Apache Logo
The Apache Way Contribute ASF Sponsors

This was extracted (@ 2017-11-15 21:10) from a list of minutes which have been approved by the Board.
Please Note The Board typically approves the minutes of the previous meeting at the beginning of every Board meeting; therefore, the list below does not normally contain details from the minutes of the most recent Board meeting.

2017 | 2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999 | Pre-organization meetings

HTTP Server

15 Nov 2017 [Daniel Gruno / Phil]

Report was filed, but display is awaiting the approval of the Board minutes.

16 Aug 2017 [Daniel Gruno / Mark]

## Description:
- The Apache HTTP Server is an open-source HTTP server for modern
 operating systems including UNIX, Microsoft Windows, Mac OS/X and
 Netware.

## Issues:
- There are no issues requiring board attention at this time.

## Activity:
Three releases (two for 2.4 and one for 2.2) were cut. A lot of great
improvements in the codebase were made alongside some herculean tasks in
cleaning up old code/designs and keeping HTTPd at cutting edge. The 2.2
release also marks the last release of the 2.2 branch, save whatever
security patches may be released from now and through December 2017[1].

Among the plethora of activities in this cycle, I wish to point out a few:

At ApacheCon North America 2017 in Miami, a total of four talks were
held about HTTPd. Thanks go out to the speakers for the time and effort
put into this.

The HTTP/2 support in HTTPd 2.4 has been changed from "experimental" to
stable in future releases[2], in part to avoid confusion over the
projects use of the term "experimental" to denote modules and/or
features whose API may change but are otherwise considered stable, as is
the case with the mod_h2 and mod_lua modules.

Work has also begun[3] on a new module, mod_md, that enables on-the-fly
acquisitions and integrations of web site certificates via Automatic
Certificate Management Environment (ACME) providers such as ISRG's
LetsEncrypt.

[1] https://s.apache.org/obH5
[2] https://s.apache.org/yqNQ
[3] https://s.apache.org/Tnra

## Health report:
The project remains in superb health. Mailing lists are full of active and
engaged people, with many simultaneous discussions going on. The number of
committers actively contributing to the code/documentation has been steady
throughout the past two years and remains at a level of 15-20 active
committers each month. HTTPd is also seeing increased interest on GitHub even
though the project is only mirrored there. Looking at user/support activity,
HTTPd can boast a very vibrant and alive user sphere in terms of interactions
on mailing lists and IRC, as well as other fora. While we have not invited new
committers or PMC members in the past 3 months (summertime being a bit of a
lull), we are always on the lookout for new people to bolster our ranks and
help make HTTPd one of the best pieces of open source software out there.

## PMC changes:

- Currently 49 PMC members.
- No new PMC members added in the last 3 months
- Last PMC addition was Steffen Land on Mon Feb 27 2017

## Committer base changes:

- Currently 119 committers.
- No new committers added in the last 3 months
- Last committer addition was Daniel Ferradal at Wed Apr 26 2017

## Releases:

- 2.2.34 was released on Tue Jul 11 2017, and marks the last release of 2.2.
- 2.4.26 was released on Mon Jun 19 2017
- 2.4.27 was released on Tue Jul 11 2017

## Mailing list activity:

Mailing activity remains steady, albeit a bit lower than the previous
reporting cycle (likely due to it being summer), and have been omitted for the
sake of brevity.

## Bugzilla Statistics:

- 64 Bugzilla tickets created in the last 3 months
- 50 Bugzilla tickets resolved in the last 3 months

17 May 2017

Change the Apache HTTP Server Project Chair

 WHEREAS, the Board of Directors heretofore appointed Eric Covener
 (covener) to the office of Vice President, Apache HTTP Server, and

 WHEREAS, the Board of Directors is in receipt of the resignation of
 Eric Covener (covener) from the office of Vice President, Apache HTTP
 Server, and

 WHEREAS, the Project Management Committee of the Apache HTTP Server
 project has chosen by vote to recommend Daniel Gruno (humbedooh) as
 the successor to the post;

 NOW, THEREFORE, BE IT RESOLVED, that Eric Covener is relieved and
 discharged from the duties and responsibilities of the office of Vice
 President, Apache HTTP Server, and

 BE IT FURTHER RESOLVED, that Daniel Gruno be and hereby is appointed
 to the office of Vice President, Apache HTTP Server, to serve in
 accordance with and subject to the direction of the Board of Directors
 and the Bylaws of the Foundation until death, resignation, retirement,
 removal or disqualification, or until a successor is appointed.

 Special Order 7B, Change the Apache HTTP Server Project Chair,
 was approved by Unanimous Vote of the directors present.

17 May 2017 [Eric Covener / Ted]

## Description:

   The Apache HTTP Server Project develops and maintains an
   open-source HTTP server for modern operating systems.

## Issues:

   There are no issues requiring board attention at this time.

## Activity:

 * Development pace is slow with a few notable exceptions
   (HTTP/2, security investigations)
 * Some new interest/discussion in SSL config/defaults as well as
   resynching with security@a.o CVE policy.
 * Working towards a 2.4.26 release.

## Health report:

 * Security backlog is creeping back up, most issues have some
   active engagement.

## PMC changes:

 - Currently 49 PMC members.
 - Steffen Land was added to the PMC on Sun Feb 26 2017

## Committer base changes:

 - Currently 119 committers.
 - New commmitters:
    - Daniel Ferradal was added as a committer on Wed Apr 26 2017
    - Steffen Land was added as a committer on Thu Feb 09 2017

 * Overall things are healthy.  Routine tickets/emails
   are being addressed in a timely manner.

 * The backlog of aged security issues has been mostly cleared out with last
   reporting periods releases.

 * Currently 116 committers.

## Releases:

 * None this period. Both trees expected next period.
 * Last Stable release: 2.4.25 on December 21, 2016
 * Last Legacy release: 2.2.32 on January 13, 2017

## Issues/Bugs:

 * 73 issues created (up 21% since last period)
 * 23 issues closed (down -66% since last period)
 *  7 people closing issues, 65 creating them.
 * Around 70% of all tickets are made by newcomers, showing a steady
   interest in the project new people (was 68% in the past cycle).

   Looking over a two year timespan, the ticket activity seems to have
   been holding steady, neither increasing nor decreasing greatly.

## Mailing lists:

   Discounting commits and bugs (see above), we had around 1,000 emails
   sent to our dev and users list this past cycle, with around 250
   distinct topics being discussed. While this is a decrease from the
   previous cycle, that same cycle was a 5 year high for the project.

27 Feb 2017 [Eric Covener / Rich]

## Description:

   The Apache HTTP Server Project develops and maintains an
   open-source HTTP server for modern operating systems.

## Issues:

   There are no issues requiring board attention at this time.

## Activity:

 * Development pace is slow with a few notable exceptions
   (HTTP/2, security investigations)

## Health report:

 * Overall things are healthy.  Routine tickets/emails
   are being addressed in a timely manner.

 * The backlog of aged security issues has been mostly cleared out with last
   reporting periods releases.

## PMC changes:

 * Daniel Ruggeri was added to the PMC on Wed Dec 28 2016
 * Jacob Champion was added to the PMC on Wed Dec 28 2016
 * Lucien Gentis was added to the PMC on Fri Jan 06 2017
 * Luca Toscano was added to the PMC on Sat Jan 07 2017

 * Currently 48 PMC members.

## Committer base changes:

 * No new committers this period
 * * Last new committer: Evgeny Kotkov was added on Tue Sep 20 2016
 * Currently 116 committers.

## Releases:

 * Stable release: 2.4.25 on December 21, 2016
 * Legacy release: 2.2.32 on January 13, 2017

16 Nov 2016 [Eric Covener / Chris]

## Description:

   The Apache HTTP Server Project develops and maintains an
   open-source HTTP server for modern operating systems.

## Issues:

   There are no issues requiring board attention at this time.

## Activity:

 * Development pace is slow with a few notable exceptions
   (Strict HTTP compliance, http2, redis socache, security investigations)

## Health report:

 * Overall things are healthy.  Routine tickets/emails
   are being addressed in a timely manner.

 * Some security work with backwards-compatibility complications has
   been proceeding more slowly then we'd normally like. This work and
   the queue of more straightforward issues blocked behind it has in
   some sense also delayed new releases.

## PMC changes:

 * No PMC change this period
 ** Last PMC addition: Jean-Frederic Clere was added to the PMC on
    Tue Nov 24 2015
 * Currently 44 PMC members.

## Committer base changes:

 * 1 committer added this period
 * * Evgeny Kotkov was added on Tue Sep 20 2016
 * Currently 116 committers.

## Releases:

 * No releases this reporting period.
 ** Last stable release was 2.4.23 on July 05, 2016
 ** Last legacy release was 2.2.31 on July 16, 2015
    (EOL announced during 2.4.23)

17 Aug 2016 [Eric Covener / Greg]

## Description:

   The Apache HTTP Server Project develops and maintains an
   open-source HTTP server for modern operating systems.

## Issues:

   There are no issues requiring board attention at this time.

## Activity:

 - Recent focus has been on the backlog of security reports.

## Health report:

 - Relatively quiet summer, but there is activity from several
   committers and releases are on the horizon.
 - EOL timeline for 2.2.x series was announced during 2.4.23 release.

## PMC changes:

 - Currently 44 PMC members.
 - No PMC changes.  Jean-Frederic Clere was added to the PMC on Tue Nov 24 2015 (last PMC addition)

## Committer base changes:

 - Currently 116 committers.
 - Jacob Champion was added on Thu Jul 07 2016

## Releases:

 - 2.4.23 was released on July 05, 2016
 - 2.2.x: no releases
   Last Release: 2.2.31 was released July 16, 2015
   (EOL announced during 2.4.23)

18 May 2016 [Eric Covener / Greg]

## Description:

   The Apache HTTP Server Project develops and maintains an
   open-source HTTP server for modern operating systems.

## Issues:

   There are no issues requiring board attention at this time.

## Activity:

 - mod_h2 (HTTP/2 implementation) is under active development and
   garnering significant user feedback.  Thank you Steffen!

 - Docs: There has been some renewed activity/interest on docs
   content and trying to reboot our translated docs with machine
   translations.

## Health report:

 - mod_h2 and mod_proxy are under recent active development, most
   everything else is maintenance-only.

 - Bug reports and mails being addressed timely by the project.

