Re: [tools-pmc] PMC Approval Request for TCF 1.3

[David M Williams <david_williams@xxxxxxxxxx>]

+1 

I approve of this for release, (without
qualification) but have some questions, which are actually "over my
head", so might not be asking quite right, or perhaps obvious to others.


a. You say "TCF
connections use a plaintext protocol based on JSON by default" 
Isn't the trend to use "secure connections"
by default, and force the user to be less secure, if that's what they want?

(Not sure how that would be done, for TCF ... just asking.)


b. In standards section, you say "The SSL support
uses X.509 certificates." 
Could that be stated as "TLS/SSL support? (That is,
is that implied?) 
I'm just asking, in light of "POODLE" and "Heartbleed"
it seemed the advice was "to disable SSL support, and use TLS instead".

I'm guessing you've accounted for all that ... but, am
just curious (mostly due to timing of some other notes I recently got about
an 
old, old server I marginally support. :) 

Thanks, 

 



From:      
 "Oberhuber, Martin"
<Martin.Oberhuber@xxxxxxxxxxxxx>
To:      
 Tools PMC mailing list
<tools-pmc@xxxxxxxxxxx>, 
Date:      
 06/04/2015 12:40 AM
Subject:    
   [tools-pmc]
PMC Approval Request for TCF 1.3
Sent by:    
   tools-pmc-bounces@xxxxxxxxxxx

---

Dear Tools PMC,
 
I'd like to ask for PMC approval for TCF
1.3 which is planned to be part of Mars.
Release Review Document:
https://projects.eclipse.org/projects/tools.cdt.tcf/releases/1.3.0/review
 
The IP Log has already been approved and
is attached on the review.
 
Thanks,
Martin
--
Martin Oberhuber, SMTS
/ Product Owner – Development Tools, Wind
River
direct +43.662.457915.85  fax
+43.662.457915.6
 _______________________________________________
tools-pmc mailing list
tools-pmc@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe
from this list, visit
https://dev.eclipse.org/mailman/listinfo/tools-pmc