On Mon, May 14, 2012 at 5:27 PM, drew <d...@baseanswers.com> wrote: > On Mon, 2012-05-14 at 12:39 -0400, Rob Weir wrote: >> On Mon, May 14, 2012 at 11:55 AM, drew <d...@baseanswers.com> wrote: >> > On Mon, 2012-05-14 at 10:57 -0400, Rob Weir wrote: >> >> On Mon, May 14, 2012 at 9:47 AM, Roberto Galoppini <rgalopp...@geek.net> >> >> wrote: >> >> > On Mon, May 14, 2012 at 3:27 PM, Rob Weir <robw...@apache.org> wrote: >> >> > >> >> >> On Sun, May 13, 2012 at 2:23 PM, Dave Fisher <dave2w...@comcast.net> >> >> >> wrote: >> >> >> > >> >> >> > On May 13, 2012, at 7:45 AM, Rob Weir wrote: >> >> >> > >> >> >> >> We get regular requests from individuals and companies that want to >> >> >> >> add a link to the AOO download, and to use the logo with it. These >> >> >> >> range from websites of individual users, to websites that aggregate >> >> >> >> download links for many open source projects. >> >> >> >> >> >> >> >> Currently, requesting and receiving such permission requires a >> >> >> >> request >> >> >> >> to the PMC, approval and then additional approval by the Apache VP >> >> >> >> Branding. >> >> >> >> >> >> >> >> I'd like to propose a streamlined approach where we can give blanket >> >> >> >> permission, without an additional request, for using a specific logo >> >> >> >> (the one that Drew designed) for a specific download situation. If >> >> >> >> there are no objections from the PMC, and we get a +1 from >> >> >> >> Trademarks@, I'll write this up on the website. >> >> >> >> >> >> >> >> =Use of the Apache OpenOffice Download Promotion Logo= >> >> >> >> >> >> >> >> Anyone, without additional permission from this project, may use the >> >> >> >> following logo subject to the following conditions: >> >> >> >> >> >> >> >> The logo: >> >> >> https://cwiki.apache.org/confluence/download/attachments/27834483/get-aoo-300x100-cf.png?version=1&modificationDate=1331970198000 >> >> >> >> >> >> >> >> [NB. We should move this to a more memorable location] >> >> >> >> >> >> >> >> Conditions: >> >> >> >> >> >> >> >> 1. The logo may not be modified except to resize it. If >> >> >> >> translations >> >> >> >> of the "Get it here!" text are required, send a request to the >> >> >> >> ooo-dev >> >> >> >> list and we can provide a translated version for you. >> >> >> > >> >> >> > There should be a minimum size. >> >> >> > >> >> >> >> >> >> Did you have a specific size in mind? Or would we state it more >> >> >> qualitatively, like "The logo may be resized, provided it remains >> >> >> legible, but may not be otherwise altered". >> >> >> >> >> >> >> >> >> >> >> 2. The image must be linked to one of: >> >> >> >> >> >> >> >> >> >> This should probably be wored as "The image must be directly linked to >> >> >> one of..." I don't think we want to allow use of the logo in cases >> >> >> where it links to a different install program that installs adware and >> >> >> then invokes the real installer. >> >> >> >> >> > >> >> > Agree 100%, unfortunately few downloads websites add adware, tool-bars >> >> > as >> >> > well as malicious software. >> >> > You might want to explicitely state that the download page can't be >> >> > wrapped, though. >> >> > >> >> >> >> To be precise: if someone "wraps" the download, then they are not >> >> eligible for this "Get it here!" program that would give automatic >> >> permission to use this specific logo. But if they have a good reason >> >> for wrapping, then they are free to do that in two ways; >> >> >> >> 1) By not using the AOO logos >> >> >> >> or >> >> >> >> 2) By requesting explicit permission to use the AOO logos. We would >> >> evaluate these requests on a case-by-case basis, just as we do now for >> >> all requests. >> >> >> >> >> >> So the point of the logo program is not to define absolute >> >> prohibitions. The idea is just to carve out an area that we are >> >> comfortable allowing the use of the logo without any further review by >> >> the PMC. IMHO this should include restrictions that prevent the most >> >> common abuses that we are aware of. But this is not an absolute >> >> prohibition. It just means if you want to do something outside of >> >> this particular promotion program you need to take the longer path of >> >> asking explicit permission. >> > >> > >> > Hi, >> > >> > Yes, I understand the details of what we are talking about, thanks. >> > >> > First - To my thinking there is really only one issue - do they deliver >> > an unaltered copy of the official binary release package? >> > >> >> If I put up a website that uses the "Get it Here!" logo, and that >> button links to a custom installer.exe program that first downloads >> and installs malware, and then invokes the real AOO installer, then I >> don't think that should be covered. Do you? > > No I do no think it is acceptable to use the Apache OpenOffice brand to > distribute malware. >
