Tim, I do agree that there is a protocol in place, but I do not agree that everyone is following it. Those that seem the most opposed to a discussion about a sandbox are the ones that keep pumping out the joint works. From my limited understanding, this does not appear to be a legal format to license under open source without exposing the contributor to partnership liability and the exposing the community with the task of rooting out the offending code.
I gave you a list of 10 environments that are complex enough and require more than incremental changes. Tabling this discussion will continue to lose many of the valuable contributions of the community (Like Phani's work on Google Checkout integration). In addition, continuing to table this discussion will increase the likelihood that offending code makes its way into the project. If someone makes a stink about it, my understanding is that the remedy is for the ASF and anyone using Apache OFBiz to cease and desist until the offending code is removed. If a business is running off Apache OFBiz, how much will it cost them to cease and desist? If they choose not to C & D, how much will it cost them to defend against a copyright infringement claim? If my legal understanding is incorrect, someone please post the question to legal-discuss and get a real lawyer's opinion. If there is no real risk in these joint works being added to the project, address it as such. Regards, Chris --- Tim Ruppert <[EMAIL PROTECTED]> wrote: > Can we all agree on the fact that there is a protocol in place, that > > if followed, allows everyone the ability to pass code around in a > legal format? This may or may not be the most optimal format for > said collaboration, but it does permit us to contribute back to the > community in a meaningful way. > > Let's table this sandbox discussion until we find a movement complex > > enough that it requires something more than incremental changes to be > > made to the trunk before we can agree to include it. Does that sound > > reasonable? Once there is an idea to build something that cannot > follow this incremental pattern, we can evaluate where we are in > terms of resources and determine the best course of action to follow. > > Cheers, > Tim > -- > Tim Ruppert > HotWax Media > http://www.hotwaxmedia.com > > o:801.649.6594 > f:801.649.6595 > > > On Jan 26, 2007, at 9:39 PM, Chris Howe wrote: > > > > > --- Jonathon -- Improov <[EMAIL PROTECTED]> wrote: > > > >> Chris, > >> > >> Ugh. Remind me never to take up law. (Yeah, I know, I'll be cannon > >> fodder for big boys with lawyers.) > >> > >>> This structure, however does not protect the contributor (you) of > >> a > >>> joint work. > >> > >> Ok. So if I stole someone else's private work and contributed it > to a > >> committer who commits this > >> stolen work to ASF, then I'm liable for the theft, and ASF and the > >> committer are not liable. > >> > > > > ASF will need to remove the offending code from distribution. > > > >> That'll also mean I better make sure that the contributions put > into > >> my private sandbox are not > >> stolen as well. I'll just follow ASF's "license grant" process, so > I > >> won't be liable for any > >> thefts committed by contributors in my sandbox team. > >> > > > > That may not be sufficient. The ASF does quite a bit more than the > > > CLA > > and license grant to protect itself. > > > >>> The only way as I see around this is to have a specific agreement > >>> amongst all joint owners allowing for its distribution under > >> Apache > >>> 2. > >> > >> Alright. So I just need to make sure all those committing to my > >> ragtag sandbox assigns rights to > >> ASF to distribute their contributions under Apache 2. > >> > > > > AFAIK > > The only way you can grant a license to the ASF is if you make your > > contribution directly to the ASF. If they make their contribution > to > > you, they are granting you a license not Apache. However, since > their > > contribution is intended to be inseparable from your contribution, > it > > is now a joint work absent some sort of agreement. This is the > point > > where it gets cloudy and no definitive answer has been offered. > Still > > not a pretty pickle and thus my ranting for a sandbox that is > > available > > to the community but owned by ASF. > > > >>> Not a pretty pickle. > >> > >> No, it's not pretty to software vendors, OFBiz consultants needing > >> money for a living, etc. But > >> that's not my concern. I leave that to businessmen. > >> > >>> Does this make my understanding of the scenario clear? > >> > >> Quite a bit clearer. Thanks. > >> > >> Jonathon > >> > >> Chris Howe wrote: > >>> IMO, this is certainly not a non-issue, it's the issue I've been > >> trying > >>> to get a definitive answer to for the last few weeks and everyone > >> wants > >>> to simply ignore it and act like we're a bunch of hippies. It's > >> fun > >>> being a hippie until some large corporation comes by and carts > your > >>> commune off their land. Then you're not a hippie, you're just > >>> homeless. > >>> > >>> I've changed my stance slightly contemplating Jonathon's > questions. > >> I > >>> think this explanation is more correct, consistent and also > easier > >> to > >>> follow. But again IANAL. > >>> Comments inline. > >>> > >>> > >>> --- Jonathon -- Improov <[EMAIL PROTECTED]> wrote: > >>> > >>>> David (Jones), Tim, Chris, > >>>> > >>>> Sorry, I know this thread isn't about legal issues with OFBiz. > But > >>>> Chris often has a way of > >>>> spotting some oft-missed angle, and I'm concerned about a > >> particular > >>>> angle now. Though I'm also > >>>> often lost in his long complex explanations, please forgive me > if > >> I > >>>> feel scared/concerned about > >>>> some issues mentioned. Need just a bit of advice here. > >>>> > >>>> I'm looking at some excertps from Chris' "findlaw" URL. Please > >> note > >>>> those words between **. > >>>> > >>>> "When the copyright... *provided that the use does not destroy > the > >>>> value of the > >>>> work* ..." > >>>> > >>>> I understand that the ASF license is like the MIT license, so > the > >>>> open sourced codes can be packed > >>>> into a commercial package (much like the LGPL?). > >>>> > >>> > >>> AFAIK, correct. > >>> > >>>> How do I publish codes (assuming I do have a semi-public SVN > >> shared > >>>> between a few friends) without > >>>> damaging that license? > >>>> > >>> > >>> The license is fine. The owner of a copyright can write as many > >>> nonexclusive licenses as he/she/it/they wish. However, I don't > >> believe > >>> a joint owner can grant the Apache 2 license to anyone without > >> greatly > >>> diminishes the financial value of the work itself. This is > further > >>> compounded by granting the Apache 2 license to the ASF as one of > >> their > >>> main functions is to distribute that work freely to anyone who > >> points a > >>> browser or other client software in their direction. > >>> > >>>> "According to the Copyright Act... *a work prepared by two or > more > >>>> authors with the intention that their contributions be merged > into > >>>> inseparable or interdependent parts of a unitary whole*." > >>>> > >>>> What if I explicitly mention that I INTEND to merge my private > >>>> sandbox into OFBiz as a collection > >>>> of "interdependent parts of a unitary whole". Will that mean the > >>>> OFBiz core team and my own ragtag > >>>> team become a partnership? > >>> > >>> No. This I believe is the trick of the contributor license > >> agreement. > >>> Your "patch" is a complete work and you are granting license to > >> anyone > >>> who has access to JIRA the Apache 2 license. The committers of > >> OFBiz > >>> as individuals accept your complete work and make a contribution > to > >> the > >>> ASF project under the terms of the CLA. The only interaction > with > >> the > === message truncated ===