## PMC changes:

 - Currently 44 PMC members.
 - No PMC changes.  Jean-Frederic Clere was added to the PMC on Tue Nov
   24 2015 (last PMC addition)

## Committer base changes:

 - Currently 114 committers.
 - Luis Gil was added as a committer on Thu Apr 21 2016 (last committer
   addition)

## Releases:

 - 2.4.20 was released on April 11, 2016.
 - 2.2.31 was released July 16, 2015 (stable, but not EOL)

## Bugzilla Statistics:

 - 73 Bugzilla tickets created in the last 3 months
 - 60 Bugzilla tickets resolved in the last 3 months

 Some stalled issues, but most valid bugs getting attention.

17 Feb 2016 [Eric Covener / Shane]

## Description:

   The Apache HTTP Server Project develops and maintains an
   open-source HTTP server for modern operating systems.

## Issues:

   There are no issues requiring board attention at this time.

## Activity:

 - mod_h2 (HTTP/2 implementation) is under active development and
   garnering significant user feedback.  Thank you Steffen!

 - mod_proxy: Jim added some very cool proxy health check support,
   and reverse proxy docs, to trunk. Thanks as always to Jim!

 - Docs: Our newest committer has been aggressively going through
   bugzilla and improving some important docs.  Thanks Luca!

 - Work to support OpenSSL 1.1.0 in trunk was started to enable
   feedback to the new API before the first OpenSSL 1.1.0 beta.
   Thanks Rainer!

## Health report:

 - mod_proxy joins mod_h2 in the active development category,
   most other areas still see maitnenance-only.

 - users@ down marginally, dev@ up marginally

## PMC changes:

 - Currently 44 PMC members.
 - Jean-Frederic Clere was added to the PMC on Tue Nov 24 2015 (last PMC
   addition)

## Committer base changes:

 - Currently 114 committers.
 - Luca Toscano was added as a committer on Fri Jan 22 2016 (last committer
   addition)

## Releases:

 - 2.4.18 was released on December 14, 2015.

## Bugzilla Statistics:

 - 70 Bugzilla tickets created in the last 3 months
 - 44 Bugzilla tickets resolved in the last 3 months

18 Nov 2015 [Eric Covener / Shane]

## Description:

   The Apache HTTP Server Project develops and maintains an
   open-source HTTP server for modern operating systems.

## Issues:

   There are no issues requiring board attention at this time.

## Activity:

 - mod_h2 (HTTP/2 implementation) was delivered in the stable 2.4.x line
   for the first time in 2.4.17.

 - 2.4.18 anticipated around EOY to pick up mod_h2 improvements and a
   handful of small compatibility issues with 2.4.17.

## Health report:

 - mod_h2 aside, the trend of the last few years of relatively low development
   activity continues.  Maintenance activities continue with bugs and
   questions mostly addressed in a timely fashion, but not much in the way of
   new major releases/functionality on the horizon.

 - Some renewed interest/discussion in extending async processing in the
   core / filters.

 - users@ and dev@ up marginally over the reporting period.

## PMC changes:

 - Currently 43 PMC members.
 - No new PMC members added in the last 3 months
 - Last PMC addition was Stefan Eissing on Mon Jul 20 2015

## Committer base changes:

 - Currently 113 committers.
 - No new committers added in the last 3 months
 - Last committer addition was Edward Lu at Tue Jul 07 2015

## Releases:

 - 2.4.17 was released on Tue Oct 13 2015

## Bugzilla Statistics:

 - 63 Bugzilla tickets created in the last 3 months
 - 44 Bugzilla tickets resolved in the last 3 months

19 Aug 2015 [Eric Covener / Greg]

## Description:

The Apache HTTP Server Project develops and maintains an
open-source HTTP server for modern operating systems.


## Activity:

 -  mod_h2 (an implementation of HTTP/2) has been added to trunk
    and activity has begun to better integrate it.

## Health report:

 - Maintenance activities are proceeding in a healthy way
 - Little forward development activity beyond mod_h2 integration

## Issues:

 - No issues requiring the boards attention

## LDAP committee group/Committership changes:

 - Stefan Eissing was added to the LDAP committee group on Tue Jul 21 2015
 - New commmitters:
    - Stefan Eissing was added as a committer on Mon Jul 06 2015
    - Edward Lu was added as a committer on Tue Jul 07 2015

## Releases:

 - 2.4.16 was released on Wed Jul 15 2015
 - 2.2.31 was released on Thu Jul 16 2015
 - (2.0.x is EOL)

20 May 2015 [Eric Covener / Bertrand]

Report from the Apache HTTP Server project [Eric Covener]

## Description:

 The Apache HTTP Server Project develops and maintains an
 open-source HTTP server for modern operating systems.

## Activity:

  Overall project activity is low, with various fixes being
  made on maintenance releases but very little forward development.

  Third-party work on an HTTP/2 module was discussed more this
  reporting period, with some enablement work for ALPN revived
  in mod_ssl.

  No security issues have required new releases, so patches have
  collected a little longer than normal in the stable releases.

## Issues:

  There are no issues requiring board attention at this time.

## PMC/Committership changes:

 - Currently 112 committers and 43 PMC members in the project.
 - Christophe Jaillet was added to the PMC on Mon Mar 09 2015
 - Stefan Sperling was added as a committer on Fri Apr 17 2015

## Releases:

 - Last 2.4.x release was 2.4.12 on Jan 26 2015
 - Last 2.2.x release was 2.2.29 on September 3 2014

18 Feb 2015 [Eric Covener / Bertrand]

Project Description
===================
The Apache HTTP Server Project develops and maintains an
open-source HTTP server for modern operating systems.

Issues for the Board
====================
There are no outstanding issues that require the board's attention.

Releases
========

 * 2.4.12 : Released on January 29, 2014

 Older branches last release:

   * 2.2.x:       2.2.29 released September 3 2014
   * 2.0.x(EOL)   2.0.65 released July 9, 2013

Bug Activity
============

 * 164 bugs worked on, 60 new, 71 closed/fixed

Community
=====================

 * Yann Ylavic was added to the PMC.
 * Date of last new committer : October 2014 (Steve Hay)
 * Date of last new PMC member: February 2015 (Yann Ylavic)

 * Overall development activity continues to slow, with the focus on
   security fixes andthe maintenance of 2.4.x which is making its way
   into various httpd distributions.

 * Thanks to Rich Bowen for organizing a httpd/TS/Tomcat track for ACNA 2015.

19 Nov 2014

Change the Apache HTTP Server Project Management Committee

 WHEREAS, the Project Management Committee (PMC) of the Apache HTTP
 Server project has chosen by vote to recommend the removal of the
 persons listed immediately below from the PMC due to extended
 inactivity in the project and lack of a positive response to remain
 an active member of the PMC:

 Aaron Bannert              <aaron@apache.org>
 Ben Laurie                 <ben@apache.org>
 Chuck Murcko               <chuck@apache.org>
 Doug MacEachern            <dougm@apache.org>
 Erik Abele                 <erikabele@apache.org>
 Joshua Slive               <slive@apache.org>
 Ken Coar                   <coar@apache.org>
 Manoj Kasichainula         <manoj@apache.org>
 Martin Kraemer             <martin@apache.org>
 Maxime Petazzoni           <maxime@apache.org>
 Ralf S. Engelschall        <rse@apache.org>
 Sander Striker             <striker@apache.org>
 Wilfredo Sanchez          <wsanchez@apache.org>
 Yoshiki Hayashi            <yoshiki@apache.org>
 Rasmus Lerdorf

 NOW, THEREFORE, BE IT RESOLVED, that the persons listed immediately
 above are relieved and discharged from the duties and responsibilities
 of the Apache HTTP Server PMC but are welcome to return upon their
 request.

 Special Order 7D, Change the Apache HTTP Server Project
 Management Committee, was approved by Unanimous Vote of the directors
 present.

19 Nov 2014 [Eric Covener / Brett]

Project Description
===================
The Apache HTTP Server Project develops and maintains an
open-source HTTP server for modern operating systems.

Issues for the Board
====================
There are no outstanding issues that require the board's attention.

Releases
========
We've had one maintenance release of our older of two
branches (2.2.x) to roll up security fixes
released this year in our current release (2.4.x)

* 2.2.29 : Released on September 9, 2014

Bug reports
===========
* Encountered 51 bugs with activity, 26 new, 20 closed/fixed
* Previously:
 Encountered 143 bugs with activity, 57 new, 40 closed/fixed)

Community
=====================
* Steve Hay (mod_perl PMC) was added as a committer.

* We have brought back a resolution for PMC cleanup from
our previous report with some more detail as requested.

* Date of last new committer : October 2014 (Steve Hay)
* Date of last new PMC member: July 2013 (Ben Reser)

* Overall development activity continues to slow, with the focus on
the maintenance of 2.4.x which is making its way into various
httpd distributions.

* Jeff Trawick has tried to bootstrap some discussions of promoting
HTTPD 2.4, but nothing that has caught on yet.

20 Aug 2014

Change the Apache HTTP Server Project Management Committee

 WHEREAS, the Project Management Committee (PMC) of the Apache HTTP
 Server project has chosen by vote to recommend the removal of the
 persons listed immediately below from the PMC:

 Aaron Bannert              <aaro...@apache.org>
 Ben Laurie                 <be.....@apache.org>
 Chuck Murcko               <chuc...@apache.org>
 Doug MacEachern            <doug...@apache.org>
 Erik Abele                 <erik...@apache.org>
 Joshua Slive (slive)       <sliv...@apache.org>
 Ken Coar (coar)            <coa....@apache.org>
 Manoj Kasichainula         <mano...@apache.org>
 Martin Kraemer             <mart...@apache.org>
 Maxime Petazzoni (maxime)  <maxi...@apache.org>
 Ralf S. Engelschall        <rs.....@apache.org>
 Sander Striker             <stri...@apache.org>
 Wilfredo Sanchez           <wsan...@apache.org>
 Yoshiki Hayashi            <yosh...@apache.org>
 Rasmus Lerdorf             <rasm...@lerdorf.com>

 NOW, THEREFORE, BE IT RESOLVED, that the persons listed immediately
 above are relieved and discharged from the duties and responsibilities
 of the Apache HTTP Server PMC.

 Special Order 7A, Change the Apache HTTP Server Project
 Management Committee, was tabled.

20 Aug 2014 [Eric Covener / Ross]

Project Description
===================
The Apache HTTP Server Project develops and maintains an
open-source HTTP server for modern operating systems.

Issues for the Board
====================
There are no outstanding issues that require the board's attention.

Releases
========
We've had one maintenance release of our latest branch in the current
reporting period. The only other in-service release,
2.2.x, is anticipated to be released soon.

