Topics

What's our Acronym?


Will Hopkins
 

We can add it to the list.

On 08/04/2017 01:58 PM, Saeed wrote:
What about JSec? 

On 4 Aug 2017 16:59, "Will Hopkins" <will.hopkins@...> wrote:
The problem with an email tally is someone has to spend an hour or two compiling the answers and analyzing the results.  ;)

Werner's suggestion of a Doodle poll sounds good to me -- set to allow three choices. Can someone set that up?

Two data points/comments on the choices:
  • I used "SECAPI" as the abbreviation for our spec in the bibliography. I'm not sure it's actually referenced anywhere in the spec, though, and we could change that without affecting the meaning of the spec.
  • "Servlet API" works pretty well for servlet, but servlet is a very narrow technology area. Everybody knows exactly what servlets are, and do, and how the API is structured. It does essentially one thing, and is well understood. By contrast, "Security API" could mean almost anything. There are so many aspects to security -- ranging from codebase permissions, to authentication and authorization, encryption, auditing, and user account management -- and there are many different technologies and APIs that implement all of that. My point is that "security" is a very broad and generic term, relative to "servlet", and therefore "Security API" might not work as well as "Servlet API" as the name of a specific and fairly narrow set of APIs. (But we can definitely still vote on it.)

Will



On 08/04/2017 12:45 PM, Guillermo González de Agüero wrote:
Given that we are only a few people, I think the mailing list would suffice here.

In that case, my votes would be:
1- EE Security
2- Security API
3- JSECAPI


Regards,

Guillermo González de Agüero

El vie., 4 de agosto de 2017 18:34, Arjan Tijms <arjan.tijms@...> escribió:
With the terminology voting we just did a simple vote on the java.net mailing list ;)

-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803

-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803


Saeed
 

What about JSec? 

On 4 Aug 2017 16:59, "Will Hopkins" <will.hopkins@...> wrote:
The problem with an email tally is someone has to spend an hour or two compiling the answers and analyzing the results.  ;)

Werner's suggestion of a Doodle poll sounds good to me -- set to allow three choices. Can someone set that up?

Two data points/comments on the choices:
  • I used "SECAPI" as the abbreviation for our spec in the bibliography. I'm not sure it's actually referenced anywhere in the spec, though, and we could change that without affecting the meaning of the spec.
  • "Servlet API" works pretty well for servlet, but servlet is a very narrow technology area. Everybody knows exactly what servlets are, and do, and how the API is structured. It does essentially one thing, and is well understood. By contrast, "Security API" could mean almost anything. There are so many aspects to security -- ranging from codebase permissions, to authentication and authorization, encryption, auditing, and user account management -- and there are many different technologies and APIs that implement all of that. My point is that "security" is a very broad and generic term, relative to "servlet", and therefore "Security API" might not work as well as "Servlet API" as the name of a specific and fairly narrow set of APIs. (But we can definitely still vote on it.)

Will



On 08/04/2017 12:45 PM, Guillermo González de Agüero wrote:
Given that we are only a few people, I think the mailing list would suffice here.

In that case, my votes would be:
1- EE Security
2- Security API
3- JSECAPI


Regards,

Guillermo González de Agüero

El vie., 4 de agosto de 2017 18:34, Arjan Tijms <arjan.tijms@...> escribió:
With the terminology voting we just did a simple vote on the java.net mailing list ;)

-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803


Will Hopkins
 

The problem with an email tally is someone has to spend an hour or two compiling the answers and analyzing the results.  ;)

Werner's suggestion of a Doodle poll sounds good to me -- set to allow three choices. Can someone set that up?

Two data points/comments on the choices:
  • I used "SECAPI" as the abbreviation for our spec in the bibliography. I'm not sure it's actually referenced anywhere in the spec, though, and we could change that without affecting the meaning of the spec.
  • "Servlet API" works pretty well for servlet, but servlet is a very narrow technology area. Everybody knows exactly what servlets are, and do, and how the API is structured. It does essentially one thing, and is well understood. By contrast, "Security API" could mean almost anything. There are so many aspects to security -- ranging from codebase permissions, to authentication and authorization, encryption, auditing, and user account management -- and there are many different technologies and APIs that implement all of that. My point is that "security" is a very broad and generic term, relative to "servlet", and therefore "Security API" might not work as well as "Servlet API" as the name of a specific and fairly narrow set of APIs. (But we can definitely still vote on it.)

Will



On 08/04/2017 12:45 PM, Guillermo González de Agüero wrote:
Given that we are only a few people, I think the mailing list would suffice here.

In that case, my votes would be:
1- EE Security
2- Security API
3- JSECAPI


Regards,

Guillermo González de Agüero

El vie., 4 de agosto de 2017 18:34, Arjan Tijms <arjan.tijms@...> escribió:
With the terminology voting we just did a simple vote on the java.net mailing list ;)

-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803


Guillermo González de Agüero
 

Given that we are only a few people, I think the mailing list would suffice here.

In that case, my votes would be:
1- EE Security
2- Security API
3- JSECAPI


Regards,

Guillermo González de Agüero


El vie., 4 de agosto de 2017 18:34, Arjan Tijms <arjan.tijms@...> escribió:
With the terminology voting we just did a simple vote on the java.net mailing list ;)


Arjan Tijms
 

With the terminology voting we just did a simple vote on the java.net mailing list ;)


Werner Keil
 

Will,

Doodle polls allows that.
AFAIK you can also restrict multiple choice answers to EG. 2 or 3.

