Re: JSecurity's new name

[Les Hazlewood <lh...@apache.org>]

Hi ASF legal team,

I'm writing this email in hopes of getting your feedback concerning a
discussion we've been having on the JSecurity email list (an Incubator
project).

A few of our mentors have expressed concern that there might be a
possible naming conflict with our project name (JSecurity) and some
other references found through google and other search mechanisms.

I'd like to point out that the JSecurity name, as an open source
project identity has been around for almost 4 years now, with zero
contact from any external entity claiming conflict with a proprietary
name or product.  I know this isn't legal criteria for determining if
there is a name conflict, but I surface it only to put some context of
why the original JSecurity developers (and our well-established
communities) think we should keep the JSecurity name.  There might be
older references to this name, unrelated to our project, but we don't
know for certain if they would constitute a risk in the name overlap.

We'd like some feedback as to if the project name should be changed or not.

Here is what one of our mentors summarized after doing some research:

<snip>
Now, looking a bit forward on google, here are some other references
to JSecurity :

http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm>
"WIC GLOBAL has developed a comprehensive Information Security
Assessment service called JSecurity. Our JSecurity experts will
conduct a full information security risk assessment focusing on:"

http://www.juniper.net/security/ <http://www.juniper.net/security/>
Seems like they have a service called  J-Security. Be sure that
Juniper has a legal service who might perfectly well send some nicely
written "cease and desist" letter to the ASF about this name. Not sure
that our legals want to deal with that ...

http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
<http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
Another JSecurity... Seems to be around since 2/11/2005 (at least)

http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
<http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
This company has a product named JSecurity. Since when ?

As much as I like the JSecurity name, I also think that we are un
potential jeopardy if we don't change its name. That's the main issue
we have : we can't afford any kind of legal action when we already
know that there are company out there which already use this name.

Anyway, I can be wrong, I'm just trying to gather as much information
as possible. When you guys think you have set your mind about this
name, you will have to go to legal@apache.org
<ma...@apache.org> with the selected name (be it JSecurity or
any other) to double check that it's ok or not (IFAIK). That is one of
the condition to exit from the incubator :
"Check of project name for trademark issues "
(http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
<http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).

</snip>

Thanks for your review and feedback!