* 2.4.10 : Released on July 21, 2014

Bug reports
===========

Encountered 143 bugs, 57 new and 40 closed/fixed

Community
=====================

* Several PMC members volunteered to go emeritus this period:
 orlikowski,nlehuen,marc,grisha,jgallacher

* The PMC voted to move a number of inactive members to emeritus
 status. Full details are in a resolution in the same agenda as
 this report

* No other committer or PMC roster changes this reporting period.

* Date of last new committer : February 2014 (Yann Ylavic)

* Date of last new PMC member: July 2013 (Ben Reser)

Overall development activity continues to slow, with the focus on
the maintenance of 2.4.x which is making its way into various
httpd distributions.

21 May 2014 [Eric Covener / Shane]

Project Description
===================
The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.

Issues for the Board
====================
There are no outstanding issues that require the board's attention.

Releases
========
We've had one maintenance release of each in-service stream
sinc the last reporting period:

* 2.4.9   : Tagged on March 13, 2014.
* 2.2.27  : Released March 26, 2014

Bug reports
===========

241 bugs had activity, 85 new, 56 resolved

Community
=====================
No committer or PMC roster changes this reporting period.

* Date of last new committer : February 2014 (Yann Ylavic)
* Date of last new PMC member: July 2013 (Ben Reser)

Overall development activity is steady, but slow, with the focus on
the maintenance of 2.4.x which is making its way into various
httpd distributions.

19 Feb 2014 [Eric Covener / Jim]

Project Description
===================
The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.

Issues for the Board
====================
There are no outstanding issues that require the board's attention.

Releases
========
We've had one maintenance release of each in-service stream
since the last reporting period:

* 2.2.26 was released Nov 18, 2013
* 2.4.7 was released Nov 25, 2013

Bug reports
===========
185 bugs had activity, 81 new, 90 resolved.

Community
=====================
Yann Ylavic and Mike Mrumph were accepted as
new committers.

IRC and mailing list activity is steady.

Development activity is relatively low.  There has been a
hint of interest in SPDY and HTTP/2.0 and how we could
adjust our architecture.

A few interesting netcraft posts came out in this period,
but not much community discussion on them yet.

20 Nov 2013 [Eric Covener / Doug]

Project Description
===================
The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.

Issues for the Board
====================
There are no outstanding issues that require the board's attention.

Releases
========
No new releases since last board report.
Last release was httpd 2.4.6 on July 22nd, 2013.

Commit activity is steady, albeit not as heavy as earlier in the year,
when 2.4.1 was released as the first in the 2.4 branch.

We expect httpd 2.2.26 and 2.4.7 to be T&R'ed in November.

Bug reports
===========
153 different bugs were discussed, 61 new bugs created,
34 were closed/fixed.

Community
=====================
Ubuntu 13.10 released with Apache HTTP Server 2.4.x.

There are two recently publicised "bounty" programs that include
Apache HTTP Server. Both are very hands-off wrt
project involvement.  The PMC is dicussing procedures/policies.

Ben Reser was added to the PMC on September 8th, 2013.
Jan Kaluza was added as a committer on September 16th, 2013.

IRC and mailing list activity are steady.

21 Aug 2013 [Eric Covener / Shane]

Project Description
===================
The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.


Issues for the Board
====================
There are no outstanding issues that require the board's attention.


Releases
========
httpd 2.4.6 was released on July 22nd, 2.4.5 was tagged but not released.

httpd 2.2.25 was released on July 9th.

httpd 2.0.x was released and officially retired on July 9th.


Bug reports
===========
Bug reporting and fixing is going at a steady pace with between a half
and one  new ticket being filed and fixed every day (77 new
and 53 closed/fixed).

A total of 167 bugs have been discussed via Bugzilla within the last quarter.


Community
=====================
Ben Reser was added as committer on July 28th. No new PMC members has been
added, putting the last addition to the PMC at December, 2012.

IRC and mailing list activity are steady

15 May 2013 [Eric Covener / Doug]

Project Description
===================
The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.


Issues for the Board
====================
There are no outstanding issues that require the board's attention.


Releases
========
httpd 2.4.4 was released on February 25th, just before ApacheCon North America,
which made for interesting new things to talk about at the conference.

httpd 2.2.24 was released on February 26th.

httpd 2.0.x has not seen a release since late 2010. It is likely that the next release
will be accompanied by an EOL declaration.


Bug reports
===========
Bug reporting and fixing is going at a steady pace with between a half and one
new ticket being filed and fixed every day (68 new tickets versus 63 closed).
A total of 193 bugs have been discussed via Bugzilla within the last quarter.


Community
=====================
There have been no new committers or PMC members since the last report, putting
the latest addition of a committer at January, 2013 and the last addition to the
PMC at December, 2012.

IRC and mailing list activity are steady

The online commenting system embedded in the manual has proved quite useful
in lowering the bar for feedback.

A revamped modules.apache.org is operational.

20 Feb 2013 [Eric Covener / Bertrand]

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.

No major issues requiring the Board's attention.

== Project Status ==

No releases during this reporting period, but a 2.4.x release is
anticipated prior to ACNA (thanks Jim). There has been a flurry of
backport activity from trunk in anticipation.

2.0.x and older releases see almost no activity.

mod_macro was IP cleared and rolled into trunk.

== Community ==

IRC and users@ activity has been steady. Bugzilla and development lists
has been relativey slow.

Fabien Coelho joined us as a committer.
Gregg Smith and Daniel Gruno joined the PMC.

Apache HTTP Server has a number of talks/tutorials planned for ACNA.

21 Nov 2012 [Eric Covener / Jim]

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.

No major issues requiring the Board's attention.

== Project Status ==

We produced two bugfix releases in the beginning of the reporting period,
2.2.23 and 2.4.3. Our 2.0.x stream has seen some renewed attention in
anticipation of a "final" security roll-up release and an announcement
of EOL.

More bugfix releases around EOY are anticipated.

== Community ==

IRC and users@ activity has been steady. Bugzilla and development lists
has been relatively slow.

Fabien Coelho has initiated discussions about rolling his popular out-of-tree
module mod_macro into the core distribution.

Apache HTTP Server was well represented at ACEU with Jeff, Stefan, Daniel,
Graham, Igor, and Rainer attending/hacking and 5 well attended Web
Infrastructure track talks.

Long-time bugzilla contributor Christophe Jaillet was added as a
committer. No changes were made to the PMC roster.

15 Aug 2012 [Eric Covener / Jim]

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.

No major issues requiring the Board's attention.

== Project Status ==

There has been no release activity during this reporting period,
heavily due to the continued quiet CVE front.  There has been
increased backport activity to our recently released 2.4.x
branch in anticipation of an August release (thanks as always
to Jim)

== Community ==
No change to PMC roster and no new committers.

Activity on mailing lists and bugzilla is steady.

The project has added a comments system (thanks to
Daniel Gruno) to the httpd manual which has elicited
some nice feedback.

16 May 2012 [Eric Covener / Jim]

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.

No major issues requiring the Board's attention.

== Project Status ==

The project released versions 2.4.1 and 2.4.2 during this reporting period
(many thanks to Jim). A new version of mod_fcgid (2.3.7) was also released.

We've had a mercifully slow quarter for CVEs, with no 2.2.x releases
required.

There are ongoing discussions of using the CMS for our site and/or
documentation that various volunteers are working on.

== Community ==

We added Daniel Gruno (humbedooh) as a committer this period, with no
changes to the PMC roster.

As we had discussed informally for a long time, our SVN authorization
was flattened out to not differentiate between different kinds
of committers.

We are also enabling comments (via Disqus) on the httpd manual,
with a pilot ongoing with a single trunk topic. This is hoped to
help with contributions/bug reports on the documentation.

Mailing list, bugzilla, and IRC traffic is steady.

15 Feb 2012 [Eric Covener / Bertrand]

Status report for the Apache HTTP Server project - February 2012

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.

No major issues requiring the Board's attention.

== Project Status ==

The project continues to make progress towards a GA release of httpd
2.4.x, including 2.3.16 (beta) and an ultimately unreleased 2.4.0 which
lead to additional scrutiny, testing, and fixes.

The project released 2.2.22, containing a roll-up of a number of
relatively low severity vulnerabilities.  A similar, likely final,
release of 2.0.x is also in the works.

Our bugzilla backlog is slowly climbing, approximately 850 non-enhancement
issues.

== Community ==

Kaspar Brand and Stephen Henson were added to the PMC roster in this
period. No new committers.

Mailing list, bugzilla, and IRC traffic is steady, with a bubble
around 2.4 discussions and work.

16 Nov 2011 [Eric Covener / Jim]

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems.

No major issues requiring the Board's attention.

== Project Status ==

The project continues to make progress towards a GA release of httpd
2.4.0,releasing one beta, with another up for vote during ApacheCon.  We now
have a 2.4 branch in subversion.  Two security releases (2.2.20 and 2.2.21)
were released during this reporting period.  We are moving for an additional 
security release of 2.0.x in the coming weeks which will likely accompany a
formal statement for deprecation and EOL of 2.0.x.  

We have approximately 805 non-enhancement bugs.  About 10% are
FixedInTrunk.

== Community ==
Dan Poirier was removed from the PMC roster at his own request. No
other PMC roster changes this period.  

No new committers in this period.

Mailing list, bugzilla, and IRC traffic is steady, with a bubble
around ApacheCon and our 2.4 preparations.

17 Aug 2011

Change the Apache HTTP Server Project Chair

    WHEREAS, the Board of Directors heretofore appointed William A.
    Rowe, Jr. to the office of Vice President, Apache HTTP Server, and

    WHEREAS, the Board of Directors is in receipt of the resignation
    of William A. Rowe, Jr. from the office of Vice President, Apache
    HTTP Server, and

    WHEREAS, the Project Management Committee of the Apache HTTP Server
    project has chosen by acclamation to recommend Eric Covener as the
    Successor to the post;

    NOW, THEREFORE, BE IT RESOLVED, that William A. Rowe, Jr. is
    relieved and discharged from the duties and responsibilities of
    the office of Vice President, Apache HTTP Server, and

    BE IT FURTHER RESOLVED, that Eric Covener be and hereby is
    appointed to the office of Vice President, Apache HTTP Server,
    to serve in accordance with and subject to the direction of the
    Board of Directors and the Bylaws of the Foundation until
    death, resignation, retirement, removal or disqualification, or
    until a successor is appointed.

 Resolution 7B passed by unanimous roll call vote.

17 Aug 2011 [William A. Rowe Jr. / Doug]

No major issues requiring the Board's attention.

