
> ANALYSIS
>
> So long as the digest value is obtained from a reliable read-only source, i
> Great. Lets make it practical -- there's a Helix project that is currently
> being proposed for incubation. I'm very much interested in helping
> it to grow into a TLP eventually. Given how closely it aligns with some
> of the things we're trying to do in Bigtop -- I'm definitely joining the
> co
On Thu, Oct 11, 2012 at 1:32 AM, Upayavira wrote:
> I guess I would encourage you to do as Luciano suggests, and to chat to
> mentors on a project that you might help with.
Great. Lets make it practical -- there's a Helix project that is currently
being proposed for incubation. I'm very much inte
On 10/11/12 10:04 AM, Gord Tanner wrote:
Please cast your votes!
[ ] +1, recommend Ripple to move into the incubator
[ ] +0, abstain/don't care
[ ] -1, do not recommend Ripple to move into the incubator,because...
+1 (binding)
-- leif
On 10/10/12 1:00 PM, Andrea Pescetti wrote:
Seeing no objections to my last message, and keeping into account that
this list had been regularly informed about the steps Apache OpenOffice
was taking towards graduation, I'm hereby asking the IPMC to recommend the
following resolution to the Board
On Thu, Oct 11, 2012 at 9:58 AM, Suresh Marru wrote:
> But great suggestion Luciano (to use all the incumbent IPMC to help more
> while experiences are fresh).
> My personal opinion is, the easiest way to look for projects needing help is
> during releases. If a project
> comes to general list w
On Oct 11, 2012, at 4:32 AM, Upayavira wrote:
> There's that, and also the fact that no two mentors have the same level
> of experience anyway, so what you describe is possible within the
> current structures, just isn't formalized.
I am not sure if formalizing the role is neded. I agree with Up
+ 1 (binding),
Good luck folks!
Suresh
On Oct 10, 2012, at 12:37 PM, kishore g wrote:
> Hi,
>
> I would like to call a vote for accepting Helix for incubation in the
> Apache Incubator. I have pasted the full proposal below.
>
> Please cast your vote:
>
> [ ] +1, bring Helix into Incubator
>
+ 1 (binding).
Great to see the project graduate.
Suresh
On Oct 10, 2012, at 3:00 PM, Andrea Pescetti wrote:
> Seeing no objections to my last message, and keeping into account that this
> list had been regularly informed about the steps Apache OpenOffice was taking
> towards graduation, I'm
+1
Although I know my vote doesn't count :-)
On Thu, Oct 11, 2012 at 12:04 PM, Gord Tanner wrote:
> Please cast your votes!
>
> [ ] +1, recommend Ripple to move into the incubator
> [ ] +0, abstain/don't care
> [ ] -1, do not recommend Ripple to move into the incubator,because...
>
>
>
> Ripple
@Nick
I don't understand the supposed attack vector concerning the file digests being
of no value and the WoT being essential.
- Dennis
ANALYSIS
So long as the digest value is obtained from a reliable read-only source, it
doesn't matter where the file comes from, the digest can be verified.
I see I committed the sin of using "signature" two different ways, below.
I mean the file digest value (digital hash, SHA1) for what power users and
appropriate downloader utilities check.
I mean the external digital signature and the signers public-key cert in the
Apache keys with regard to ch
On 11 Oct 2012, at 09:57, Noah Slater wrote:
> On Thu, Oct 11, 2012 at 9:01 AM, Nick Kew wrote:
>
>>
>> You have to extend that assumption not only to our infrastructure but to
>> every proxy that might come between us and a user, and that might
>> substitute a trojan along with the trojan's o
Please cast your votes!
[ ] +1, recommend Ripple to move into the incubator
[ ] +0, abstain/don't care
[ ] -1, do not recommend Ripple to move into the incubator,because...
> On Thu, Oct 11, 2012 at 3:16 AM, Ross Gardler
> wrote:
>
>> Great to have you Andrew.