Best,

Les

On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lh...@apache.org> wrote:
> Adam,
>
> Thanks _very_ much for such a detailed and thoughtful opinion.  I love
> to see people who aren't necessarily code contributors contribute to
> the project in other ways.  This is very valuable to us.
>
> I am in total agreement with your sentiments thus far.  It is my
> opinion that the name we have is great as it is and I'd only like to
> change the name if someone from legal puts pressure on us to do so.
> IANAL, so I'd have to trust their judgment.  I'm going to post this to
> legal in just a few minutes asking their feedback.  I'd like to hear
> what they say regardless of what we end up doing - I'm genuinely
> curious :)
>
> Thanks again very much for chiming in.  Its nice to see that you (and
> others) are taking continued interest in the project.
>
> Best regards,
>
> Les
>
> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>
>> Hi,
>>
>> I'm not really a contributor to the JSecurity project yet (though I hope to
>> be in the future).  However, this thread has caught my attention, and so I
>> thought I'd give a couple of thoughts.
>>
>> I have an interest, call it a hobby, in name related issues for software
>> projects, open source included.  So, though I don't speak from any official
>> background (I guess beyond a little professional), I would like to point out
>> a few things about the name Alcatraz.
>>
>> First, as I believe has been mentioned, the term Alcatraz has been
>> associated with other software products already.  So, this is bad news with
>> regards to trademark related issues.  Just because its a geographic location
>> doesn't mean that it can't be trademarked.  Thus, likely these other
>> software products are going to have problems with any related use of the
>> term Alcatraz.
>>
>> Second, the connotation for JSecurity implies that the product is used to
>> keep people out of the protected system.  This is what the term "security"
>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep people out,
>> it was meant to keep people in.  The use is only quasi-related, and even
>> confusing, for a product with your feature set.  Alcatraz software would be
>> a better name for a product which keeps workstation/network users
>> constrained in their internet use, like a firewall, or a web proxy, for
>> example.  Or a child internet monitoring product.
>>
>> Don't underestimate the importance of this point.  The name of a software
>> should ideally be somewhat self describing, especially when starting out.
>> Until the name becomes a core brand, having a self describing name can make
>> a big difference.
>>
>> Third, I don't think you can underestimate how important it is that people
>> can search the name of your product and find it through Google (and
>> friends).  Clearly the term Alcatraz has a huge number of unrelated hits,
>> and you would clearly be lost any search engine placement with the name.
>> Much better to have a name for your software that is the only known
>> reference so that people can easily find you after having hear the name.
>> This is why so many companies go crazy and conjure completely strange and
>> nonsensical product names.
>>
>> Fourth, Alcatraz is a relatively difficult name to spell, which again
>> becomes problematic for the above search recognition reasons.  Alkitraz?
>> Some people simply won't know how to spell it immediately (though this is a
>> minor point, admittedly).
>>
>> Fifth, it seems like you're making preparations for something that you don't
>> even know to be a problem.  Yes, the Apache legal team should be consulted.
>> However, it seems like jumping the gun to just start changing package names
>> with anticipation of a name change.  You would be crazy to start renaming
>> packages based on some unknown possibility that it has to happen in the
>> future.  What value does this add to the software?
>>
>> Following the sigma-six and/or extreme programming world view, you shouldn't
>> be making any change to your software until the change is actually required
>> and value is added.  Do you have a pending lawsuit?  Has the Apache council
>> suggested the change?  Are you being blocked by the incubation process?  Why
>> even consider a change until it needs to be done.  Energy could be better
>> spent on other matters.
>>
>> Yes, it's a trivial thing to refactor a project from Eclipse.  But, that's
>> only a very small part of the bigger issue.  Disruption, confusion, support,
>> search engine optimization, etc. are what needs to be thought about when
>> changing the name.
>>
>> Further, what if you decide to change the name to Alcatraz, and then get
>> pressure from another software group?  Ouch, time to rename the project yet
>> again.
>>
>> I think you all are better just letting this thing ride until something real
>> convicting suggests you need a change.  JSecurity is a great product name
>> which you should stick with until otherwise needed.  And, if that day comes,
>> Alcatraz is just simply the wrong name, in my humble opinion, for all the
>> reasons mentioned above.
>>
>> Thanks,
>>
>> Adam
>>
>>
>>
>>
>>
>> Emmanuel Lecharny wrote:
>>>
>>> Alan D. Cabrera wrote:
>>>>
>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>
>>>>> Alan D. Cabrera wrote:
>>>>>>
>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>
>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>> <el...@gmail.com> wrote:
>>>>>>>
>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names we
>>>>>>>> have googled
>>>>>>>> too.
>>>>>>>
>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>> legal-discuss.  But, I can't easily find the thread with the googled
>>>>>>> names.  Could you please forward them on so I can post them to the
>>>>>>> legal team?
>>>>>>
>>>>>> Let me suggest this.  It seems to me that that alcatraz is the clear
>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0 packages
>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the
>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>> Well, I think then it's better to stick with JSecurity (because it's
>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>> needed (or any other name).
>>>>>
>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name
>>>>> (with all the infos we have already found about it), and also ask
>>>>> them in the same mail if Alcatraz is ok or not (same here : add some
>>>>> more infos related to this name, assuming that being a geographical
>>>>> location, it should not be such a problem).
>>>>
>>>> Legal is not a clearing house for project names.  They can only give
>>>> advice if there's a potential conflict, i.e. JSecurity.  So far as I
>>>> can tell, there is none for alcatraz.
>>>>
>>>> What I'm worried about is that the vetting effort for the JSecurity
>>>> name will have the same track record as the v0.9 release.  If we start
>>>> with alcatraz then we have one less thing impeding our incubation
>>>> process.
>>> Let's start with Alcratraz then, and we have quit some time to do some
>>> vetting before 1.0 (hopefully when the project exits from incubator).
>>>
>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>
>>>
>>> --
>>> --
>>> cordialement, regards,
>>> Emmanuel Lécharny
>>> www.iktek.com
>>> directory.apache.org
>>>
>>>
>>>
>>>
>>
>> --
>> View this message in context: http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>> Sent from the JSecurity Developer mailing list archive at Nabble.com.
>>
>>
>