== Project Status ==
The project continues to make progress towards a GA release of httpd 2.4.0,
releasing two betas (2.3.13, 2.3.14) since our last report in May.

A single release of our 2.2 branch, 2.2.19 was completed just after our last
report primarily to pick up an updated APR for CVE-2011-1928.

The board was engaged on July 7 to help resolve a disagreement over whether
some decisions and interaction between APR and HTTPD projects was being
properly handled, and helping to clarify what constitutes a technical veto.

At the suggestion of Roy, this was brought back to the public development list
where the conclusion was that the veto stood and that the HTTPD change was to
be reverted.

 Message-Id: <E2B2F314-D8A9-4C40-88FE-08C838224143@sharp.fm>
 Message-ID: <4E15E51E.4090700@rowe-clan.net>

The disputed change has since been reverted in httpd trunk.

Traffic on users/development mailing list, and bugzilla, has been steady.  Our
bugzilla backlog remains challenging with 989 open bugs.  288 are enhancements,
and 228 are FixedIntrunk.

== Community ==

Gregg L Smith, Daniel Ruggeri, and Kaspar Brand were added as committers.
No change to the PMC roster.

William A Rowe Jr has tendered his resignation as chair to the committee,
and sought nominations to continue rotation of the httpd committee chair.
Eric Covener was nominated and elected by acclamation by the committee.
A chair change resolution has been offered for the board's consideration.

19 May 2011 [William A. Rowe Jr. / Noirin]

 The project continues to make steady progress towards a beta and subsequent
 GA release of the httpd 2.4.0 code.  httpd 2.3.11-beta was released in
 March, and httpd-2.2.18 was released in May, while 2.3.12-beta is tagged and
 currently in the release vote process.

 Dan Poirier was added to the committee roster.  No other changes to the
 active committers or committee roster.

Greg notes that "committee roster" should be "PMC".

16 Feb 2011 [William A. Rowe Jr. / Greg]

The project continues to make steady progress towards a beta and subsequent
GA release of the httpd 2.4.0 code.  httpd 2.3.9 was tagged in November and
then scuttled after broad review, while httpd 2.3.10-alpha was released 12/23,
and another incremental release is anticipated very shortly.  The subproject
apreq library update 2-2.13 was also released on 12/3.

Igor Galić was added to the committee roster.  No other changes to committers
or committee roster.

After very brief unanimous decision on the dev list, all 1.3 artifacts are
being relegated to archive.a.o and removed from the active httpd.a.o site.
May they rest in peace with the Foundation's thanks to the many contributors
and authors of this historic first Apache Software Foundation code base.

17 Nov 2010 [William A. Rowe Jr. / Roy]

Community
---------

Ranier Jung was added to the PMC roster.  Sander Temme organized a track
of httpd content and a well attended httpd meetup on various topics related
to the state of httpd at this past ApacheCon.  A large majority of active
httpd committers were in attendance.

Branding
--------

The http://httpd.apache.org/ site should now entirely conform to the current
guidelines.  Corrections are welcome to the PMC list.

Subprojects
-----------

httpd activity has picked up during the ApacheCon face time.  The project
is very nearly at a 2.3.9 tag on the development branch, and there has been
a great deal of activity in the docs@ effort.  2.2.17 and 2.0.64 were both
released since the last report.  This is registered as HTTP Server and as
httpd at apache-extras.

mod_fcgid was released the first week of November on a short voting cycle,
in order to put a security fix out to those administrators who allow the
authoring of fastcgi apps by untrusted users.  This is registered at
apache-extras.

mod_ftp was tagged; after one month there are insufficient votes for a new
release.  Interest by at least three PMC members will be evaluated in this
coming period.  This is registered at apache-extras.

libapreq has reemerged from its cocoon and is actively soliciting the correct
license assignment for outside world/vendor patches, in anticipation of
a new release candidate.  This is now registered as both apreq and libapreq
at apache-extras.

mod_mbox is enjoying some resurgence of patch activity.  This is registered
at apache-extras.

Three http://httpd.apache.org/modules/ references, to mod_pop3, mod_snmpd
and mod_arm4 appear to be abandoned; these were never released, and are not
registered at apache-extras as it appears that the authors or any champions
could consider moving the code there.  Over the coming period the project
will consider their fate (to the attic, or to apache-extras if they enjoy
even one advocate).

mod_python references and dist files have been removed, with a single pointer
remaining to the attic.  Releases persist at http://archive.apache.org/ and
this has not been registered at apache-extras, to allow fewer developers to
restart this effort in that context.

22 Sep 2010 [William A. Rowe Jr. / Shane]

Development
===========
2.3.6-alpha was released in June, followed by 2.3.8-alpha in August, which
represent trunk activity.  2.2.16 was released in July, corresponding to
the current stable branch.

Community
=========
Stefan Fritsch was added to the PMC.  No other changes to commit access or
PMC roster in this period.  The dev, users and docs lists remain active, while
apreq dev is largely quiet at this time.  modules-dev continues to provide
an active resource for non-ASF httpd module developers.

Security
========
The project continues to address issues raised, both 2.2.16 and 2.3.8-alpha
addressed security concerns under specific configurations and patches to 2.0
were published.  Known bugs and faux-vulnerability reports continue to be
referred to the dev@ list for open discussion, with one notable exception;

One open issue was deflected to the user agent developers, as the httpd security
team determined that the origin of the flaw was not in the server's behavior,
and the project awaits disclosure by the appropriate authors before discussing
additional resolutions publicly.

There are no board level issues at this time.

18 Aug 2010 [William A. Rowe Jr. / Jim]

Report postponed to next meeting.

19 May 2010 [William A. Rowe Jr. / Brett]

Not much has transpired since the March (belated February) report.  The
current release remains 2.2.15.  Further progress towards a legacy 2.0.64
has been made, which will likely happen due to the various security patches
that are currently offered.  The beta of trunk is still 2.3.5.  Dr. Stephen
Henson was granted committership, while there has been no change to the PMC
roster.

Approximately 10 httpd committers attended the Wicklow gathering, although
only a handful were primarily focused on the httpd project for this face
time, with many other projects enjoying exciting project milestones.
Several committers briefed one another on the state of server push protocols,
and the hybi WG effort in particular.  Some resulting form of bidirectional
HTTP support will likely influence future HTTP Server request/response
processing models.  Several other brainstorming discussions erupted, and
stale issues revisited, which have resulted in dev list proposals from the
respective committers and various bursts of development and documentation
activities.

Sander Temme orchestrated the talk selection for HTTP Server Project
presence in Atlanta this fall, leveraging the voter tool to poll the PMC on
the selected talks.

17 Mar 2010 [William A. Rowe Jr. / Justin]

The most significant update at the Apache HTTP Server Project, of interest
to the entire foundation, is the careful reconsideration of all web content
and documentation around the word "Apache".  The discussion of the best
naming convention continues at the docs@ list.

Where appropriate, the documentation is being restructured to use either the
title "Apache HTTP Server" (not 'web server' etc), or short name "httpd", as
appropriate.  The hundreds-to-thousands of spurious references to "Apache"
are being reevaluated and in most cases, refactored away.  This process began
based on recent members and board discussion of the continuing name confusion
around the "Apache" name, and was heralded in the 2.2.15 release
announcement.  We hope to have a further update in May.

Since the November report, there were three tags against trunk (2.3-dev)
resulting in the first alpha 2.3.5 release from the project of this future
httpd. The project also approved legacy releases of 1.3 and 2.2.  There also
appears to be some interest based on recent commits of releasing a 2.0
security update.

The 1.3.42 release was declared final and decisive by the httpd PMC, and is
not expected to be refreshed again.  The announcement was carefully worded
to reflect this situation.  Some security updates with critical severity will
continue to be published as patches to the 1.3 tree for the foreseeable
future.

On the community front, the project added one docs committer, Igor Galić.
Several PMC nominations were offered which attracted interest but no measure
of consensus.  10 years into this ASF project, it has become clear that the
PMC roster is far to large for a quorum, given absenteeism within this
committee.

The project will review the current private@ subscriptions, invite all absent
PMC members to rejoin (with multiple attempts) and after all have rejoined
who wish to remain PMC members, will submit to this board the list of
declines and non-responses.  For precedent, the project will follow the same
methodology as was employed at the Apache APR Project, and appreciates the
support of the board in this endeavor.  Past PMC members will be identified
as Emeritus and invited to rejoin active participation as their schedules and
interest permit.

The Apache [incubating] TrafficServer and HTTP Project meetup at Google this
past January was demonstrably successful, but much more so for TrafficServer,
who had packed well more than 80% of the room.  The half dozen httpd folks in
attendance enjoyed learning of the direction of ATS and commiserated with the
very similar problem sets that TS is currently attacking, and addressed
several HTTP Project issues during this face to face opportunity.  The Apache
HTTP Project extends its thanks to Google for making this space available,
and to Yahoo as well for its offer of space for this gathering.

Our thanks go out to Paul Querna and the rest of the infrastructure team who
have worked on the svnpubsub capability and our dist.apache.org server
facilities.  The project is currently updating our internal docs for this
transition, and hope that some of this documentation can be recycled to other
adopters such as APR, Incubator's TrafficServer and many more.  This service
should prove a tremendous asset to the Foundation's projects.

My personal apologies for the delay in delivering this for the February
meeting. The project will resume the normal reporting schedule with the May
report.

17 Feb 2010 [William A. Rowe Jr. / Greg]

No report received.

Greg to pursue a report.

18 Nov 2009 [William A. Rowe Jr. / Greg]

httpd 2.2.14 was released this past quarter, and a patch was published
to address the ssl renegotiation vulnerability.  Further patches and the
next release depend on the OpenSSL project's decisions and next release.
Additional module subprojects releases mod_fcgid 2.3.1-beta, 2.3.4 GA and
mod_ftp 0.9.6-beta all moved these efforts along.

The httpd project has resumed publishing 2.3 alpha release candidates
from trunk.  Although problems have been reported, corrections to these
issues are moving ahead.

The two day httpd.conf track at ApacheCon was well attended.  There was
a great deal of Hackathon discussion which has spawned list discussion
about what comes after 2.4 (the conclusion of 2.3-dev), with a diverse
set of input into that discussion.

Stefan Fritsch (sf) and Ryan Pan (pqf) were both added as committers to
httpd.  There were no changes to the PMC in this timeframe.

There are no board level issues at this time.

Board to discuss on the mailing list whether "monthly" needs to be aligned with board meetings or can be up to committees to decide.

