users@javaee-spec.java.net

[javaee-spec users] Re: [javaee-security-spec users] [jsr375-experts] Re: Final Call for Comments for EDR

From: reza_rahman <reza_rahman_at_lycos.com>
Date: Thu, 23 Feb 2017 07:14:18 -0500

Quite honestly, part of me also can't help but wonder if this specification is not better off going the MVC route - driven independent of Java EE by the community. It could be determined later in Java EE 9 if the specification is included in the umbrella release if Java EE 9 is really still targeted for 2018 as Oracle announced at JavaOne. To my understanding, Java EE 9 is really what Oracle cares more about anyway due to their cloud/PaaS/microservices business goals.
Just thinking out loud so others can also chime in. I have to say this worries me and we need some substantive open dialog with Oracle to get this piece sorted out properly.
Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone
-------- Original message --------From: Werner Keil <werner.keil_at_gmail.com> Date: 2/23/17 6:53 AM (GMT-05:00) To: users_at_javaee-spec.java.net Cc: users_at_javaee-security-spec.java.net, Java EE Security API - JSR 375 - Experts <jsr375-experts_at_googlegroups.com> Subject: [javaee-spec users] Re: [javaee-security-spec users] [jsr375-experts] Re: Final Call for Comments for EDR
Thanks, that's a good point.

I have not heard back from him but fellow JSR 375 EG member Adam is supposed to be on a panel at JavaLand I'm invited to moderate.
According to the schedule: https://www.javaland.eu/konferenz/konferenzplaner/konferenzplaner_details.php?id=522447&locS=0&vid=529321
Rudy has a JSR 375 talk there (should be right afterwards) followed by Gunnar and BV 2.0 (another "question mark" for EE 8 based on that new, tight schedule) as well as David Delabassee having a Java EE talk that day.
The panel is in parallel to regular talks but I hope there will be enough space (I heard it might be a little bigger) and that all of the EE related speakers could also join us if they're not too busy preparing their sessions?;-)

Cheers,
Werner



On Thu, Feb 23, 2017 at 12:45 PM, reza_rahman <reza_rahman_at_lycos.com> wrote:
When I heard about the schedule, this is the specification that worried me most. Did Oracle solicit feedback from Will before they decided on that announcement? What can really be done in the time frame mentioned with the current resource levels? Is the plan to significantly escalate resource commitments? Significantly scale down scope yet once again?
It would also be good to hear feedback from the major vendors on this. In the original Java EE 8 survey the security JSR ranked the highest in importance. Although the new survey did not ask about all the security JSR features, the security features that were mentioned also ranked extremely high. I would say this JSR is important enough to delay the overall release train if needed.
What do others think?
Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone
-------- Original message --------From: Werner Keil <werner.keil_at_gmail.com> Date: 2/23/17 5:24 AM (GMT-05:00) To: jsr375-experts_at_javaee-security-spec.java.net Cc: Java EE Security API - JSR 375 - Experts <jsr375-experts_at_googlegroups.com> Subject: [javaee-security-spec users] [jsr375-experts] Re: Final Call for Comments for EDR
Will/all,

Thanks, that's good news. Despite the ball now rolling (and I think several requirements are pretty solid) do you think 375 will make it for the new "ambitious" Java EE 8 release goal (to be Final by July) or should 375 as a whole be considered more likely for the next Java EE umbrella release?

I copied the Google Group, is there any official mailing list or similar channel in sight that woudl replace the java.net list when it's gone?

Regards,

Werner



On Thu, Feb 23, 2017 at 2:06 AM, Will Hopkins <will.hopkins_at_oracle.com> wrote:

  

    
  
  
    EG,

    

    I'd like to put out an EDR this week, or perhaps Monday. I think,
    based on the comments and discussion so far, that I've got a good
    enough understanding to update the spec for that purpose. There are
    some outstanding issues to be resolved, though, so please do reply
    to my latest comments in the "Comments on Current Spec Content (take
    3)" thread, or start a new thread, if you have input you'd like to
    see reflected in the EDR.

    

    Thanks,

    

    Will

    --
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803