[OpenID] On the OpenID trademark
Johannes Ernst
jernst+openid.net at netmesh.us
Wed Apr 4 05:25:42 UTC 2007
As you may recall, when the convergence movement around the OpenID
term started last summer, it became clear that the term "OpenID"
needed to be protected as a trademark, otherwise it would become
meaningless over time. At the time, the OpenID Foundation did not
exist, nor did we have any real infrastructure in the community to
address IP issues like it. So I volunteered to use my company to take
steps to protect it and filed for a registration. The good news is
that the trademark registration was granted in the past few days.
Which means that as a community all interested in the mark, we now
need to define how we want to deal with the rights and obligations
that a trademark poses.
To re-iterate one more time, it is my and my company's intention to
transfer all rights in the OpenID mark to the OpenID Foundation as
soon as it is properly set up and an appropriate IP policy and
governance has been put together (part of which is the trademark
policy); in the meantime, rest assured we have no evil intentions and
want to conduct ourselves in the spirit of this community, which is
constructive cooperation. (I keep getting messages "how much are you
going to charge me for the use of the mark" -- no! That's not the
goal here! ;-))
My goal with this message is to align what we need to do as the
current legal owner of the trademark and the needs and thoughts of
the larger community.
The point of the OpenID trademark is, of course, to communicate to
users that a particular product (e.g. a website) can be used in a
particular way (e.g. you can authenticate using OpenID). So we want
to encourage people to use the trademark to communicate that to their
users because that's what it is for. Conversely, people should be
prevented from using the trademark if that promise to the user is not
met (e.g. you need your social security number to log in and it
chokes on URLs, or a piece of "OpenID-enabled" software a user might
buy has no identity concept whatsoever).
The important part is that under my understanding of trademark law
(and I'm clearly not a lawyer), we need to be very clear about what
is a permissible use of the mark, and what isn't. And if somebody
uses the mark in a different manner, we need to police the mark (e.g.
send cease-and-desist letters), otherwise the mark becomes "generic",
which means anybody can use it for anything, which defeats the
purpose of the common term in the first place. (OpenID ketchup or
spark plugs anybody?)
If you have been following the board meeting minutes, you probably
saw that we have consensus on the Foundation Board, see http://
openid.net/wiki/index.php/OpenID_Foundation/Board/Minutes/
2007-03-15#Trademarks
So until somebody convinces me of something else, my thoughts are as
follows:
1. we need to define the requirements that a product must meet before
it is allowed to use the OpenID trademark, such as the specifications
that it needs to conform to
2. we need to define a process by which the requirements evolve over
time (e.g. old specs are obsoleted or evolved, new specs are added etc.)
3. we need to do this in a manner that is as inclusive as possible
(so nobody can hi-jack the process and bend it to favor one party
over another), while being effective and fast (important for
trademark enforcement.)
Note that this discussion is largely independent of compliance /
conformance / certification etc. (If there was a dispute on whether X
indeed implements protocol Y, we will have to decide how to tell, but
this discussion can wait a bit longer.)
As the current trademark owner, we have to have a policy, which
currently is:
Re 1. Product must support either the consumer or server side, or
both, of
- http://openid.net/specs/specs-1.0.bml, or
- http://openid.net/specs/specs-1.1.bml, or
- both
This confirms current practice (the many OpenID implementations out
there), which is all we are trying to do at this point.
Re 2 and re 3. What I'm trying to get to starting with this message ;-)
So far so good? Does this sound reasonable?
I'm particularly interested in your input on #2 and #3 above. Should
we have some kind of "trademark policy committee" appointed by the
community? Chartered by the foundation board? Majority vote?
Unanimity? Implementors favored over users in terms of voting? Users
over implementors? ...?
Your thoughts very welcome ...
Cheers,
Johannes Ernst
NetMesh Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openid-relying-party-authenticated.gif
Type: image/gif
Size: 903 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070403/0bd8d41e/attachment-0004.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070403/0bd8d41e/attachment-0005.gif>
-------------- next part --------------
http://netmesh.info/jernst
More information about the general
mailing list