19 Aug 2009 [William A. Rowe Jr. / Brett]

Over the past three months, Roy Fielding stepped down as the chair of the
project to concentrate on board-level issues.  The committee thanks him
for his service as Project Chairman, again, for these past four years.
William Rowe was appointed to serve in this capacity at the July Board
meeting.

Stas Bekman and David Welton both requested to withdraw to an emeritus
status from the PMC; no new PMC members were added in this period.
The committee added Dan Poirier (poirier) as a committer to httpd.

Following seven months without release activity, httpd 2.2.12 was
released on 7/28 for security fixes, bug fixes and new features
including the first to support SNI (server name identification) for
mod_ssl, permitting named virtual https: hosts.

An httpd release 2.2.13 followed on 8/8 due to an apr flaw that would
conceivably elevate the risks for any third party module vulnerability
(which might or might not exist) due to allocating memory based on
untrusted user input.

There was no release activity on older branches, the current development
trunk, or the module subprojects this quarter.  Updating snapshots to
the current branches was discussed, but no action was taken.

The Apache HTTP Project is represented at ApacheCon 2009 in November
with two days of content organized by Rich Bowen and Noirin Plunket
and sponsored by Thawte, and a two day tutorial by Rich Bowen and Jim
Jagielski.  The project's modules make an additional appearance on the
Tomcat track.  The potential for hackathon or meetup activities will be
discussed on the dev or user lists as appropriate.

The project noted a revival of interest in resource exhaustion attacks
based on the "slowloris" tool, reported to httpd security list and posted
on bugtraq, etc.  Discussion of this class of issues was moved to the
dev@ list for discussion, due to their well-known nature (since the 90's).

HTTP Server Project is in-sync with the new subversion structure for
LDAP migration, with the httpd-pmc list in-sync with committee-info.txt.

There are no board level issues at this time.

20 May 2009 [Roy T. Fielding / Jim]

The Apache HTTP server project seems to have increased activity
over the past three months, especially during ApacheCon Europe, but
we have surprisingly little to report for it.  We have no board-level
issues at this time.

We have not added any new PMC members or committers.  We have not
approved any httpd releases.  The only release of any kind was the
long-awaited libapreq2-2.12 on March 13.  We have passed the 1000
mark on open bugzilla issues for httpd (1.3 and 2.x combined) with
little fanfare.

The lack of releases seem to be mostly due to the active work on
trunk for a future 2.3.x (very unstable at the moment) and waiting
for APR to release for some changes needed in 2.2.x.

It is good to see enthusiastic users pushed at the dev@ channel.

18 Feb 2009 [Roy T. Fielding / Geir]

Apache HTTP Server Project
Status report for 18 Feb 2009

The Apache HTTP server project has continued to gain steam from
last quarter.  We have no board-level issues at this time.

We have added two httpd committers, Rainer Jung and Takashi Sato,
and three new members of the PMC: Bojan Smojver, Brian McCallister,
and Chris Darroch.

We released httpd 2.2.11 on December 14 and continued maintenance
of that branch will justify another release soon.  Two tags of the
2.3.x (alpha) branch, unreleased, have been good for exposing some
areas in trunk that need to be fixed before the next major release.

The apreq subproject released 1.34 and made some progress on a
candidate for 2.11.

Several httpd modules have been added with the goal of becoming new
features for httpd 2.3.x (alpha):

mod_sed: filter Request/Response bodies through sed
 [Basant Kumar Kukreja]

mod_privileges: make httpd on Solaris privileges-aware and enable
 different virtual hosts to run with different privileges and
 Unix user/group IDs [Nick Kew]

mod_buffer: support buffering of the input and output filter stacks.
 [Graham Leggett]

mod_heartbeat: generate multicast heartbeats to know if a
 server is online. [Paul Querna]

mod_heartmonitor: collect heartbeats and write out a file
 so that other modules can load balance traffic as needed.
 [Paul Querna]

mod_lbmethod_heartbeat: load balance mod_proxy workers based on
 heartbeats. [Paul Querna]

mod_lua: allow in-process request handling using the Lua scripting
 language (was mod_wombat). [Brian McCallister and Paul Querna]

mod_ratelimit: bandwidth rate limiting. [Paul Querna]

mod_fcgid: an implementation of the FastCGI protocol [Ryan Pan]

All of the above modules were written by existing committers or
passed IP-clearance through incubator.

We have not done any releases this quarter for flood, mod_mbox, or
mod_ftp, and no progress has been made on the next generation code
bases for httpd.  Focus has instead moved back to what can be done
within the 2.x code base.  The biggest problem facing the project
is that we have 892 open issues in bugzilla for 2.x without a plan
for closing them out (yet).

19 Nov 2008 [Roy T. Fielding / Sam]

The Apache HTTP server project has picked up some steam this quarter.
We have no board-level issues at this time.

We have added two httpd-docs committers, Vincent Deffontaines and
and Lucien Gentis.  Thom May resigned from the PMC due to lack
of bandwidth.

We released httpd 2.2.10 on October 21 and continued maintenance of
that branch will justify another release soon.  We have not done any
releases this quarter for flood, libapreq, mod_mbox, mod_wombat, or
mod_ftp, and no progress has been made on the next generation code
bases for httpd.  There are, however, release candidates in process
for libapreq (1 and 2) with rumbling sounds of approval in the near
future, significant work on mod_wombat prior/during ApacheCon, and
additions of new features and a new MPM to httpd's trunk.

20 Aug 2008 [Roy T. Fielding / Geir]

The Apache HTTP server project has made small progress through the
lazy northern-hemi-summer quarter without any significant issues.
We have no board-level issues at this time.

We have added two httpd-docs committers, Andrew Ford and Nilgün Belma Bugüner,
and have two more on the way once the paperwork clears.  There have not
been any changes to the PMC.

We released httpd 2.2.9 on June 14 and continued maintenance of that
branch will justify another release soon.  We have not done any releases
this quarter for flood, libapreq, mod_mbox, mod_wombat, or mod_ftp,
and no progress has been made on the next generation code bases
for httpd.  We haven't even had a decent flamewar.

21 May 2008 [Roy T. Fielding / Sam]

The Apache HTTP server project has made progress through the quarter
without any significant issues.  We have no board-level issues at this
time.

We have added two PMC members, Eric Covener and Issac Goldstand, and
three committers: Takashi Sato, Guy Ferraiolo, and Tom Donovan.
Bill Stoddard has gone emeritus to focus on other projects.

We have not done any releases this quarter for httpd, flood,
libapreq, mod_arm4, mod_bw, mod_cache_requester, mod_mbox, mod_pop3,
mod_smtpd, mod_wombat, or mod_ftp.  This was partly the subject of
Roy's tongue-in-cheek keynote at ApacheCon Europe, and there has been a
considerable increase in mailing list activity since then.  However,
the proof is still in the pudding and there's nothing to eat yet.

Due to lack of activity and no releases, mod_arm4, mod_bw,
mod_cache_requester, and mod_smtpd have been demoted to the sandbox.
The mod_domain (nee mod_dns) contribution has been imported to the
sandbox and IP clearance filed with Incubator.

Roy had wished to open up the sandbox to all Apache committers, but
resistance to the idea among the PMC was sufficient to kill it.
Most of the PMC believes that we should lower the bar for commit
access to flood and the sandbox, but there is no path to providing
it other than the usual PMC vote and weeks of delay.

A question was raised about the provenance of the cvt() functionality
included with httpd since the introduction of ap_snprintf in 1997.
It turns out that the original source code is based on a version
published within Unix V7 and licensed in a form compatible with
our license.  Jim has updated the license headers accordingly.

20 Feb 2008 [Roy T. Fielding / J Aaron]

The Apache HTTP server project has made progress through the quarter
without any significant issues.  We have no board-level issues at this
time.

We have added two PMC members, Guenter Knauf and Tony Stevenson, and
three committers: Davi Arnaut, Issac Goldstand, and Niklas Edmundsson.

We released Apache HTTP Server 2.2.8, 2.0.63, and 1.3.41.
We have not done any releases for flood, libapreq, mod_arm4,
mod_bw, mod_cache_requester, mod_mbox, mod_pop3, mod_smtpd,
mod_wombat, or mod_ftp, though the latter has seen quite a bit
of activity from William Rowe Jr. getting it ready for release
testing as well as some new contributors showing interest.

We have decided to accept another protocol implementation in
the form of mod_dns (most likely to be renamed mod_named); a
software grant has been received and the incubator clearance
should be complete before the board meeting.

Justin and Roy participated in the IETF httpbis WG meetings
at the 70th IETF meeting in December.

 http://www.ietf.org/proceedings/07dec/minutes/httpbis.txt

Roy Fielding, Yves Lafon and Julian Reschke will share editorship of
the proposed replacement for RFC 2616, partitioned into seven drafts.
More information on that effort can be found at

 http://www3.tools.ietf.org/wg/httpbis/trac/

Our ECCN classifications are complete and current, though we are
still listed as responsible for Apache mod_python.  That listing
will remain until Apache Quetzalcoatl has a website.

Approved by General Consent.

14 Nov 2007 [Roy T. Fielding / Geir]

There is very little to report on the Apache HTTP Server Project
for this quarter.  We have no board issues at this time.

The only significant development is that the IETF has chartered the
HTTPbis working group to update RFC 2616 and (perhaps) related specs,
for which Roy has submitted a set of drafts to partition the
specification into eight parts.  The WG will meet Dec 3 and 4 in
Vancouver.

Roy expects there to be more interesting things to report over the
next month, so we will report again next month rather than waste
bits on speculation at this point.

Approved by General Consent.

29 Aug 2007 [Roy T. Fielding / Bill]

The Apache HTTP server project has no board-level issues at this time.

Nóirín Plunkett has joined the PMC this quarter.  We have also added
two new docs committers: Vincent Bray and Tony Stevenson.

We successfully kicked mod_python up to the Quetzalcoatl TLP, though
the subversion and lists have yet to be moved due to summer vacations.

In spite of a general increase in activity and a good try at tarballs,
we failed to release any software this quarter.  At least our quality
control process has been tested. ;-)

Approved by General Consent.

16 May 2007 [Roy T. Fielding / Sander]

The Apache HTTP server project has coasted through much of the quarter
without any significant issues.  We have no board-level issues at this
time.

We have added three new committers: Guenter Knauf and Eric Covener
(pending account creation) for httpd, and Brian McCallister for
mod_wombat.

