[OpenID] OpenID license
Nathan
nathan at webr3.org
Wed Jul 21 23:44:41 UTC 2010
Chris Messina wrote:
> All the typical disclaimers about me not being a lawyer apply to what I'm
> about to say, so keep that in mind. ;)
>
> On Wed, Jul 21, 2010 at 4:59 PM, Nathan <nathan at webr3.org> wrote:
>
>> John Bradley wrote:
>>
>>> Copyright on the spec won't protect you from patent assertions by people
>>> who are not party to the IPR agreements.
>>>
>> So you're telling me OpenID specifications are covered by patents from
>> people who are not party to the IPR agreements, and that they can be
>> asserted and I'm not protected from this??
>
>
> What we're saying is that we don't know if there are or aren't patents that
> exist that pertain to the OpenID spec. No IPR policy can protect you from
> people who are not part of an agreement, just as I can't enter into an
> agreement to sell your house (presuming you own it) to someone else. If
> there are people out there who believe that their patents relate to OpenID,
> they're going to do whatever they're going to do, regardless of our IPR
> policy.
>
> Should the non-parties decide to file a lawsuit, those who are party to the
> IPR policy may be enjoined to counter-sue in form of digital detente.
>
> This situation has become quite common in standards bodies; as John said, no
> one is going to indemnify you from other parties who may have patents in
> this space. Those who have agreed to the IPR agreement basically have
> promised that they won't, as long as you don't sue them (more or less).
Okay, think I'm following..
1: has every contributor to the OpenID specification(s) agreed to the
IPR agreement and made the conditioned patent promise? (2a or 2b in the
agreement)
- if the answer isn't 100% yes where does that leave me?
2: why aren't the patents from contributors with Necessary Claims disclosed?
3: Is the promise a legally binding assertion that no Necessary Claims
of these non disclosed patents from contributors can/will be made
against me (by contributors), or is it just a promise which equates to
me saying "I promise I won't sue you for replying to this email"
clarify, I fully realise that a patent troll could be sitting with
patents covering any specification, but looking to find whether it's
possible for any of the contributors to be one of those patent trolls.
>> The two issues are quite separate. Unless you intend to republish the
>>> specification itself I doubt that copyright enter into it.
>>>
>> Well I had intended to include a copy of the specification in with the
>> implementation (sad to see I can't), how about simply linking to it? what
>> about simply implementing it?!
>
>
> Until we clarify the copyright on the specs themselves, it's better just to
> link to it. I don't see any legal prohibition against linking to the specs.
No problem with that at all, and preferred route :)
> Why would you want to include a copy of the spec in your software anyway?
> (Just curious).
Primarily for reference to previous versions or non final standards -
may not be an issue at all, would just like to know whether one can
include a copy of the spec or not (with legal notices etc in tact of
course).
> You are free to implement the protocol without receiving a priori
> permission.
Good to know, more concerned what happens after I implement and possibly
become reliant on the spec's though ;)
>> We should however address the issue.
>> Yes certainly, agreed - have to wonder why it hasn't been addressed a very
>> long time ago, feels like a time bomb to me.
>>
>
> It's not a bomb, it's just an oversight.
glad to hear it, apologies if I was a bit strong worded.
> Unless you plan to sell your software for $1M and call it OpenID and NOT
> conform to the spec, no one is probably going to be interested in suing you
> (though I'll leave that judgement up to each respective party or their
> lawyers).
>
> While I appreciate that you're concerned about the license of the code and
> protocols that you use, I might also suggest doing a bit more research on
> how and why patents are used (and abused in open source communities) —
> especially with an eye to how it's usually not the open source community
> that goes after its own — but those from the outside (i.e. patent trolls)
> that need to be protected *against*.
I follow and indeed like to think/hope that's always the case :)
Cheers again
> Chris
>
>
>> Best, yet bemused,
>>
>> Nathan
>>
>>
>> John B.
>>> On 2010-07-21, at 6:40 PM, Nathan wrote:
>>>
>>> To be honest, after reading that license snippet and the agreements I'm
>>>> now more concerned than ever.
>>>>
>>>> What I read is that there could be a load of undisclosed patents on these
>>>> specifications, and that by implementing the specifications I could at some
>>>> point be sued or chased for royalties.