>>
>> Dan, yes, the discuss perio
+1
I'm assuming Benson means the digest (SHA1) by "signature." Using those from
the Apache site is probably the first-line for power users and about as much
extra effort that can be expected. The use of download utilities that reliably
check signatures from authentic sources is a small boost
Hi Michael,
On Oct 10, 2012, at 8:03 PM, Michael Stroucken wrote:
Craig L Russell wrote:
Hi Jukka,
The incubator report in wiki is immutable.
Could you please amend the tashi report:
Change "diogo" to "diego"
Please don't, the gentleman's name is "Diogo", though I've
misspelled it too on
On 11/10/2012 15:30, Bertrand Delacretaz wrote:
Unless I'm mistaken, the list of PMC members below includes a single
individual (Dave Fisher) who's active in more than just the OO
project, all others have joined the ASF via OO incubation.
Yes, this is quite possible. The way PMC members were se
On 11 Oct 2012, at 13:19, Benson Margulies wrote:
> Over and above that, we could then ask, 'how could we improve
> protection against most complex problems?'
Now that's something the ASF might indeed be well-qualified to hack.
Improved end-user tools (e.g. browser plugins) to take advantage of
Hi,
Unless I'm mistaken, the list of PMC members below includes a single
individual (Dave Fisher) who's active in more than just the OO
project, all others have joined the ASF via OO incubation.
Are the OO mentors really comfortable with this, considering the
unusual size of this project isn't th
On Wed, Oct 10, 2012 at 12:24 AM, Steven Gill wrote:
> This is a call for vote to graduate the Cordova podling from Apache
> Incubator.
+1
> ...We have prepared and reviewed our charter. You can view it at [5]
IMO "related to building cross platform mobile applications with HTML,
Javascript
sebb wrote on Thu, Oct 11, 2012 at 09:48:25 +0100:
> On 11 October 2012 02:39, Daniel Shahaf wrote:
> > Greg Stein wrote on Wed, Oct 10, 2012 at 21:31:30 -0400:
> >> Not too much. We still instruct users "take the signatures and verify
> >> them against blah.apache.org/KEYS". John Blackhat could r
+1 binding.
On Wed, Oct 10, 2012 at 1:32 PM, Ted Dunning wrote:
> +1 (binding)
>
> On Wed, Oct 10, 2012 at 9:37 AM, kishore g wrote:
>
>> Hi,
>>
>> I would like to call a vote for accepting Helix for incubation in the
>> Apache Incubator. I have pasted the full proposal below.
>>
>> Please cast
+1 (IPMC)
Regards,
Dave
On Oct 11, 2012, at 12:14 AM, Ross Gardler wrote:
> +1 (mentor)
>
> Sent from my tablet
> On Oct 10, 2012 9:00 PM, "Andrea Pescetti" wrote:
>
>> Seeing no objections to my last message, and keeping into account that
>> this list had been regularly informed about the st
On Thu, Oct 11, 2012 at 10:57 AM, Noah Slater wrote:
> Which is why we link to the .md5, .sha, .asc, and KEYS files on our severs.
> Unless you're assuming a MITM along the request/response path to apache.org,
> in which case all bets are off anyway. No?
