I'm open to doing a Spec Lead Report, but being new to the Spec Lead
role, I'm not familiar with those -- is it a formal thing Spec Leads do,
an informal thing that's convenient due to the EC F2F? What's the venue?
On 11/23/2016 01:59 PM, Werner Keil wrote:
> Will,
>
> Looks good, thanks. Although at least 2 new EC members (Tomitribe,
> Ivar) are also in this EG, maybe around the January EDR timeline you
> could also schedule a Spec Lead Report for the EC F2F in London on Jan
> 10/11, do you think that's possible?
>
> I read, Oracle just bought Dyn. (which was responsible for a major
> internet blackout after it got hacked through insecure IoT devices)
> While this company or future Oracle subsidiary probably won't benefit
> as much from JSR 375 and similar security efforts, IoT devices and
> services in the cloud could especially if they run Java, so I am
> pretty confident, the Renewal Ballot should pass again;-)
>
> Regards,
> Werner
>
>
> On Wed, Nov 23, 2016 at 7:29 PM, Will Hopkins <will.hopkins_at_oracle.com
> <mailto:will.hopkins_at_oracle.com>> wrote:
>
> Dear Experts,
>
> Just wanted to let you know what text I plan to submit for the
> upcoming renewal ballot. Thanks for all your energy, enthusiasm,
> and work in helping put together the spec; once we get past the
> renewal ballot I think it'll come together pretty quickly.
>
> Here is the text:
>
> "The JSR-375 Expert Group, after a period of relative
> inactivity, has a new Spec Lead, and has resumed its work to
> define a core set of security APIs and functions for Java EE.
>
> The EG is active and engaged. An Early Draft Release
> specification is taking shape, and, while there are still
> deliberations going on, we expect to publish an EDR by January
> 2017. API code is also taking shape, as is a Reference
> Implementation.
>
> Recent talks by EG members and others, at JavaOne and other
> developer conferences, have publicized the EG's work, and laid
> out a roadmap for Java EE security that includes JSR 375 as a
> foundation in EE 8, with additional capabilities, including
> OAuth/OpenID Connect support, planned for a follow-on JSR. The
> roadmap has been generally well-received.
>
> Additional talks are scheduled, including my talk, "What's New
> in Java EE Security: JSR-375 and Beyond", which has been
> accepted for Devoxx US 2017.
>
> The EG believes that JSR 375 should be completed, that it is
> important to the future of Java EE, and that it enjoys broad
> community support. We ask you to approve the renewal ballot.
>
> Will Hopkins
> Spec Lead, JSR 375"
>
> Note that this is only intended to provide a snapshot of current
> thinking and demonstrate activity/progress, so the EC members have
> something to base their vote on. It doesn't lock us into, e.g.,
> doing OAuth as a follow-on JSR.
>
> I plan to submit this to the JCP later today.
>
> Regards,
>
> Will
>
> --
> Will Hopkins | Platform Security Architect |+1.781.442.0310 <tel:%2B1.781.442.0310>
> Oracle Cloud Application Foundation
> 35 Network Drive, Burlington, MA 01803
>
>
--
Will Hopkins | Platform Security Architect | +1.781.442.0310
Oracle Cloud Application Foundation
35 Network Drive, Burlington, MA 01803