[aerogear-dev] AGSEC - Component planning

Jay Balunas jbalunas at redhat.com
Thu May 23 15:04:04 EDT 2013 

On May 23, 2013, at 2:45 PM, Bruno Oliveira wrote:

> Good morning all.
> 
> Today most of the tasks related with security on AeroGear 
> (https://issues.jboss.org/browse/AEROGEAR) were moved to 
> https://issues.jboss.org/browse/AGSEC.
> 
> How to properly file jiras?
> 
> Once security is a cross-cutting concern affecting most part of the 
> projects on AeroGear, people might get confused about how to file a JIRA 
> for security.
> 
> So here comes my recommendation:
> 
> - Issues related with specific projects like JS, Android and iOS should 
> be created into the respective jiras: AGJS, AGDROID and AGIOS. (is my 
> suggestion only)
> 
> - If the issue is something that abstractj|slacker should definitely 
> take a look or should work on it, please, create a link into AGSEC. For 
> example: https://issues.jboss.org/browse/AGSEC-28

I think this makes sense to me.

> 
> Here is the list of planned components for the AGSEC project in JIRA:
> 
> - examples: demos, example of usage, snippets
> - docs: documentation about how to make use of security libraries, blog 
> posts, updates on aerogear.org
> - CI: updates on CI like new jobs to be created or improvements
> - OTP: TOTP & HOTP components which affects the server, iOS, Android and JS
> - crypto: implementations of cryptographic algorithms to support 
> server/client side
> - security-*: aerogear-security, aerogear-security-picketlink and 
> aerogear-security-shiro.
> - social: Twitter, Facebook, Google (any social networks to share your 
> password with friends)
> - auth: authentication methods to be provided (Basic, Digest, LDAP, 
> OAuth2, Hawk, Mozilla Persona, Two-factor)
> - authZ: authorization methods to be implemented or supported.

Not sure of the diff with auth and authZ?

> - storage: issues and features related with encrypted storage
> - cache: issues and features related with encrypted cache

To you want to add in general components like openshift, testing, tooling, etc...?

> 
> Please let me know wdyt. Once it will affect the whole project, feedback 
> is important.
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev

More information about the aerogear-dev mailing list