I heartily concur with Brian's approach. It is a sane response to a problem
caused by an unfortunate OASIS patent policy. The same is true for IETF
standards, by the way.
Someday, if we insist upon it, OASIS and IETF will tell everyone which of
their standards are "open standards" and which are not. Then the Apache
Foundation wouldn't have to do that analysis for itself. Just imagine the
confusion if our customers had to analyze all the upstream licenses for
stuff we incorporate into Apache code. To the extent possible, we should do
that analysis for them and warn them where necessary.
/Larry
Lawrence Rosen
Rosenlaw & Einschlag, technology law offices (www.rosenlaw.com)
3001 King Ranch Road, Ukiah, CA 95482
707-485-1242 ● fax: 707-485-1243
Author of “Open Source Licensing: Software Freedom
and Intellectual Property Law” (Prentice Hall 2004)
> -----Original Message-----
> From: Brian Behlendorf [mailto:[EMAIL PROTECTED]
> Sent: Thursday, February 24, 2005 8:23 AM
> To: [EMAIL PROTECTED]
> Subject: patent licenses on OASIS standards
>
>
> It is the intent of the ASF to distribute its software under the Apache
> Software License, and nothing but. We go to great lengths to accomplish
> this, such as ensuring the right contributor agreements and carefully
> reviewing the licenses on other software we incorporate into ASF
> codebases. We believe the easygoing terms allow for the broadest possible
> use of the code, and in doing so give the greatest chance to building
> healthy and large development communities. We also believe that the
> simplicity of being able to say "here's the AL, it describes all the
> requirements you must fulfill in order to use, copy, modify, etc" is
> important. Third-party copyright notices may require that folks retain
> information about copyright lineage, but can't impose additional
> restrictions.
>
> We fought hard for this approach within the JCP - not accepting a
> requirement, for example, that we only be allowed to release strictly
> conformant implementations, but accepting the provision that we can't use
> the related trademarks except on implementations that pass the relevant
> TCKs.
>
> The IETF's policy in 1994, as captured in RFC 1602 section 5.4.2,
> http://www.ietf.org/rfc/rfc1602.txt, took an out-of-sight, out-of-mind
> approach to the problem - simple and elegant but also not realistic given
> the rampant software patenting that has happened the last 15 years. The
> W3C and OASIS standards groups have had to address the issue; the W3C
> after much deliberation arrived at a Royalty-Free default for all
> standards (there may be exceptions, I don't claim perfect knowlege).
>
> OASIS recently issued a statement allowing for two "modes" for any given
> working group: Royalty-Free (though there may be other stipulations), and
> Reasonable and Non-Discriminatory (RAND). While an improvement over what
> came before, RAND licensing would not allow for Apache-licensed
> implementations. It even appears that the RF licenses on many OASIS
> standards in existance today that would require us to add requirements to
> the Apache License for particular packages upon our end-users.
>
> To be on the up-and-up, and make good on our promise to Apache software
> recipients that our software is legally free and clear for them to use as
> they expect, we should take a look at the OASIS standards we implement
> today. We should make sure that the patent notices that participants in
> OASIS have attached to these standards are RF, and not RAND.
>
> We should also determine whether the RF licenses presents other
> requirements that we'll need to pass along to our own licensees. We may
> need to compromise on our ideal, that the AL represents the entire license
> for the code, if we feel it's important as an organization to implement
> OASIS-defined specifications. It's tempting and easy to be dogmatic and
> say "no implementations of standards with any encumbrances, period", but
> keeping the Internet an open playing field by being the reference
> implementation and the best implementation of next-gen protocols may be a
> stronger ideal. Though, we should not allow any requirements (such as
> only applying to conformant applications) that would be impossible to
> fulfill with an OSI-compliant license.
>
> Dims has collected a list together of the projects and the OASIS standards
> they implement, at:
>
> http://wiki.apache.org/general/ReviewsNeeded
>
> Comments? At the end of this process it would be nice to be able to make
> a public statement about standards, IP, and Apache; but we need to get our
> own house cleaned and decide what our own policy should be before doing
> so.
>
> Brian
>
>
> ---------------------------------------------------------------------
> DISCLAIMER: Discussions on this list are informational and educational
> only, are not privileged and do not constitute legal advice.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only, are not privileged and do not constitute legal advice.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
