[OpenID] OpenID license
Nathan
nathan at webr3.org
Fri Jul 23 19:52:17 UTC 2010
Thanks for that Steven - good advice and fully agree, tis my usual stand
too.
tbh I wouldn't even take note at all if there was a standard copyright
license on the specs, AGPL, CC-sharealike, apache v2, bsd, anything
common - then one would just ignore the patent issues - it's only
because of the lack of this that I took the slippery slope in to the
patent/ipr side of things (as for once I had to look at all the issues
to try and figure it out).
unwanted advice:
- stick a common well-known license on the specs
- get the signed agreements up for all to see
- leave it at that
afaict that's the only things which can happen and which would benefit
everybody.
Best,
Nathan
Steven Livingstone Pérez wrote:
> To quote Paul Graham on this ...
> "In the software business I know from experience whether patents encourage or discourage innovation, and the answer is the type that people who like to argue about public policy least like to hear: they don't affect innovation much, one way or the other. Most innovation in the software business happens in startups, and startups should simply ignore other companies' patents. At least, that's what we advise, and we bet money on that advice."
>
>
> http://www.paulgraham.com/softwarepatents.html
> Good Luck!
> /stevenhttp://livz.org
>
>> Date: Fri, 23 Jul 2010 20:33:08 +0100
>> From: nathan at webr3.org
>> To: chris.messina at gmail.com
>> CC: openid-general at lists.openid.net; sakimura at gmail.com
>> Subject: Re: [OpenID] OpenID license
>>
>> To summarise then (with regards OpenID/OIDF specifications):
>>
>> All contributors have signed patent non assert agreements
>>
>> The signed agreements can (not) be found here http://openid.net/ipr/
>>
>> No patents from contributors covering OpenID specifications are disclosed.
>>
>> The non assert agreements protect contributors from each other (to an
>> extent), they do not protect implementers.
>>
>> As far as you know the OpenID specs are not patent encumbered, but you
>> advise implementers to access the legal situation with their legal
>> council before writing a line of code, and if worried to go and license
>> the relevant patent(s) or get patent non asserts.
>>
>> The patent(s) may cover parts of other existing or future protocol
>> specifications from non associated third parties, and of course the
>> implementations of those.
>>
>> The copyright on OpenID specifications mean they cannot be released
>> under CC-zero licenses (or similar), the licenses which are compatible
>> are unknown, Janrain has opted for Apache V2 but may still be infringing
>> on patents (as all implementations may be).
>>
>> The 'OIDF hereby disclaims any responsibility for identifying the
>> existence, or for evaluating the applicability, of any patents, patent
>> applications, or other rights (including copyrights) claimed to be
>> applicable to any Specification and will take no position on the
>> validity or scope of any such rights.'
>>
>> The general advice is that because of the legal costs of a patent
>> infringement case it's likely that anybody implementing will be
>> infringing patents (if there are any, but they aren't disclosed) but
>> they most likely won't be sued because of the costs involved.
>>
>> So, do I take it that I should just get on and implement the
>> specifications, go for a license which keeps all rights reserved to the
>> OIDF and hope for the best; ignore the patent matter, and if manages to
>> get a business to the value where patent infringements would be worth
>> going after seek legal council and worry about it then.
>>
>> Am I correct?
>>
>> Best,
>>
>> Nathan
>>
>> Chris Messina wrote:
>>> On Wed, Jul 21, 2010 at 6:48 PM, Nathan <nathan at webr3.org> wrote:
>>>
>>>>> Essentially the non-asserts are about protecting the creators of the
>>>>> technology, and less about protecting the implementors. It's up to each
>>>>> implementor to assess the legal situation with their own counsel (if it's
>>>>> important to them) before writing a line of code. The contributors
>>>>> obviously
>>>>> can't do that for you, they can only assess their own legal situation and
>>>>> act according to their interests.
>>>>>
>>>> well I can't afford to do that, nor do I have the time so doesn't really
>>>> leave me much choice I guess :(
>>>
>>> Most people can't afford this (including me, personally) and implement
>>> anyway.
>>>
>>> It's up to you, as I said, to determine your risk and proceed accordingly.
>>>
>>> If you can't or won't implement OpenID because you're concerned about being
>>> sued for patent infringement, consider how much patent litigation costs and
>>> then weigh that against the likelihood that anyone would really go after
>>> anyone worth less than 10s of millions of dollars for patent infringement.
>>>
>>> Hell, if anyone is really worried about your implementation, you can always
>>> go license the relevant patent(s).
>>>
>>>
>>>>> Not today. Depends on the copyright license that applies. The default is
>>>>> all
>>>>> rights reserved, so until we specify otherwise, that's the doctrine that
>>>>> applies.
>>>>>
>>>> okay, assuming that Apache License V2.0 is compatible given that janrain
>>>> openid implementations are released under it, any word on CC
>>>> Attribution-ShareAlike (for an implementation).
>>>>
>>> Copyright license on code is separate from patent licenses. Janrain
>>> libraries could still infringe patents, but you could at least create
>>> derivative works or fork the libraries thanks to the copyright license.
>>>
>>> Just remember to keep those issues separate.
>>>
>>> Chris
>>>
>>>
>> _______________________________________________
>> general mailing list
>> general at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-general
>
More information about the general
mailing list