Re: JSecurity's new name

["William A. Rowe, Jr." <wr...@rowe-clan.net>]

Moin Ayazifar wrote:
> Dear Friends,
> 
> Although Jsecurity is the best name, but in the case of changing the
> name it's not worthless to have look at:
> http://www.bchealth.com/services/birthcenter/nativeambabynames.shtml
> I found "Jacy" among native American names it means "the moon".
> does anybody has idea about it?

Yes.  Although the concordance between the Apache Tribes, the N-G airframe,
the a-patch-y server and other meanings is interesting, the foundation
resolved to not choose Native American names.  Indonesian island names
are also growing old.



---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only.  Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF.  See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: JSecurity's new name

["William A. Rowe, Jr." <wr...@rowe-clan.net>]

Moin Ayazifar wrote:
> Dear Friends,
> 
> Although Jsecurity is the best name, but in the case of changing the
> name it's not worthless to have look at:
> http://www.bchealth.com/services/birthcenter/nativeambabynames.shtml
> I found "Jacy" among native American names it means "the moon".
> does anybody has idea about it?

Yes.  Although the concordance between the Apache Tribes, the N-G airframe,
the a-patch-y server and other meanings is interesting, the foundation
resolved to not choose Native American names.  Indonesian island names
are also growing old.

Re: JSecurity's new name

[Moin Ayazifar <mo...@gmail.com>]

Dear Friends,

Although Jsecurity is the best name, but in the case of changing the
name it's not worthless to have look at:
http://www.bchealth.com/services/birthcenter/nativeambabynames.shtml
I found "Jacy" among native American names it means "the moon".
does anybody has idea about it?

