[OpenID] OpenID license

Chris Messina chris.messina at gmail.com
Wed Jul 21 23:18:25 UTC 2010 

All the typical disclaimers about me not being a lawyer apply to what I'm
about to say, so keep that in mind. ;)

On Wed, Jul 21, 2010 at 4:59 PM, Nathan <nathan at webr3.org> wrote:

> John Bradley wrote:
>
>> Copyright on the spec won't protect you from patent assertions by people
>> who are not party to the IPR agreements.
>>
>
> So you're telling me OpenID specifications are covered by patents from
> people who are not party to the IPR agreements, and that they can be
> asserted and I'm not protected from this??


What we're saying is that we don't know if there are or aren't patents that
exist that pertain to the OpenID spec. No IPR policy can protect you from
people who are not part of an agreement, just as I can't enter into an
agreement to sell your house (presuming you own it) to someone else. If
there are people out there who believe that their patents relate to OpenID,
they're going to do whatever they're going to do, regardless of our IPR
policy.

Should the non-parties decide to file a lawsuit, those who are party to the
IPR policy may be enjoined to counter-sue in form of digital detente.

This situation has become quite common in standards bodies; as John said, no
one is going to indemnify you from other parties who may have patents in
this space. Those who have agreed to the IPR agreement basically have
promised that they won't, as long as you don't sue them (more or less).


>
>  The two issues are quite separate.  Unless you intend to republish the
>> specification itself I doubt that copyright enter into it.
>>
>
> Well I had intended to include a copy of the specification in with the
> implementation (sad to see I can't), how about simply linking to it? what
> about simply implementing it?!


Until we clarify the copyright on the specs themselves, it's better just to
link to it. I don't see any legal prohibition against linking to the specs.

Why would you want to include a copy of the spec in your software anyway?
(Just curious).

You are free to implement the protocol without receiving a priori
permission.


>
>  We should however address the issue.
>>
>
> Yes certainly, agreed - have to wonder why it hasn't been addressed a very
> long time ago, feels like a time bomb to me.
>

It's not a bomb, it's just an oversight.

Unless you plan to sell your software for $1M and call it OpenID and NOT
conform to the spec, no one is probably going to be interested in suing you
(though I'll leave that judgement up to each respective party or their
lawyers).

While I appreciate that you're concerned about the license of the code and
protocols that you use, I might also suggest doing a bit more research on
how and why patents are used (and abused in open source communities) —
especially with an eye to how it's usually not the open source community
that goes after its own — but those from the outside (i.e. patent trolls)
that need to be protected *against*.

