[OpenID] On the OpenID trademark
Drummond Reed
drummond.reed at cordance.net
Wed Apr 4 06:00:02 UTC 2007
Johannes,
First, congratulations on securing the mark. Having it inside the community
is obviously much better than having it outside ;-)
Second, I agree with the thoughts you laid out here. I believe this should
be a key function that the OpenID Foundation carries out on behalf of the
community, of which the OIDF essentially serves as a trustee.
I think the OIDF board should charter a committee, open to all community
members, to define the initial proposed policy, then post it to the
OpenID.net wiki for feedback.
I don't have many cycles to spare, but I think this is important, so I'll
volunteer to help out with this committee.
=Drummond
-----Original Message-----
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
Behalf Of Johannes Ernst
Sent: Tuesday, April 03, 2007 10:26 PM
To: openid-general
Subject: [OpenID] On the OpenID trademark
As you may recall, when the convergence movement around the OpenID
term started last summer, it became clear that the term "OpenID"
needed to be protected as a trademark, otherwise it would become
meaningless over time. At the time, the OpenID Foundation did not
exist, nor did we have any real infrastructure in the community to
address IP issues like it. So I volunteered to use my company to take
steps to protect it and filed for a registration. The good news is
that the trademark registration was granted in the past few days.
Which means that as a community all interested in the mark, we now
need to define how we want to deal with the rights and obligations
that a trademark poses.
To re-iterate one more time, it is my and my company's intention to
transfer all rights in the OpenID mark to the OpenID Foundation as
soon as it is properly set up and an appropriate IP policy and
governance has been put together (part of which is the trademark
policy); in the meantime, rest assured we have no evil intentions and
want to conduct ourselves in the spirit of this community, which is
constructive cooperation. (I keep getting messages "how much are you
going to charge me for the use of the mark" -- no! That's not the
goal here! ;-))
My goal with this message is to align what we need to do as the
current legal owner of the trademark and the needs and thoughts of
the larger community.
The point of the OpenID trademark is, of course, to communicate to
users that a particular product (e.g. a website) can be used in a
particular way (e.g. you can authenticate using OpenID). So we want
to encourage people to use the trademark to communicate that to their
users because that's what it is for. Conversely, people should be
prevented from using the trademark if that promise to the user is not
met (e.g. you need your social security number to log in and it
chokes on URLs, or a piece of "OpenID-enabled" software a user might
buy has no identity concept whatsoever).
The important part is that under my understanding of trademark law
(and I'm clearly not a lawyer), we need to be very clear about what
is a permissible use of the mark, and what isn't. And if somebody
uses the mark in a different manner, we need to police the mark (e.g.
send cease-and-desist letters), otherwise the mark becomes "generic",
which means anybody can use it for anything, which defeats the
purpose of the common term in the first place. (OpenID ketchup or
spark plugs anybody?)
If you have been following the board meeting minutes, you probably
saw that we have consensus on the Foundation Board, see http://
openid.net/wiki/index.php/OpenID_Foundation/Board/Minutes/
2007-03-15#Trademarks
So until somebody convinces me of something else, my thoughts are as
follows:
1. we need to define the requirements that a product must meet before
it is allowed to use the OpenID trademark, such as the specifications
that it needs to conform to
2. we need to define a process by which the requirements evolve over
time (e.g. old specs are obsoleted or evolved, new specs are added etc.)
3. we need to do this in a manner that is as inclusive as possible
(so nobody can hi-jack the process and bend it to favor one party
over another), while being effective and fast (important for
trademark enforcement.)
Note that this discussion is largely independent of compliance /
conformance / certification etc. (If there was a dispute on whether X
indeed implements protocol Y, we will have to decide how to tell, but
this discussion can wait a bit longer.)
As the current trademark owner, we have to have a policy, which
currently is:
Re 1. Product must support either the consumer or server side, or
both, of
- http://openid.net/specs/specs-1.0.bml, or
- http://openid.net/specs/specs-1.1.bml, or
- both
This confirms current practice (the many OpenID implementations out
there), which is all we are trying to do at this point.
Re 2 and re 3. What I'm trying to get to starting with this message ;-)
So far so good? Does this sound reasonable?
I'm particularly interested in your input on #2 and #3 above. Should
we have some kind of "trademark policy committee" appointed by the
community? Chartered by the foundation board? Majority vote?
Unanimity? Implementors favored over users in terms of voting? Users
over implementors? ...?
Your thoughts very welcome ...
Cheers,
Johannes Ernst
NetMesh Inc.
More information about the general
mailing list