On Tue, Dec 2, 2008 at 4:06 PM, Henri Yandell <ba...@apache.org> wrote:
> Given that it's a name you've been using for 4 years, and it's very
> generic [jXxx being a common pattern in our space and Security being
> very generic]; I'm inclined to keep the current name; though by the
> same reasoning, it's a weak name as "Apache JSecurity" isn't very good
> branding.
>
> My tuppence of opinion.
>
> Hen
>
> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org> wrote:
>> Hi ASF legal team,
>>
>> I'm writing this email in hopes of getting your feedback concerning a
>> discussion we've been having on the JSecurity email list (an Incubator
>> project).
>>
>> A few of our mentors have expressed concern that there might be a
>> possible naming conflict with our project name (JSecurity) and some
>> other references found through google and other search mechanisms.
>>
>> I'd like to point out that the JSecurity name, as an open source
>> project identity has been around for almost 4 years now, with zero
>> contact from any external entity claiming conflict with a proprietary
>> name or product.  I know this isn't legal criteria for determining if
>> there is a name conflict, but I surface it only to put some context of
>> why the original JSecurity developers (and our well-established
>> communities) think we should keep the JSecurity name.  There might be
>> older references to this name, unrelated to our project, but we don't
>> know for certain if they would constitute a risk in the name overlap.
>>
>> We'd like some feedback as to if the project name should be changed or not.
>>
>> Here is what one of our mentors summarized after doing some research:
>>
>> <snip>
>> Now, looking a bit forward on google, here are some other references
>> to JSecurity :
>>
>> http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm>
>> "WIC GLOBAL has developed a comprehensive Information Security
>> Assessment service called JSecurity. Our JSecurity experts will
>> conduct a full information security risk assessment focusing on:"
>>
>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>> Seems like they have a service called  J-Security. Be sure that
>> Juniper has a legal service who might perfectly well send some nicely
>> written "cease and desist" letter to the ASF about this name. Not sure
>> that our legals want to deal with that ...
>>
>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>
>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
>> This company has a product named JSecurity. Since when ?
>>
>> As much as I like the JSecurity name, I also think that we are un
>> potential jeopardy if we don't change its name. That's the main issue
>> we have : we can't afford any kind of legal action when we already
>> know that there are company out there which already use this name.
>>
>> Anyway, I can be wrong, I'm just trying to gather as much information
>> as possible. When you guys think you have set your mind about this
>> name, you will have to go to legal@apache.org
>> <ma...@apache.org> with the selected name (be it JSecurity or
>> any other) to double check that it's ok or not (IFAIK). That is one of
>> the condition to exit from the incubator :
>> "Check of project name for trademark issues "
>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>>
>> </snip>
>>
>> Thanks for your review and feedback!
>>
>> Best,
>>
>> Les
>>
>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lh...@apache.org> wrote:
>>> Adam,
>>>
>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I love
>>> to see people who aren't necessarily code contributors contribute to
>>> the project in other ways.  This is very valuable to us.
>>>
>>> I am in total agreement with your sentiments thus far.  It is my
>>> opinion that the name we have is great as it is and I'd only like to
>>> change the name if someone from legal puts pressure on us to do so.
>>> IANAL, so I'd have to trust their judgment.  I'm going to post this to
>>> legal in just a few minutes asking their feedback.  I'd like to hear
>>> what they say regardless of what we end up doing - I'm genuinely
>>> curious :)
>>>
>>> Thanks again very much for chiming in.  Its nice to see that you (and
>>> others) are taking continued interest in the project.
>>>
>>> Best regards,
>>>
>>> Les
>>>
>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>>
>>>> Hi,
>>>>
>>>> I'm not really a contributor to the JSecurity project yet (though I hope to
>>>> be in the future).  However, this thread has caught my attention, and so I
>>>> thought I'd give a couple of thoughts.
>>>>
>>>> I have an interest, call it a hobby, in name related issues for software
>>>> projects, open source included.  So, though I don't speak from any official
>>>> background (I guess beyond a little professional), I would like to point out
>>>> a few things about the name Alcatraz.
>>>>
>>>> First, as I believe has been mentioned, the term Alcatraz has been
>>>> associated with other software products already.  So, this is bad news with
>>>> regards to trademark related issues.  Just because its a geographic location
>>>> doesn't mean that it can't be trademarked.  Thus, likely these other
>>>> software products are going to have problems with any related use of the
>>>> term Alcatraz.
>>>>
>>>> Second, the connotation for JSecurity implies that the product is used to
>>>> keep people out of the protected system.  This is what the term "security"
>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep people out,