Which is why I have my release vote messag
+1
On Thu, Oct 11, 2012 at 2:53 PM, Mark Struberg wrote:
> +1
>
> LieGrue,
> strub
>
>
>
>
> - Original Message -
>> From: Ross Gardler
>> To: general@incubator.apache.org
>> Cc:
>> Sent: Thursday, October 11, 2012 9:14 AM
>> Subject: Re: [VOTE] Recommend to the Board to establish the A
+1
LieGrue,
strub
- Original Message -
> From: Steven Gill
> To: general@incubator.apache.org
> Cc:
> Sent: Wednesday, October 10, 2012 12:24 AM
> Subject: [VOTE] Graduate Cordova podling from Apache Incubator
>
>T his is a call for vote to graduate the Cordova podling from Apache
>
+1
LieGrue,
strub
- Original Message -
> From: Ross Gardler
> To: general@incubator.apache.org
> Cc:
> Sent: Thursday, October 11, 2012 9:14 AM
> Subject: Re: [VOTE] Recommend to the Board to establish the Apache OpenOffice
> Project
>
> +1 (mentor)
>
> Sent from my tablet
> On Oc
+1
On Thu, Oct 11, 2012 at 1:40 PM, seba.wag...@gmail.com
wrote:
> We've moved the project to apache-extras.org
>
> http://code.google.com/a/apache-extras.org/p/drupal-plugin-openmeetings/
>
> Sebastian
>
> 2012/9/13 Jukka Zitting
>
>> Hi,
>>
>> On Thu, Sep 13, 2012 at 10:08 AM, seba.wag...@gm
We've moved the project to apache-extras.org
http://code.google.com/a/apache-extras.org/p/drupal-plugin-openmeetings/
Sebastian
2012/9/13 Jukka Zitting
> Hi,
>
> On Thu, Sep 13, 2012 at 10:08 AM, seba.wag...@gmail.com
> wrote:
> > I don't want to create a "claim" here. If the request raises t
On Thu, Oct 11, 2012 at 9:48 AM, sebb wrote:
> On 11 October 2012 02:39, Daniel Shahaf wrote:
> > Greg Stein wrote on Wed, Oct 10, 2012 at 21:31:30 -0400:
> >> Not too much. We still instruct users "take the signatures and verify
> >> them against blah.apache.org/KEYS". John Blackhat could repla
On Thu, Oct 11, 2012 at 9:01 AM, Nick Kew wrote:
>
> You have to extend that assumption not only to our infrastructure but to
> every proxy that might come between us and a user, and that might
> substitute a trojan along with the trojan's own SHA1.
>
The same reasoning holds for the .asc file.
On 11 October 2012 02:39, Daniel Shahaf wrote:
> Greg Stein wrote on Wed, Oct 10, 2012 at 21:31:30 -0400:
>> Not too much. We still instruct users "take the signatures and verify
>> them against blah.apache.org/KEYS". John Blackhat could replace the
>> signatures and install his entry into KEYS.
>
There's that, and also the fact that no two mentors have the same level
of experience anyway, so what you describe is possible within the
current structures, just isn't formalised.
I guess I would encourage you to do as Luciano suggests, and to chat to
mentors on a project that you might help with
On 11 Oct 2012, at 00:44, Greg Stein wrote:
> Please explain how "keys" are needed for this ASF release? Consumers are
> already told to verify the SHA1 and nothing more. I doubt any more is
> needed.
SHA1 offers no more protection than a checksum against MITM attack.
> (assume secure Infrastru
Jukka Zitting wrote:
On Wed, Oct 10, 2012 at 10:00 PM, Andrea Pescetti wrote:
Aim of the resolution is to establish the
Apache OpenOffice Project as a Top Level Project.
[x] +1, recommend the resolution to the Board
Good luck, and a big thank you to everyone involved!
Thank you!
The re
+1 (mentor)
Good luck!
On Wed, Oct 10, 2012 at 9:00 PM, Andrea Pescetti wrote:
> Seeing no objections to my last message, and keeping into account that this
> list had been regularly informed about the steps Apache OpenOffice was
> taking towards graduation, I'm hereby asking the IPMC to recomme
+1 (mentor)
Sent from my tablet
On Oct 10, 2012 12:25 AM, "Steven Gill" wrote:
> This is a call for vote to graduate the Cordova podling from Apache
> Incubator.
>
> Cordova entered the Incubator in October of 2011. We have made significant
> progress with the project since moving over to Apache
+1 (mentor)
Sent from my tablet
On Oct 10, 2012 9:00 PM, "Andrea Pescetti" wrote:
> Seeing no objections to my last message, and keeping into account that
> this list had been regularly informed about the steps Apache OpenOffice was
> taking towards graduation, I'm hereby asking the IPMC to reco
On 10.10.2012 00:01, Marvin Humphrey wrote:
> While this protocol does not rely heavily on validating
> government-issued IDs, the Debian guidelines quoted above point out
> that some people object to giving such IDs too much creedence:
So instead of giving too much credence to government-issued I
62 matches
Mail list logo