We have not done any releases for httpd, libapreq, mod_python,
mod_ftp, mod_smtp, mod_wombat, or flood.  The next httpd build is
on hold until the next release of APR, though progress is being made
on the large number of open bugzilla issues in the mean time.  The
libapreq team has been testing release candidates for libapreq 1.34,
which will hopefully result in a real release vote some time soon.

mod_ftp has enjoyed new participation by several committers and
commentators since it's graduation, and is working towards an initial
ASF release (apart from the core httpd server distribution).  The
remaining showstopper is the addition of IPv6-necessary features
(EPRT and EPSV).

No progress has been made in moving mod_python to its own TLP,
but the conversation has been restarted on the python-dev mailing
list and hopefully will result in a resolution for next month.

We have completed adoption of the mod_wombat code base and are
making progress in understanding what that means.

No progress has been made on the next generation of httpd,
code-named amsterdam, though more people have begun to add to
the suggestion lists.  We were hoping to have some discussion
during the hackathon at ApacheCon EU 2007, but several key people
were not able to come and the rest were busy planning the conference
or working on poorly-timed coincidental releases for their employers.

Sander expressed some question on what it meant to adopt the mod_wombat codebase prior to it's adoption? Roy answered that the codebase was accepted but it is currently being discussed how best to utilize it.

Approved by General Consent.

21 Feb 2007 [Roy T. Fielding / Justin]

The Apache HTTP server project has coasted through much of the quarter
without any significant issues.  We have no board-level issues at this
time.

No new committers or PMC members have been added to the project,
nor have any of the existing members retired.

We released Apache httpd 2.2.4 in January.  The discussion of what
to do next in a 3.0ish version of the Apache server framework has
begun on the dev list and we have created a new sandbox area to
start playing with new ideas, goals, and requirements.  The first
code name for the sandbox is "amsterdam", mostly because I expect
the first set of ideas/implementations to be central to our
hallway discussions at ApacheCon Europe in May.  There will be
other sandboxes started, as needed, and some of the httpd
experimental branches will be moved to sandboxes.

The mod_python subproject released a beta 3.3.0b in December and a
GA release of 3.3.1 last week.  I introduced the topic of moving
mod_python to its own TLP, but did not garner enough votes to make
it happen this month.  There was a general preference among the
committers to ask for a Python TLP, as opposed to being specific
to mod_python, so that may be a topic of discussion for the next
board meeting if the group can figure out an applicable TLP name.

There were no releases of libapreq, flood, mod_smtpd, or any of
the smaller modules.

The mod_ftp team successfully graduated from the incubator and
have moved under our subversion tree and discussion moved to the
main dev list. All of the committers are already committers on httpd.

The mod_wombat module has been accepted for import as an IP-only
process so that the major contributors can continue work on it
within the Apache community.  Again, all of the contributors are
either httpd committers or ASF members.

Finally, on the legal side, I replaced the (IMO, way too complex)
RDF-based collection of export notice information with a single
Anakia-based XML page on the www site, and then used that data to
update the appropriate BIS notices for the HTTP Server project's
distributed products (aside from mod_ftp, which will have to be
an added notice when it is ready to be considered for product
release).  I am thinking of sending a reminder to the PMCs that
they must look at these export guidelines and produce their own
notices for any product that is designed for use of, or includes,
an encryption interface like SSL, JCE, etc.  Let me know if you
would prefer that such a note come from the board or VP Legal.
<http://www.apache.org/licenses/exports/>.

Cliff indicated that he would follow-up regarding any export control issues.

Approved by General Consent.

15 Nov 2006 [Roy T. Fielding / Greg]

The Apache HTTP server project has had a relatively quiet quarter,
with more time spent on ApacheCon and infrastructure moves than
on the source code.  We have no board-level issues at this time.

In the last three months, we have added Graham Dumpleton to the
PMC and Ian Holsman has resigned to focus on other things.

We started a wiki at <http://wiki.apache.org/httpd/> for documentation
and it seems to have attracted interest in the area of documenting
configuration related instructions for integrating third-party
products with Apache httpd.  We should be encouraging packagers
to use that space as well.

The HTTP server project is currently responsible for

 HTTP Server PMC
    |
    |-- httpd
    |     |-- 1.3.x           (maint-only)
    |     |-- 2.0.x           (maint-only)
    |     |-- 2.2.x           (active, several committers)
    |     |-- trunk           (active, many committers)
    |     `-- win32-msi       (active, one committer)
    |
    |-- httpd-docs            (active, several committers)
    |     |-- httpd-*/docs
    |     |-- httpd.apache.org
    |     `-- wiki.apache.org/httpd/
    |
    |-- apreq                 (active, several committers)
    |
    |-- mod_arm4              (dormant, one committer)
    |
    |-- mod_bw                (dormant, one GSoC)
    |
    |-- mod_cache_requester   (dormant, one GSoC)
    |
    |-- mod_mbox              (active, three committers)
    |
    |-- mod_pop3              (dormant, zero committers)
    |
    |-- mod_python            (active, four committers)
    |
    |-- mod_smtpd             (dormant, one GSoC)
    |
    `-- test
          |-- flood           (dormant, two committers)
          |-- perl-framework  (active)
          `-- specweb99       (dormant, one committer)

 Incubator
    |
    `-- mod_ftp               (active, 1-3 committers)


There have been no releases of any of our products since August,
though builds of httpd 2.2.x, mod_python 3.3, and libapreq seem
to be in progress this week.

There are a few things we need to do fairly soon.  First, we need
to clean up the above mess -- there should be a distinction between
release-ready products and various experiments, and mod_python could
survive as its own TLP.  Second, we need to find a way to lower the
commit barrier for experiments and decide where to park the dormant
ones.  Finally, we need to open the doors to rethinking the entire
server framework for httpd 3.0, with the potential for multiple
competing alternatives and a serious bake-off.

Approved by General Consent.

16 Aug 2006 [Roy T. Fielding / Sander]

The Apache HTTP server project has had another active quarter in which
multiple products were released for GA.  We have no board-level issues
at this time.

In the last three months, we have added Philip M. Gollucci to the PMC
and Brian Pane has resigned due to lack of free time.  We have added
Bojan Smojver as a committer to the apreq library.

httpd 1.3.36 was released on May 17.  After that, all of the source
file headers on our httpd release branches were updated in accordance
with the recent board resolution and are present in our current
releases.  However, we have not yet updated the source file headers in
our subprojects.

A serious but difficult-to-exploit security vulnerability in
mod_rewrite was discovered by an external developer, reported via the
security mailing list on July 22nd, and patches prepared in private
before simultaneous publication of the vulnerability and release of
the fixed versions of httpd 2.2.3, 2.0.59, and 1.3.37 on July 27-28.
The security process seems to be working smoothly.

The apreq subproject successfully released libapreq2-2.08 on August 9.

mod_aspdotnet is being retired from the httpd project after an attempt
to release it failed to attract sufficient +1 votes.  The project's
champion, Will Rowe, is researching an alternative home and structure
for future development.

The mod_python subproject successfully released mod_python 3.2.10 on
August 7.

There have been a number of conversations about updating our
documentation and BIS notice procedures related to the presence of
mod_ssl in httpd 2.x and the future addition of ssl code to APR.  This
has been coordinated with Cliff Schmidt and should result in a new
export license information page sometime soon.

We have also had some discussion about updating our release package
naming to reflect the official product name for consistency with
NOTICE and BIS notifications.  That is on hold while we try to figure
out what our official product name should be, given that the product
now serves more than just HTTP.

Approved by General Consent

24 May 2006 [Roy Fielding / Sam]

The Apache HTTP server project has had another active quarter in which
multiple products were released for GA.  We have no board-level issues
at this time.

In the last three months, we have added Nicolas Lehuen and Jim Gallacher
to the PMC for their work on the mod_python subproject. We invited
Graham Dumpleton to join the PMC as well, but he has not accepted
(reason unknown, though he did say that he received the invitation).
We also approved commit access for Chris Darroch, based on his submitted
patches.

Bill Rowe and Justin Erenkrantz have been working on clarifying
the status of the CLI subproject.  As an interim result, the
cli-dev@httpd and cli-users@httpd mailing lists have been closed
and future discussion directed to the general dev@httpd and
users@httpd lists.

The HTTP server project successfully released httpd 2.2.2, 2.0.58,
1.3.35, and 1.3.36 as GA.  The mod_python subproject successfully
released mod_python 3.2.8.  The other subprojects have been relatively
quiet, at least partly because many of our volunteers are also active
on infrastructure and that has diverted our attention.

Approved by General Consent.

15 Feb 2006 [Roy T. Fielding / Ben]

The Apache HTTP server project has had a very active quarter in which
multiple products were released for GA.  We have one board-level issue
at this time, which I will describe at the end of this report.

We are stretching at the seams in terms of oversight of our
subprojects and need to move some of them to peer projects or
reorganize for better management of subproject releases. Our developer
guidelines and ABOUT_APACHE documentation are still woefully out of
date.  We also need to figure out how multiple protocol modules fit
with the name of our project, perhaps by changing our name or creating
a federation (if I ever find the time to propose such a thing).

During this quarter, we welcomed four new PMC members, including
Colm MacCárthaigh, Maxime Petazzoni, Rüdiger Plüm, and Graham Leggett,
while David Reid and Cliff Woolley have stepped out to emeritus
status.  We have also added several committers to subprojects,
including Noirin Plunkett (docs), Philip M. Gollucci (apreq), Garrett
Rooney, Graham Dumpleton (mod_python), and Rian Hunter (mod_smtpd).

We also successfully released httpd 2.2.0 (GA), our first major
release in five years. However, we hit a bit of a lull after ApacheCon
and the holidays -- hopefully some energy will return soon, since each
of the 1.3.x, 2.0.x, and 2.2.x branches are due for bug fix releases
real soon.  Work on the unstable branches has so far focused on
revamping access control (again) and experimenting with asynchronous
I/O.

The docs group did a tremendous amount of work surrounding the 2.2.0
release, and now seems to have reached a steady-state. The mod_mbox
module has been placed into service as the new ASF mail archives, and
eating our own dogfood has revealed a number of problems that have
been just as quickly fixed. We almost released mod_mbox, but are still
working on its build scripts. The mod_smtp module has continued in
development with several refactorings of the code.

The mod_python subproject released a 3.2.7 as GA, their first GA
release in almost two years. Credit for that release goes to Grisha
Trubetskoy, Jim Gallacher, Graham Dumpleton, Nicolas Lehuen and
everyone else who contributed on the python-dev mailing list. The
group is currently working on improving the mod_python web site. The
mod_python core group includes four independent contributors, but only
one (Grisha) is on the HTTP server PMC.  We should fix that soon,
either by adding them to the PMC or by creating a separate project for
mod_python.