>>>> it was meant to keep people in.  The use is only quasi-related, and even
>>>> confusing, for a product with your feature set.  Alcatraz software would be
>>>> a better name for a product which keeps workstation/network users
>>>> constrained in their internet use, like a firewall, or a web proxy, for
>>>> example.  Or a child internet monitoring product.
>>>>
>>>> Don't underestimate the importance of this point.  The name of a software
>>>> should ideally be somewhat self describing, especially when starting out.
>>>> Until the name becomes a core brand, having a self describing name can make
>>>> a big difference.
>>>>
>>>> Third, I don't think you can underestimate how important it is that people
>>>> can search the name of your product and find it through Google (and
>>>> friends).  Clearly the term Alcatraz has a huge number of unrelated hits,
>>>> and you would clearly be lost any search engine placement with the name.
>>>> Much better to have a name for your software that is the only known
>>>> reference so that people can easily find you after having hear the name.
>>>> This is why so many companies go crazy and conjure completely strange and
>>>> nonsensical product names.
>>>>
>>>> Fourth, Alcatraz is a relatively difficult name to spell, which again
>>>> becomes problematic for the above search recognition reasons.  Alkitraz?
>>>> Some people simply won't know how to spell it immediately (though this is a
>>>> minor point, admittedly).
>>>>
>>>> Fifth, it seems like you're making preparations for something that you don't
>>>> even know to be a problem.  Yes, the Apache legal team should be consulted.
>>>> However, it seems like jumping the gun to just start changing package names
>>>> with anticipation of a name change.  You would be crazy to start renaming
>>>> packages based on some unknown possibility that it has to happen in the
>>>> future.  What value does this add to the software?
>>>>
>>>> Following the sigma-six and/or extreme programming world view, you shouldn't
>>>> be making any change to your software until the change is actually required
>>>> and value is added.  Do you have a pending lawsuit?  Has the Apache council
>>>> suggested the change?  Are you being blocked by the incubation process?  Why
>>>> even consider a change until it needs to be done.  Energy could be better
>>>> spent on other matters.
>>>>
>>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But, that's
>>>> only a very small part of the bigger issue.  Disruption, confusion, support,
>>>> search engine optimization, etc. are what needs to be thought about when
>>>> changing the name.
>>>>
>>>> Further, what if you decide to change the name to Alcatraz, and then get
>>>> pressure from another software group?  Ouch, time to rename the project yet
>>>> again.
>>>>
>>>> I think you all are better just letting this thing ride until something real
>>>> convicting suggests you need a change.  JSecurity is a great product name
>>>> which you should stick with until otherwise needed.  And, if that day comes,
>>>> Alcatraz is just simply the wrong name, in my humble opinion, for all the
>>>> reasons mentioned above.
>>>>
>>>> Thanks,
>>>>
>>>> Adam
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Emmanuel Lecharny wrote:
>>>>>
>>>>> Alan D. Cabrera wrote:
>>>>>>
>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>
>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>
>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>
>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names we
>>>>>>>>>> have googled
>>>>>>>>>> too.
>>>>>>>>>
>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the googled
>>>>>>>>> names.  Could you please forward them on so I can post them to the
>>>>>>>>> legal team?
>>>>>>>>
>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the clear
>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0 packages
>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the
>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>> Well, I think then it's better to stick with JSecurity (because it's
>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>>> needed (or any other name).
>>>>>>>
>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name
>>>>>>> (with all the infos we have already found about it), and also ask
>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add some
>>>>>>> more infos related to this name, assuming that being a geographical
>>>>>>> location, it should not be such a problem).
>>>>>>
>>>>>> Legal is not a clearing house for project names.  They can only give
>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far as I
>>>>>> can tell, there is none for alcatraz.
>>>>>>
>>>>>> What I'm worried about is that the vetting effort for the JSecurity
>>>>>> name will have the same track record as the v0.9 release.  If we start
>>>>>> with alcatraz then we have one less thing impeding our incubation
>>>>>> process.
>>>>> Let's start with Alcratraz then, and we have quit some time to do some
>>>>> vetting before 1.0 (hopefully when the project exits from incubator).
>>>>>
>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>
>>>>>
>>>>> --
>>>>> --
>>>>> cordialement, regards,
>>>>> Emmanuel Lécharny
>>>>> www.iktek.com
>>>>> directory.apache.org
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>> View this message in context: http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>> Sent from the JSecurity Developer mailing list archive at Nabble.com.
>>>>
>>>>
>>>
>>
>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