Good. >> >> The fact that it eventually "delivers" an unaltered copy of AOO is >> nice, but the fact that our logo is used to entice users to install >> malware should be a concern to this PMC. >> >> Do you really disagree with this? > > of course not. > Good. So I think we're in agreement that activating the link for the "get it here" logo should trigger an unmodified AOO install. I think "directly link" is a good way to express it. If I understand your point, it is that the unmodified version could exist anywhere, not just on our download site. I agree. bits are bits. Where they live is not our concern. >> >> > If yes, they are in compliance and how they do so is of no concern to >> > us. >> > >> >> Compliance is whatever we define it to be, > > Yup you have the legal right to put it anyway you want.. > >> >> > If no, then they are not in compliance and we should ask them to change >> > or stop.ok, well actually I disagree with some of where Rob is heading >> > with this > > I suppose it is really my fault for being so imprecise - as long as they > are distributing the official binary release and not including malware > as part of the process then it is none of our concern the technique they > use to deliver that file - meaning, I don't care if they link to the > website, directly to SF or dish up a copy from their own server - if all > they are delivering is the official binary (clean) it's up to them as to > which way they want to go. > OK. That seems right to me. My point with "directly link" was to disallow the link from going to an intermediate "installer.exe" that was executed first and then invoked the AOO installer. Of course their are benign download accelerators, etc., that a website might stick in there as well. However, you sometimes see spyware pretending to be a download accelerator. > HOWEVER , I specifically said it was a general case philosophy, not the > answer for the current decision under consideration. > >> > >> > However that is for the most general case. >> > >> > In this specific case, an expedited, no request required use, I agree >> > that one adds conditions. >> > >> > My only real concern here is that these conditions should be kept to an >> > absolute bare minimum. The vast majority of folks who will do this are >> > honest agents and they will try to comply, for those who would do >> > something a bit nefarious they won't care what we write. >> > >> > So - I would just stick with: >> > >> > They must acknowledge (disclose) the trademark owner (ASF) on their >> > site. >> > >> >> The fact that they link directly to the download site is sufficient >> acknowledgement. Otherwise we're making it harder for them to use the >> logo. > > Ok > >> >> > I would just give one link and say this is what you use: >> > http://www.openoffice.org/download/ >> > >> >> That approach is not very NL friendly since it takes them to an >> English only page. > > See Kay's last remark - and IIRC you where all hot to force the NL sites > to use the main download page..so I'm a tad confused here. > My main concern was for them to use the same mirror network. Using the same page was one way. In any case, if we did have, say, an Italian translation of the logo, it would make sense (I think) for that button to link to http://it.openoffice.org That page then links to the correct download, and probably gives the better user experience for the visitor. >> >> Do have a specific concern with allowing links to the NL home pages? > > No. But for an image that says 'get it here' I think it should point to > the download page. > In principle I agree, with further observation that we currently have some NL download pages as well. Also, as the website translation strategy evolves and gets implemented, we would adapt the "get it here!" rules. >> >> > Finally, I would insist that the actual link be tied to the graphic - if >> > you fly the graphic then clicking on the image must take you to that >> > address - i.e Get it Here! >> > >> >> OK. I already had that as a requirement. > >> > end of requirements. >> > >> >> So what are your specific concerns about: >> >> 1) Not allowing the image to be altered? That is a standard >> restriction. What's the issue? > > Sure add that bit then, you might as well say that they can not crop it > either as it was designed to offer an acceptable, IMO at least, amount > of white space around the actual text. > OK. >> >> 2) Providing translations on request? Is that really something you >> would not allow? > > I did not say that - rather, by omission, that it is superfluous to > usage requirements. > Agreed. >> >> 3) Again, the question of