The apreq subproject has accomplished a major new release with
libapreq-2.07, guided out the door by Joe Schaefer.  I would like to
see libapreq integrated directly into the httpd release branches and
the main dev list, but that is a topic for next quarter.

The httpd-test subproject has completed its move back to the
perl.apache.org realm.  However, we are left with the flood tool,
which remains in stasis and should probably be archived or moved into
incubator.

The cli-dev subproject is at a crossroads. There hasn't been any
significant development conversations for over a year, no sign of
outside contributions beyond user requests for help, and I am
personally -1 for adding a single-platform module to httpd whose sole
purpose is to provide a proxy-like interface to Microsoft's
proprietary application tools.  I asked for advice on what to do about
this on the PMC list on January 20th, but I am unable to fairly deal
with this project given that I am currently involved as an expert in a
patent dispute regarding ASP. Therefore, I would like to ask the board
to decide the issue or assign this task to someone else (perhaps one
of the board members that are also on the HTTP server PMC) so that I
can cease worrying about it.

Approved by General Consent.

16 Nov 2005 [Roy Fielding / Justin]

The Apache HTTP server project has had a very active quarter in which
multiple products are being prepared for GA release.  There are no known
legal or board-level issues at this time.  However, we are stretching at
the seams in terms of oversight of our subprojects and need to consider
moving some of them to peer projects or reorganizing for better
management of subproject releases.

The list of PMC members has been updated with the addition of Nick Kew
to the PMC.  We have added several committers to subprojects, but our
current records of that are limited to mail archives and asf-authorization
files.  My future tasks are to find a better way to track contributors
and authorization, since I think the subprojects are not nominating
enough people to PMC status.  We also need to find a better name for
the PMC, since this should be a cool thing.

During this quarter, we successfully released httpd 1.3.34 (GA),
2.0.55 (GA), 2.1.7 (beta), 2.1.8 (beta), and 2.1.9 (beta).  We are
in final preparations for an httpd 2.2.0 (GA) release,
with the primary emphasis switching to documentation.  There is a
good chance that the 2.2.0 release will happen during the hackathon.

httpd-docs continues to attract new translators and new languages.
Much work is afoot to prepare for httpd 2.2.  The mod_mbox module
has had an infusion of new blood through the Google SoC program.
Likewise, a new mod_smtp module has been initiated by SoC committers,
and a mod_dbd module has been added for database interfaces.

The cli-dev subproject has little to report, except that user-to-user peer
support is working well on cli-users, and the next potential snapshot
is awaiting some commentary and feedback from the dev list.  With a few
more nags, we anticipate a new mod_aspdotnet release for .NET 1.0/1.1
within the next month, and with the release of the '1 year free' Microsoft
Visual C++, hope to have a .NET 2.0 flavor of the module in development
around that timeframe that most anyone can build from source.

The apreq subproject has nothing to report.

The mod_python subproject released a 3.2.2 beta and will try to get
a 3.2.x GA done before Apachecon (hopefully). The last GA release
(not counting security fixes) was 20 months ago, so this is pretty
significant.

Our developer guidelines and ABOUT_APACHE documentation is woefully
out of date, so that will be a focus during the run-up to major
releases this coming quarter.  We also need to figure out how
multiple protocol modules fit with the name of our project, perhaps
by changing our name or creating a federation.

Roy T. Fielding
(with input from William Rowe, Jr., Joe Schaefer, and Grisha Trubetskoy)

Approved by General Consent.

17 Aug 2005

Change the HTTP Server Project Chair

 WHEREAS, the membership of the Apache HTTP Server Project
 Management Committee (PMC) have nominated Roy T. Fielding to
 serve as chairman of the Apache HTTP Server PMC; and

 WHEREAS, the previously appointed chairman of the Apache HTTP
 Server PMC, Sander Striker, has resigned his position as Vice
 President, Apache HTTP Server, in favor of Roy T. Fielding's
 appointment to that position.

 NOW, THEREFORE, BE IT RESOLVED, that Roy T. Fielding be and
 hereby is appointed to the office of Vice President, Apache
 HTTP Server, to serve in accordance with and subject to the
 direction of the Board of Directors and the Bylaws of the
 Foundation until death, resignation, retirement, removal or
 disqualification, or until a successor is appointed.

 Special Order 6A, Change the HTTP Server Project Chair, was
 Approved by Unanimous Consent.

17 Aug 2005 [Sander Striker / Jim]

The Apache HTTP Server Project almost did a lot of things this past
quarter.  We have made no official changes to the PMC, but that will
change soon once some invites have been accepted.  We published one
alpha release called httpd 2.1.6. Other releases are expected soon
after the next release of APR.

libapreq2-2.06-dev was released this quarter.  Nothing else to report
from there, other than increased demand to see it integrated into the
httpd distribution.

We have added several restricted-scope committers for the Google
Summer of Code projects that are progressing well and are adding life
back into the developers mailing list.  We moved mod_mbox back to the
main list where it is now getting significant updates.

Sander Striker has decided to step down as chair and VP of the HTTP
server project after having been volunteered into being President of
ASF.  Roy Fielding has been asked to come out of retirement and be the new
conveyer of choice words between our project and the board.  However,
Roy is going on vacation for the next two weeks with limited e-mail
access.

Approved by General Consent.

18 May 2005 [Sander Striker]

Activity is picking up again.  We are happy to say we have
invited a number of new committers into apreq, docs, httpd
and mod_python.

There were a couple of releases: libapreq2-2.05-dev and
httpd-2.0.54.

There is increased interest in branching httpd 2.1 and working
towards an initial 2.2 release.

Apache HTTP Server Project report approved as submitted by general consent.

23 Feb 2005 [Sander Striker]

NO SUBMITTED WRITTEN REPORT: ORAL REPORT PRESENTED
BY SANDER.

Sander reported that other than some releases of both the Apache 1.3 and 2.0 tree, and continued development on both as well as the 2.1 tree, and the addition of one new PMC member, there was nothing major to report.

Apache HTTP Server Project report approved as submitted and discussed by general consent.

14 Nov 2004 [Sander Striker]

Since the previous board report there have been 3 releases of the 2.0 line
and a single release of the 1.3 line.
As usual, all a combination of security fixes and a regular release.  For
some reason security issues have a way of turning up in the middle of a
release process.  Taking appropiate action to security issues has interfered
with getting the actual cutting of a release of the 2.1 line (in the form of
an alpha); which leaves the 2.1 line without any releases to date.

At ApacheCon all the Apache HTTP Server modules are being converted to
Subversion.  The modules are locked down and no CVS commits are possible
as of now.  The Subversion repository will be opened for commits during
the ApacheCon.

mod_aspdotnet graduated from the Incubator and will be moved once the
SVN module is opened.

There is a new module coming in, mod_arm4, providing something one
can think of as SNMP on steroids:
From http://www.opengroup.org/tech/management/arm/
 "The Application Response Measurement (ARM) standard describes a common
  method for integrating enterprise applications as manageable entities.
  The ARM standard allows users to extend their enterprise management
  tools directly to applications creating a comprehensive end-to-end
  management capability that includes measuring application availability,
  application performance, application usage, and end-to-end transaction
  response time."

Other than that nothing to report.

The report was slightly modified to reflect that the Apache 1.3 line had had 1 "official" release (1.3.33) and one non-official release (1.3.32).

Apache HTTP Server approved by General Consent.

18 Aug 2004 [Sander Striker]

Approved by General Consent.

23 Jun 2004

Basically nothing of significance to report to the Board from
the HTTP Server project for last quarter.  No legal issues,
no quarrels, few releases.

There have been the following releases:
 - apache-1.3.31
 - httpd-2.0.49
 - mod_python 3.1.3
 - Apache-Test 1.08, 1.09, 1.10 and 1.11

The documentation end is busy as always, as is httpd-test.

We've gained a few committers during last period as well as
expanded the PMC.

There has been some discussion on moving the code from CVS
to SVN; apache 1.3 is the first codebase to move over.

26 May 2004 [Sander Striker]

Basically nothing of significance to report to the Board from
the HTTP Server project for last quarter.  No legal issues,
no quarrels, few releases.

There have been the following releases:
 - apache-1.3.31
 - httpd-2.0.49
 - mod_python 3.1.3
 - Apache-Test 1.08, 1.09, 1.10 and 1.11

The documentation end is busy as always, as is httpd-test.

We've gained a few committers during last period as well as
expanded the PMC.

There has been some discussion on moving the code from CVS
to SVN; apache 1.3 is the first codebase to move over.

Discussion and Approval tabled due to time constraints.

18 Feb 2004 [Sander Striker]

Basically nothing of significance to report to the Board from the HTTP
Server project for last quarter.  No legal issues, no quarrels, few
releases.

There have been a few mod_python releases (3.0.4, 2.7.9 and 2.7.10).

The documentation end is busy as always, as is httpd-test.

There have been two proposals for code donations which are currently
under review.

We've gained a few committers during last period.

The disposition of mod_mbox and mod_pop3 were discussed. It was noted that these 2 modules were assigned to the ASF and so their License needs to be updated to AL 2.0.

Approved via General Consent.

16 Nov 2003 [Sander Striker]

From: Sander Striker <striker@apache.org>
Date: Sat, 15 Nov 2003 13:01:21 -0600

* httpd

 Both Apache HTTP Server 1.3 and 2.0 have made releases the last
 quarter.  1.3 releases have been security/bug-fix releases, which
 is expected given the 1.3 tree is in maintenance mode.
 2.0 has made several releases, security related as well as normal.
 There is effort to push out the first 2.1 release, ramping up to 2.2.
 Maybe the 2.1 release will see the day of light during ApacheCon.

 On the dev list there is a discussion about the stagnation of
 development.  Solutions to this problem are being discussed in the
 thread (subject: the wheel of httpd-dev life is surely slowing down,
 solutionsplease).  There have been several speculations on the cause
 of the slow-down.  The thread is still active.

* httpd-docs

 The docs list has been slow of late, the most significant contribution
 being Kess' configure docs.  There seems to be a temporary lull in
 contributions.

* httpd-test

 The httpd-test/perl-framework infrastructure (i.e. Apache::Test) is
 being under an active development. The actual httpd tests repository
 hasn't changed much.

* mod_python

 There have been several releases made of mod_python.  The project
 is making progress and consistently keeps doing so.  One unfortunate
 aspect is that not enough PMC members are always actively involved
 with this project, making releases somewhat harder, since votes don't
 come in quick enough.  It would be an idea to track the development
 in the mod_python area more intensively for a bit to see if there are
 new potential committers and potential PMC members are available there.