>>>>
>>>> [1] scares the hell out of me, and the chunk of text which basically
>>>> reads 'we can all sue, and if you sue, I might too' does very very very
>>>> little to make me feel any better about that.
>>>>
>>>> So, what I'm looking for here is to see the 'CC Attribution Share Alike'
>>>> license (or well known equivalent) on the OpenID specifications, (and if
>>>> needed to cover *my* ass legally, patent disclosures, royalty free
>>>> assertions and all related) - can and will you do this, yes or no.
>>>>
>>>> Pease, just a simple yes or no, and if yes, when.
>>>>
>>>> If not, I for one simply can't take the risk of implementing them.
>>>>
>>>> [1] 'Patent Disclosures. There is no requirement or expectation by others
>>>> that Contributor should disclose patents or patent applications that
>>>> Contributor has reason to believe may contain Necessary Claims. OIDF hereby
>>>> disclaims any responsibility for identifying the existence, or for
>>>> evaluating the applicability, of any patents, patent applications, or other
>>>> rights (including copyrights) claimed to be applicable to any Specification
>>>> and will take no position on the validity or scope of any such rights.'
>>>>
>>>> Regards,
>>>>
>>>> Nathan
>>>>
>>>> David Recordon wrote:
>>>>
>>>>> The IPR policy includes a copyright license for them. I don't think that
>>>>> we
>>>>> have determined the exact text which should be included in the
>>>>> specifications. The Open Web Foundation provides guidance for their
>>>>> license
>>>>> at
>>>>>
>>>>> http://wiki.openwebfoundation.org/How_to_use_the_agreement#What_To_Include_In_The_Specification_Itself
>>>>> .
>>>>> We should use a version of that which matches the OpenID IPR policy.
>>>>> I'd like to see us just move to the OWF IPR policy which would help to
>>>>> address these sorts of issues in the future as well.
>>>>> --David
>>>>> On Wed, Jul 21, 2010 at 12:37 PM, Nat Sakimura <sakimura at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Actually, I have asked the same thing long time ago when we started
>>>>>> translation project at OIDF-J since it was a blocking issue. We should
>>>>>> fix it ASAP, but that means OIDF needs to decide on what Copyright
>>>>>> license.
>>>>>>
>>>>>> =nat
>>>>>>
>>>>>> On Thu, Jul 22, 2010 at 4:15 AM, Chris Messina <
>>>>>> chris.messina at gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> It seems worth clarifying this situation -- if only because I was
>>>>>>>
>>>>>> personally surprised to not see a clear license on the docs themselves
>>>>>> (copyright, specifically).
>>>>>>
>>>>>>> Any reason why we haven't taken 10 minutes to make that change?
>>>>>>>
>>>>>>> Nathan -- are you blocked by not having a clear [copyright] license on
>>>>>>>
>>>>>> the specs?
>>>>>>
>>>>>>> Chris
>>>>>>>
>>>>>>> Sent from my iPhone
>>>>>>>
>>>>>>> On Jul 21, 2010, at 9:11 AM, Nat Sakimura <sakimura at gmail.com> wrote:
>>>>>>>
>>>>>>> Apparently, it is full3978. It is written in the spec XML.
>>>>>>>> Having said that, I prefer to have additional license such as CC.
>>>>>>>>
>>>>>>>> Also note that all the wiki contents are under GNU Free
>>>>>>>> Documentation
>>>>>>>>
>>>>>>> License.
>>>>>>> On Wed, Jul 21, 2010 at 9:22 PM, Nathan <nathan at webr3.org> wrote:
>>>>>>>>> Hi David,
>>>>>>>>>
>>>>>>>>> Thanks for the link, I actually checked that before I sent the mail
>>>>>>>>> yesterday, and I'm familiar with the patent non assert agreement.