Chris


>
> Best, yet bemused,
>
> Nathan
>
>
>  John B.
>> On 2010-07-21, at 6:40 PM, Nathan wrote:
>>
>>  To be honest, after reading that license snippet and the agreements I'm
>>> now more concerned than ever.
>>>
>>> What I read is that there could be a load of undisclosed patents on these
>>> specifications, and that by implementing the specifications I could at some
>>> point be sued or chased for royalties.
>>>
>>> [1] scares the hell out of me, and the chunk of text which basically
>>> reads 'we can all sue, and if you sue, I might too' does very very very
>>> little to make me feel any better about that.
>>>
>>> So, what I'm looking for here is to see the 'CC Attribution Share Alike'
>>> license (or well known equivalent) on the OpenID specifications, (and if
>>> needed to cover *my* ass legally, patent disclosures, royalty free
>>> assertions and all related) - can and will you do this, yes or no.
>>>
>>> Pease, just a simple yes or no, and if yes, when.
>>>
>>> If not, I for one simply can't take the risk of implementing them.
>>>
>>> [1] 'Patent Disclosures. There is no requirement or expectation by others
>>> that Contributor should disclose patents or patent applications that
>>> Contributor has reason to believe may contain Necessary Claims. OIDF hereby
>>> disclaims any responsibility for identifying the existence, or for
>>> evaluating the applicability, of any patents, patent applications, or other
>>> rights (including copyrights) claimed to be applicable to any Specification
>>> and will take no position on the validity or scope of any such rights.'
>>>
>>> Regards,
>>>
>>> Nathan
>>>
>>> David Recordon wrote:
>>>
>>>> The IPR policy includes a copyright license for them. I don't think that
>>>> we
>>>> have determined the exact text which should be included in the
>>>> specifications. The Open Web Foundation provides guidance for their
>>>> license
>>>> at
>>>>
>>>> http://wiki.openwebfoundation.org/How_to_use_the_agreement#What_To_Include_In_The_Specification_Itself
>>>> .
>>>> We should use a version of that which matches the OpenID IPR policy.
>>>> I'd like to see us just move to the OWF IPR policy which would help to
>>>> address these sorts of issues in the future as well.
>>>> --David
>>>> On Wed, Jul 21, 2010 at 12:37 PM, Nat Sakimura <sakimura at gmail.com>
>>>> wrote:
>>>>
>>>>> Actually, I have asked the same thing long time ago when we started
>>>>> translation project at OIDF-J since it was a blocking issue. We should
>>>>> fix it ASAP, but that means OIDF needs to decide on what Copyright
>>>>> license.
>>>>>
>>>>> =nat
>>>>>
>>>>> On Thu, Jul 22, 2010 at 4:15 AM, Chris Messina <
>>>>> chris.messina at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> It seems worth clarifying this situation -- if only because I was
>>>>>>
>>>>> personally surprised to not see a clear license on the docs themselves
>>>>> (copyright, specifically).
>>>>>
>>>>>> Any reason why we haven't taken 10 minutes to make that change?
>>>>>>
>>>>>> Nathan -- are you blocked by not having a clear [copyright] license on
>>>>>>
>>>>> the specs?
>>>>>
>>>>>> Chris
>>>>>>
>>>>>> Sent from my iPhone
>>>>>>
>>>>>> On Jul 21, 2010, at 9:11 AM, Nat Sakimura <sakimura at gmail.com> wrote:
>>>>>>
>>>>>>  Apparently, it is full3978. It is written in the spec XML.
>>>>>>>
>>>>>>> Having said that, I prefer to have additional license such as CC.
>>>>>>>
>>>>>>> Also note that all the wiki contents are  under GNU Free
>>>>>>> Documentation
>>>>>>>
>>>>>> License.
>>>>>
>>>>>> On Wed, Jul 21, 2010 at 9:22 PM, Nathan <nathan at webr3.org> wrote:
>>>>>>>
>>>>>>>> Hi David,
>>>>>>>>
>>>>>>>> Thanks for the link, I actually checked that before I sent the mail
>>>>>>>> yesterday, and I'm familiar with the patent non assert agreement.
>>>>>>>>
>>>>>>>> However, really, where's the license? I've tried looking everywhere
>>>>>>>> and
>>>>>>>>
>>>>>>> the
>>>>>
>>>>>> best I can find is this thread from 2 years ago:
>>>>>>>>
>>>>>>>>
>>>>> http://groups.google.com/group/dataportability-public/browse_thread/thread/86a0351f525a53d9
>>>>>
>>>>>> which explains things better, but still that thread ends with:
>>>>>>>> 'It would take all of 10 minutes for the OpenID foundation to say
>>>>>>>> "this
>>>>>>>> spec is at-the-least copyright us and redistributable under the CC
>>>>>>>> Share-Alike License" and drop that license onto the specs and on the
>>>>>>>> site's IP policies page -- which I'm hoping they finally do.'
>>>>>>>>
>>>>>>>> He's right, it would take all of 10 minutes, certainly not 2 years -
>>>>>>>> so
>>>>>>>> where is the license - what's stopping this from happening? I
>>>>>>>> *really*
>>>>>>>>
>>>>>>> don't
>>>>>
>>>>>> follow here.
>>>>>>>>
>>>>>>>> aside: on the intellectual property page you have 'These documents
>>>>>>>> are
>>>>>>>> listed below as well as available here.' But there's no list below
>>>>>>>> and
>>>>>>>>
>>>>>>> the
>>>>>
>>>>>> 'here' link returns a 'You don't have permission to access /ipr/ on
>>>>>>>>
>>>>>>> this
>>>>>
>>>>>> server.'
>>>>>>>>
>>>>>>>> Best,
>>>>>>>>
>>>>>>>> Nathan
>>>>>>>>
>>>>>>>> David Recordon wrote:
>>>>>>>>
>>>>>>>>> Hi Nathan, you can find the OpenID Foundation's IPR policy at
>>>>>>>>> http://openid.net/intellectual-property/. All of the contributors
>>>>>>>>> to
>>>>>>>>>
>>>>>>>> those
>>>>>
>>>>>> specifications signed non-assertion agreements.
>>>>>>>>>
>>>>>>>>> --David
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Tue, Jul 20, 2010 at 6:09 PM, Nathan <nathan at webr3.org> wrote:
>>>>>>>>>
>>>>>>>>>  Hi,
>>>>>>>>>>
>>>>>>>>>> I'm trying to find what license the following spec's are released
>>>>>>>>>>
>>>>>>>>> under:
>>>>>
>>>>>> OpenID Authentication 2.0
>>>>>>>>>> OpenID Attribute Exchange 1.0
>>>>>>>>>> OpenID Provider Authentication Policy Extension 1.0
>>>>>>>>>> OpenID Authentication 1.1
>>>>>>>>>> OpenID Simple Registration Extension 1.0
>>>>>>>>>>
>>>>>>>>>> I've searched them all for any mention of license, patent, royalty
>>>>>>>>>>
>>>>>>>>> and
>>>>>
>>>>>> similar and found nothing at all?
>>>>>>>>>>
>>>>>>>>>> Are the spec's and technologies all completely public domain, if
>>>>>>>>>> not
>>>>>>>>>> which
>>>>>>>>>> license(s) are they covered by?
>>>>>>>>>>
>>>>>>>>>> Thanks in advance,
>>>>>>>>>>
>>>>>>>>>> Nathan
>>>>>>>>>> _______________________________________________
>>>>>>>>>> general mailing list
>>>>>>>>>> general at lists.openid.net
>>>>>>>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>>>>>>>
>>>>>>>>>>  _______________________________________________
>>>>>>>> general mailing list
>>>>>>>> general at lists.openid.net
>>>>>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>>>>>
>>>>>>>>
>>>>>>> --
>>>>>>> Nat Sakimura (=nat)
>>>>>>> http://www.sakimura.org/en/
>>>>>>> http://twitter.com/_nat_en
>>>>>>> _______________________________________________
>>>>>>> general mailing list
>>>>>>> general at lists.openid.net
>>>>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>>>>
>>>>>>
>>>>> --
>>>>> Nat Sakimura (=nat)
>>>>> http://www.sakimura.org/en/
>>>>> http://twitter.com/_nat_en
>>>>> _______________________________________________
>>>>> general mailing list
>>>>> general at lists.openid.net
>>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>>
>>>>> ------------------------------------------------------------------------
>>>> _______________________________________________
>>>> general mailing list
>>>> general at lists.openid.net
>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>
>>> _______________________________________________
>>> general mailing list
>>> general at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>
>>
>>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>



-- 
Chris Messina
Open Web Advocate, Google

Personal: http://factoryjoe.com
Follow me on Buzz: http://buzz.google.com/chrismessina
...or Twitter: http://twitter.com/chrismessina

This email is:   [ ] shareable    [X] ask first   [ ] private
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20100721/987d11b9/attachment.html>

More information about the general mailing list