* Contributor License Agreement

 A renewed effort to get a CLA of all contributors on file has
 started.  I hope to report next quarter that we have a 100% coverage.

Reported accepted by general consent.

20 Aug 2003 [Sander Striker]

The PMC's membership was expanded with 5 the last three months.

The committership is active and sustaining continued code
improvements.  There have been several releases, both for the 1.3 and
the 2.0 line.  Security releases have outnumbered the regular releases
and caused some concerns about the release process.  Last quarter has
been relatively slow when it comes to developments specific to the 2.1
tree.

A record high market share for the HTTP Server of almost 64% was hit
this month.

All is well in HTTP Server land.

The Apache HTTP Server Project Status Report was accepted as submitted and written by general consent.

25 Jun 2003

Change the Apache HTTP Project Chair

 WHEREAS, the membership of the Apache HTTP Server Project
 Management Committee (PMC) have nominated Sander Striker to
 serve as chairman of the Apache HTTP PMC; and

 WHEREAS, the previously appointed chairman of the Apache HTTP
 Server PMC, Ben Hyde, has resigned his position as Vice
 President, Apache HTTP, in favor of Sander Striker's
 appointment to that position.

 NOW, THEREFORE, BE IT RESOLVED, that Sander Striker be and
 hereby is appointed to the office of Vice President, Apache
 HTTP Server, to serve in accordance with and subject to the
 direction of the Board of Directors and the Bylaws of the
 Foundation until death, resignation, retirement, removal or
 disqualification, or until a successor is appointed.

 This motion was accepted unanimously.

21 May 2003

To the best of my knowledge all activities with the HTTPD PMC are
well within the scope of the foundation's mission.

The PMC's membership was revised with a number of idle members
deciding to go emeritus (Alexei K., Aram M., Brian B., Cliff S.,
Daniel L. R., Paul S.) and some new members brought on board.

The new processes for managing security issues working well.  This is
a nice improvement.  Discussions of possible changes to how we
announce security releases cam up again.  The desire is to provide
some early warning.  It appears that discussion is leaning toward
concluding that a no-change is the best course, but time time will
tell.

The perenial topic of bundling SSL support sprouted up again.  A
number of PMC members, I included, sense that if we could frame it
exactly right we could now bundle.  Reading the export regs is an art.
We are not qualified to make definitive judgements.  Getting the right
kind of lawyer involved is probably inevitable.  Asking that lawyer
the right questions demands we get our house in order first.  So, at
the present time we haven't managed to frame this question in a way
that allows us to suggest to the board what action we would like to
take.

While some progress was made toward getting committer agrements signed
by all current committers more work is needed.  I suspect, but we
have yet to debate this, that in due course we will decide to revoke
commit rights and PMC membership in service of cleaning this up.

Overall things are good in HTTP Server land.

19 Feb 2003 [Ben Hyde]

Things are good in HTTPD land.

Our most serious challenge is bringing more middleware et. al. that
complements 1.3 forward into 2.0.  A useful discussion on this topic
spun up in response to an article where in Greg was interviewed.  It's
a good how hard folks in HTTPD labor to try to keep discussions on an
even keel.

The board floated the suggestion that the PMC might look into ways to
reduce the number of PMC members who are currently engaged at a low
level in the actual evolution of the server.  This spawned a
conversation that finally reached the conclusion that the chair would
take the action of collecting data to identify the PMC members that
appear to low intensity and then chat them up to urge their voluntary
transition to emertitus.  Should that not work we would then be likely
to 'just' move some people into the emeritus category; i.e. those from
whom we have heard nothing for a year or more.  Not just because it's
an issue beyond our brief, we did not intend that these actions would
effect anyone membership in the foundation.

I, the chair, am making surprisingly good progress on collecting
volunteers but this work got delayed due to some issues that arose in
the rest of my life.

As a side effect of my collecting the data on activity level I found
it interesting that activity of individuals in the project over the
last year suggests a power-law distribution:

 level_of_contribution = 1 / ( rank_order_of_contributor + A ) ^ B

Where level_of_contribution is must # of things, postings, commits,
etc. and rank_order is just the index of individual contributors
sequenced by that score.

I consider it an excelent sign of health that A is appoximatly
10; i.e. that we are not dominated by one or two very large
contributors.  It would be nicer if B were smaller that 1.7, i.e
the drop off sharp.

Additionally, Ben noted that the HTTP Server project is slowly moving some PMC members to emeritus status.

18 Nov 2002

To re-establish the HTTPD PMC

 WHEREAS, it is in the best interests of the foundation to have
 each Project Management Committee consist of those individuals
 who are active volunteers working on the projects assigned to
 that committee,

 NOW, THEREFORE, BE IT RESOLVED, that the persons listed
 immediately below be and hereby are appointed to serve as
 members of the Apache HTTP Server Committee, effective
 immediately.

   Greg Ames              Aaron Bannert         Brian Behlendorf
   Rich Bowen             Ken Coar              Mark J. Cox
   Lars Eilebrecht        Ralf S. Engelschall   Justin Erenkrantz
   Roy Fielding           Tony Finch            Dean Gaudet
   Dirk-Willem Van Gulik  Brian Havard          Ian Holsman
   Ben Hyde               Jim Jagielski         Manoj Kasichainula
   Alexei Kosut           Martin Kraemer        Ben Laurie
   Rasmus Lerdorf         Daniel Lopez Ridruejo Doug Maceachern
   Aram Mirzadeh          Chuck Murcko          Victor J. Orlikowski
   Brian Pane             David Reid            William A. Rowe Jr.
   Wilfredo Sanchez       Cliff Skolnick        Marc Slemko
   Joshua Slive           Greg Stein            Bill Stoddard
   Sander Striker         Paul Sutton           Jeff Trawick
   David N. Welton        Cliff Woolley

 NOW, BE IT FURTHER RESOLVED, that the board reiterates its
 appointment of Ben Hyde as V.P., Apache HTTP Server, and
 chairman of the Apache HTTP Server Committee.

 This resolution was rescinded now that PMCs now have the authority
 and power, per resolution R1, to change and update the PMC member
 roster themselves.

18 Nov 2002 [Ben Hyde]

To the best of my knowledge all activities within the HTTPD PMC are
well within the scope of the foundation's mission.

The PMC was sad to see the departure of two it's members recentl.
Ryan declared himself emeritus in HTTPD, while Randy declared himself
emertitus in regards to the foundation.  They will be missed.

Long overdue, you will find attached a resolution which will
reconstitute the PMC to bring it in synch with it's current invited
membership of 40.  In addition we have 8 emeritus members and 29
committers.  Many of these committers have commit rights to the
http-test and other smaller CVS modules.

After Ben's report there was some discussion regarding both ASF and PMC emeritus membership. It was noted that several ASF and PMC members have been very inactive. At the very least, this makes efforts which require majorities or quorums difficult.

18 Sep 2002 [Jason van Zyl]

To the best of my knowledge all activities within the HTTPD PMC are well
within the scope of the foundation's mission.  The project seems to be
thriving.  When asked no member of the PMC reported any issues they
desired brought to the board's attention.  The pool of volunteers and
employees of contributing firms remains substantial.  The diverse goals
and expertise of the parties involved continue to be more complementary
than competitive.  Our disputes remain well within the ablitity of our
mutual respect to resolve.  That allows us the luxury of continuing to
take advantage of a casual peer-to-peer goverance framework.  That said,
there is a suspision that a more something procedural or at minimum
fastidious might be helpful - that awaits volunteers.  Internally the
project has three notably active arenas (1.3, 2.0 and doc).  Doc is
wonderful, in particular it is both active and has drawn in additonal
commiters.  2.0 is making slow but steady progress reguarding market
adoption.  I personally would love to see more end-users/web-master
contributions.  Some of the critical complementary products - PHP in
particular - are having a rough time achieving the same level of synergy
that they have with 1.3.  2.0 is dependent on the APR project which at
this time lacks a formal release.   1.3 endures.  There is some slight
tension from time to time about how 1.3 'competes' with 2.0 and if that
requires some action - opinions differ.

This report was not submitted before the meeting. Please see the supplementary report.

24 Jul 2000

Update membership of the Apache HTTP Server Committee

 Ben Hyde expressed a desire that the Board officially recognize the
 current status of membership in the HTTP Server Committee.  There was
 some discussion about whether it was more appropriate to limit the
 membership to only those recently active in the project, but it was
 decided in principle that we should first recognize the current
 status and suggest to the server committee that they should discuss
 the issue within the project and decide for themselves.

 The following resolution was approved by vote of the directors
 present, with six yea votes (Ken, Roy, Ben, Rasmus, Randy, Dirk),
 no nay votes, and one abstention (Brian).  Doug was absent for
 this vote.

    WHEREAS, it is in the best interests of the Foundation to have
    each Project Management Committee consist of those individuals
    who are active volunteers working on the projects assigned to
    that committee; and further

    WHEREAS, the existing members of the Apache HTTP Server Committee
    have nominated the following additional individuals to serve on
    that committee.

       Ryan Bloom, Tony Finch, Brian Havard, Manoj Kasichainula,
       Rasmus Lerdorf, David Reid, Daniel Lopez Ridruejo,
       William A. Rowe, Chuck Murcko, Wilfredo Sanchez, and Greg Stein.

    NOW, THEREFORE, BE IT RESOLVED, that the persons listed immediately
    below be and hereby are appointed to serve as members of the Apache
    HTTP Server Committee, effective immediately.

       Brian Behlendorf       Ryan Bloom           Ken Coar
       Mark Cox               Lars Eilebrecht      Ralf S. Engelschall
       Roy T. Fielding        Tony Finch           Dean Gaudet
       Dirk-Willem van Gulik  Brian Havard         Ben Hyde
       Jim Jagielski          Manoj Kasichainula   Alexei Kosut
       Martin Kraemer         Ben Laurie           Rasmus Lerdorf
       Daniel Lopez Ridruejo  Doug MacEachern      Aram Mirzadeh
       Chuck Murcko           Sameer Parekh        David Reid
       William A. Rowe        Wilfredo Sanchez     Cliff Skolnick
       Marc Slemko            Greg Stein           Bill Stoddard
       Paul Sutton            Randy Terbush

    BE IT FURTHER RESOLVED, that the board reiterates its appointment
    of Ben Hyde as V.P., Apache HTTP Server, and chairman of the Apache
    HTTP Server Committee.