Ask Heather/PMO how they use it, I believe it's free and we used it at some point for decisions in JSR 363

Werner


Will Hopkins
 

My understanding is that we're not supposed to use any third-party polling service, and I'm not aware that we have an internal one, so it would be great if someone else could set up the poll -- who set up the poll for the first EG meeting we had (at least, the first one after I became spec lead)?

So far, I think the candidates are:
  • JSA
  • JSAPI
  • JESAPI
  • SECAPI
  • JSECAPI
  • Security API (not an acronym, as with Servlet or Servlet API)
  • EE Security (same comment as above)
A poll that allows us to vote for 1st, 2nd, and 3rd choices, and tallies the results accordingly, would be really great, but I don't know if such a thing is readily available.

Will

On 08/04/2017 09:57 AM, Werner Keil wrote:
Actually I think groups.io even has a vote feature, but it does not seem enabled for JavaEE.

-- 
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803


Werner Keil
 

Actually I think groups.io even has a vote feature, but it does not seem enabled for JavaEE.


Werner Keil
 

Maybe Will who started the thread can use either Doodle (I know his PMO colleagues use that a lot e.g. to find F2F locations etc.) or something else with alternatives that comply with Oracle's Java branding guidelines or practices...


Arjan Tijms
 

JASPIC was alternatively called JASPI and JASPIC, talking about confusion :O

EE as abbreviation should be okay. It's either Java EE or EE, but never J2EE anymore or JEE :P

But yeah, let's start a vote ;)


Rudy De Busscher
 

So I guess we need some kind of voting for the different proposals so that we can decide on the most popular acronym.

like https://www.easypolls.net/ or https://www.poll-maker.com/ (these allow multiple selections and are free)

On 4 August 2017 at 15:17, Werner Keil <werner.keil@...> wrote:
Whether "Java EE" or simply "EE" I assume, Bill and others have a strict opinion on that, but your point is, that sometimes acronyms get so long and bulky, it's easier to just use the entire term.

"Servlet API" or "Servlets" are never really abbreviated. And we also use "Java Money API" or just "JavaMoney" (including the domain registered for the project) for JSR 354, not "JMoney" (which matches at least one money-related Open Source project) or "JavaMon" (which sounds like "Monitoring" not Money" ;-) 
So either "Java Security", "Java EE Security" or (if allowed) simply "EE Security" all sound good to me.



Werner Keil
 

Whether "Java EE" or simply "EE" I assume, Bill and others have a strict opinion on that, but your point is, that sometimes acronyms get so long and bulky, it's easier to just use the entire term.

"Servlet API" or "Servlets" are never really abbreviated. And we also use "Java Money API" or just "JavaMoney" (including the domain registered for the project) for JSR 354, not "JMoney" (which matches at least one money-related Open Source project) or "JavaMon" (which sounds like "Monitoring" not Money" ;-) 
So either "Java Security", "Java EE Security" or (if allowed) simply "EE Security" all sound good to me.


Arjan Tijms
 

Why not just "EE Security"?

Few characters shorter than "Spring Security" even, and nobody really feels the need to abbreviate that as far as I know ;)


Werner Keil
 

In that case to be fully correct it would have to be JavaEESECAPI ;-)


Rudy De Busscher
 

I prefer SECAPI, as it easily makes the link with the original long name.

On 4 August 2017 at 12:50, Werner Keil <werner.keil@...> wrote:
I guess compared to JASPIC it is not so bad either;-)

The majority of Java EE JSRs JTA, JPA, JMS, JSP or JSF prefer short 3-4 character ones, but e.g. "Servlets" I don't think they really got anything shorter there either.



Werner Keil
 

I guess compared to JASPIC it is not so bad either;-)

The majority of Java EE JSRs JTA, JPA, JMS, JSP or JSF prefer short 3-4 character ones, but e.g. "Servlets" I don't think they really got anything shorter there either.


Guillermo González de Agüero
 

What about JSECAPI then?


El vie., 4 de agosto de 2017 12:14, Werner Keil <werner.keil@...> escribió:
Has anybody ever argued that
  • JSP
  • JSF

sounded too much like JavaScript?;-)

The only issue compared to those could be that "JS" in the Java and JCP context often stands for "Java Server" but then Java Security API works primarily with Servlets and Web applications, too, so that does not seem a big issue if an acronym started with "JS" in this case.

Werner


Werner Keil
 

Has anybody ever argued that
  • JSP
  • JSF

sounded too much like JavaScript?;-)

The only issue compared to those could be that "JS" in the Java and JCP context often stands for "Java Server" but then Java Security API works primarily with Servlets and Web applications, too, so that does not seem a big issue if an acronym started with "JS" in this case.

Werner


Werner Keil
 

Sure JSON-P also has the problem that "JSON with Padding" uses the exact same acronym in this case. 
There isn't even anybody tracking the 100k or more JavaScript APIs that come and go on a regular basis, so not sure if an acronym without even a "J" in it was clearer than one with it...?

Somebody parked http://jsa.io/ but it's probably just a domain grabber hoping for a bargain by a short acronym. No JavaScript project using it ;-)


David Delabassee
 

On Thu, Aug 3, 2017 at 10:38 pm, Guillermo González de Agüero wrote:
SECAPI sounds good to me. Clearer than JSA
I agree. Anything with 'JS' sounds very JavaScript'ish to my ears.

--David