saying "directly linking" to the download, >> to make it unambiguous that inserting installer.exe's is not covered. > > Well, saying that it must use a specific URL to the download page is > rather the same thing, isn't it? And remember this is a special case we > are talking about. > Hopefully the intent of my saying "directly" is clearer now. >> Remember this is not a hypothetical, but is a current concern that is >> happening today and is harming our users. Why would you not aim to >> cover this very real case? > > Remember the folks that want to do this aren't those folks, those folks > won't give a damn what you put here - but if what you want is to > pre-load the legal gun, then sure come at it that way, get the lawyers > involved and lets write it up in perfect legalize. > I just want to streamline the procedures we already have, while not making a policy that can be read as giving permission to do the things we are actually trying to prevent. Both achieving this goal and having a very short, simple permission statement may not be possible. There will be some minimal complexity. But whatever we do will be much shorter than the current ASF trademark page <g> > Otherwise I would like to make focus on who the target audience, IMO, is > for this specific case - well meaning supports wanting to help by giving > us a link and for them I would make it as simple as possible so as to > maximize the number of folks that add it to the side bar of their blog > or their FOSS recommendation page, that's it. > I think that is the main purpose, yes. > >> The overarching issue, in case it is not clear, is not that we would >> use this program to shut down those sites that are abusing our >> trademarks. That's not the point. The point is we should not define >> a policy so permissive that those sites can use it has a defense >> if/when we do decide to ask them to stop abusing our trademark. We >> don't want our blanket permission to be stated so broadly that it >> covers those actions that we do not condone. >> >> > In the case of the particular use request before us, that site as >> > currently constructed would actually fail those requirements (The logo's >> > used do not link, rather they have a separate download button) - but it >> > would be easy enough for them to come into compliance. (having the >> > download button in addition to the image link would not be an issue) >> > >> > The only other question in my mind is whether to let them have the logo >> > or make them reference the logo from our servers - I've set this type of >> > thing up both ways and don't really have a strong preference. In this >> > specific situation I would lean to the 'we dish up the image' route, >> > only because the branding is in a state of flux and it makes it easy to >> > execute the branding change with minimal fuss on our part down the road. >> > >> >> Infra@ might have an opinion. Generally we don't want "hot" files on >> our website. But the logo is not large. > > Of course - again I said leaning towards and why, if there is a reason > not to then there don't. > >> >> > Anyway - just my thoughts. >> > >> > //drew >> > >> >> >> >> >> >> -Rob >> >> >> >> > Roberto >> >> > >> >> > >> >> >> >> >> >> >> >> >> >> a) the http://www.openoffice.org webpage >> >> >> >> b) one of the official Native Language pages at openoffice.org, >> >> >> >> e.g., >> >> >> >> http://de.openoffice.org >> >> >> >> c) the download page for Apache OpenOffice: >> >> >> >> http://download.openoffice.org or >> >> >> >> http://www.openoffice.org/download/other.html >> >> >> >> >> >> >> >> 3. The logo must not link to a specific download file or mirror. >> >> >> >> This >> >> >> >> causes problems with load balancing and fallbacks and may prevent >> >> >> >> users from getting the latest version of OpenOffice. >> >> >> >> >> >> >> >> 4. Any use Apache-owned logos beyond the above is not covered by >> >> >> >> this >> >> >> >> program an must be explicitly requested from the ASF. >> >> >> > >> >> >> > +1 to the proposal. >> >> >> > >> >> >> > Regards, >> >> >> > Dave >> >> >> > >> >> >> > >> >> >> > >> >> >> >> >> > >> >> > -- >> >> > ==== >> >> > This e- mail message is intended only for the named recipient(s) above. >> >> > It >> >> > may contain confidential and privileged information. If you are not the >> >> > intended recipient you are hereby notified that any dissemination, >> >> > distribution or copying of this e-mail and any attachment(s) is strictly >> >> > prohibited. If you have received this e-mail in error, please >> >> > immediately >> >> > notify the sender by replying to this e-mail and delete the message and >> >> > any >> >> > attachment(s) from your system. Thank you. >> >> > >> >> >> > >> > >> > >
