Dear Experts,
Just wanted to let you know what text I plan to submit for the upcoming
renewal ballot. Thanks for all your energy, enthusiasm, and work in
helping put together the spec; once we get past the renewal ballot I
think it'll come together pretty quickly.
Here is the text:
"The JSR-375 Expert Group, after a period of relative inactivity,
has a new Spec Lead, and has resumed its work to define a core set
of security APIs and functions for Java EE.
The EG is active and engaged. An Early Draft Release specification
is taking shape, and, while there are still deliberations going on,
we expect to publish an EDR by January 2017. API code is also taking
shape, as is a Reference Implementation.
Recent talks by EG members and others, at JavaOne and other
developer conferences, have publicized the EG's work, and laid out a
roadmap for Java EE security that includes JSR 375 as a foundation
in EE 8, with additional capabilities, including OAuth/OpenID
Connect support, planned for a follow-on JSR. The roadmap has been
generally well-received.
Additional talks are scheduled, including my talk, "What's New in
Java EE Security: JSR-375 and Beyond", which has been accepted for
Devoxx US 2017.
The EG believes that JSR 375 should be completed, that it is
important to the future of Java EE, and that it enjoys broad
community support. We ask you to approve the renewal ballot.
Will Hopkins
Spec Lead, JSR 375"
Note that this is only intended to provide a snapshot of current
thinking and demonstrate activity/progress, so the EC members have
something to base their vote on. It doesn't lock us into, e.g., doing
OAuth as a follow-on JSR.
I plan to submit this to the JCP later today.
Regards,
Will
--
Will Hopkins | Platform Security Architect | +1.781.442.0310
Oracle Cloud Application Foundation
35 Network Drive, Burlington, MA 01803