>>>>>>>>>
>>>>>>>>> However, really, where's the license? I've tried looking everywhere
>>>>>>>>> and
>>>>>>>>>
>>>>>>>> the
>>>>>>> best I can find is this thread from 2 years ago:
>>>>>>>>>
>>>>>> http://groups.google.com/group/dataportability-public/browse_thread/thread/86a0351f525a53d9
>>>>>>
>>>>>>> which explains things better, but still that thread ends with:
>>>>>>>>> 'It would take all of 10 minutes for the OpenID foundation to say
>>>>>>>>> "this
>>>>>>>>> spec is at-the-least copyright us and redistributable under the CC
>>>>>>>>> Share-Alike License" and drop that license onto the specs and on the
>>>>>>>>> site's IP policies page -- which I'm hoping they finally do.'
>>>>>>>>>
>>>>>>>>> He's right, it would take all of 10 minutes, certainly not 2 years -
>>>>>>>>> so
>>>>>>>>> where is the license - what's stopping this from happening? I
>>>>>>>>> *really*
>>>>>>>>>
>>>>>>>> don't
>>>>>>> follow here.
>>>>>>>>> aside: on the intellectual property page you have 'These documents
>>>>>>>>> are
>>>>>>>>> listed below as well as available here.' But there's no list below
>>>>>>>>> and
>>>>>>>>>
>>>>>>>> the
>>>>>>> 'here' link returns a 'You don't have permission to access /ipr/ on
>>>>>>>> this
>>>>>>> server.'
>>>>>>>>> Best,
>>>>>>>>>
>>>>>>>>> Nathan
>>>>>>>>>
>>>>>>>>> David Recordon wrote:
>>>>>>>>>
>>>>>>>>>> Hi Nathan, you can find the OpenID Foundation's IPR policy at
>>>>>>>>>> http://openid.net/intellectual-property/. All of the contributors
>>>>>>>>>> to
>>>>>>>>>>
>>>>>>>>> those
>>>>>>> specifications signed non-assertion agreements.
>>>>>>>>>> --David
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Tue, Jul 20, 2010 at 6:09 PM, Nathan <nathan at webr3.org> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>> I'm trying to find what license the following spec's are released
>>>>>>>>>>>
>>>>>>>>>> under:
>>>>>>> OpenID Authentication 2.0
>>>>>>>>>>> OpenID Attribute Exchange 1.0
>>>>>>>>>>> OpenID Provider Authentication Policy Extension 1.0
>>>>>>>>>>> OpenID Authentication 1.1
>>>>>>>>>>> OpenID Simple Registration Extension 1.0
>>>>>>>>>>>
>>>>>>>>>>> I've searched them all for any mention of license, patent, royalty
>>>>>>>>>>>
>>>>>>>>>> and
>>>>>>> similar and found nothing at all?
>>>>>>>>>>> Are the spec's and technologies all completely public domain, if
>>>>>>>>>>> not
>>>>>>>>>>> which
>>>>>>>>>>> license(s) are they covered by?
>>>>>>>>>>>
>>>>>>>>>>> Thanks in advance,
>>>>>>>>>>>
>>>>>>>>>>> Nathan
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> general mailing list
>>>>>>>>>>> general at lists.openid.net
>>>>>>>>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>> general mailing list
>>>>>>>>> general at lists.openid.net
>>>>>>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>>>>>>
>>>>>>>>>
>>>>>>>> --
>>>>>>>> Nat Sakimura (=nat)
>>>>>>>> http://www.sakimura.org/en/
>>>>>>>> http://twitter.com/_nat_en
>>>>>>>> _______________________________________________
>>>>>>>> general mailing list
>>>>>>>> general at lists.openid.net
>>>>>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>>>>>
>>>>>> --
>>>>>> Nat Sakimura (=nat)
>>>>>> http://www.sakimura.org/en/
>>>>>> http://twitter.com/_nat_en
>>>>>> _______________________________________________
>>>>>> general mailing list
>>>>>> general at lists.openid.net
>>>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>>>
>>>>>> ------------------------------------------------------------------------
>>>>> _______________________________________________
>>>>> general mailing list
>>>>> general at lists.openid.net
>>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>>
>>>> _______________________________________________
>>>> general mailing list
>>>> general at lists.openid.net
>>>> http://lists.openid.net/mailman/listinfo/openid-general
>>>>
>>>
>> _______________________________________________
>> general mailing list
>> general at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-general
>>
>
>
>
More information about the general
mailing list