The 7 day time frame has passed.  This vote is closed.  The final result:

3 +1 binding votes, 1 -1 binding vote.

The vote summary is as follows:

+1 votes for changing the name:

Alan Cabrera (mentor, binding)
Alex Karasulu (mentor, binding)
Emmanuel Lecharny (mentor, binding)

-1 votes for changing the name:

Craig Russell (mentor, binding)
Tim Veil (team member, non-binding)
Jeremy Haile (team member, non-binding)
Les Hazlewood (team member, non-binding)
Peter Ledbrook (team member, non-binding)
Alan Ditzel (team member, non-binding)
Niklas Guvstavsson (non-binding)
Joshua Partogi (non-binding)

On Sat, Jan 10, 2009 at 8:07 PM, Allan Ditzel <al...@gmail.com> wrote:
> [ X ] -1 Do not change JSecurity's name
>
> That's my non-binding vote for the time being. :)
>
> On Sat, Jan 10, 2009 at 8:00 PM, Les Hazlewood <lh...@apache.org>wrote:
>
>> -1 to changing the name at this time.
>>
>> I know my vote isn't binding, but I just want a record of it. At the
>> moment, I think any potential causes of conflict, given that there are
>> NO trademark or patent conflicts, are dubious at best.
>>
>> Cheers,
>>
>> Les
>>
>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Cr...@sun.com>
>> wrote:
>> > any more...
>> >
>> > ok, former board member. ;-)
>> >
>> > Craig
>> >
>> > On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>> >
>> >> I'm not a board member. :)
>> >>
>> >> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com
>> >
>> >> wrote:
>> >>>
>> >>> -1 Do not change JSecurity's name
>> >>>
>> >>> We had the discussion in early December on the legal mailing list and
>> no
>> >>> issues were raised contrary to Henri's comments. Henri is the only
>> board
>> >>> member who commented on the JSecurity name during the discussion.
>> >>>
>> >>> We will have at least three more votes where additional issues
>> regarding
>> >>> the
>> >>> name can be brought up:
>> >>>
>> >>> 1. The first release of JSecurity code from the incubator.
>> >>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>> >>> 3. The acceptance of JSecurity by the Apache board after the incubator
>> >>> votes.
>> >>>
>> >>> Craig
>> >>>
>> >>>
>> >>> Dear JSecurity Team,
>> >>>
>> >>> There has been lengthy debate without consensus as to whether or
>> >>> JSecurity's
>> >>> name should be changed to something else.  So, there is need for a
>> vote.
>> >>>
>> >>> Please vote on changing JSecurity's name to something else.  This is
>> ONLY
>> >>> a
>> >>> vote of if we should change the name, NOT what any alternate name might
>> >>> be.
>> >>> I'd like to leave this vote open for 7 days instead of the usual 3 to
>> >>> account for time that people may not be able to respond due to the
>> >>> holidays.  Of course we can close the vote early if all binding votes
>> are
>> >>> accounted for prior to the 7 day limit.
>> >>>
>> >>> The vote is open for the next 7 days and only votes from the JSecurity
>> >>> development team are binding.
>> >>>
>> >>> [ ] +1 Change JSecurity's name
>> >>> [ ] -1 Do not change JSecurity's name
>> >>>
>> >>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>> >>>
>> >>>> Given that it's a name you've been using for 4 years, and it's very
>> >>>> generic [jXxx being a common pattern in our space and Security being
>> >>>> very generic]; I'm inclined to keep the current name; though by the
>> >>>> same reasoning, it's a weak name as "Apache JSecurity" isn't very good
>> >>>> branding.
>> >>>>
>> >>>> My tuppence of opinion.
>> >>>>
>> >>>> Hen
>> >>>>
>> >>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org>
>> >>>> wrote:
>> >>>>>
>> >>>>> Hi ASF legal team,
>> >>>>>
>> >>>>> I'm writing this email in hopes of getting your feedback concerning a
>> >>>>> discussion we've been having on the JSecurity email list (an
>> Incubator
>> >>>>> project).
>> >>>>>
>> >>>>> A few of our mentors have expressed concern that there might be a
>> >>>>> possible naming conflict with our project name (JSecurity) and some
>> >>>>> other references found through google and other search mechanisms.
>> >>>>>
>> >>>>> I'd like to point out that the JSecurity name, as an open source
>> >>>>> project identity has been around for almost 4 years now, with zero
>> >>>>> contact from any external entity claiming conflict with a proprietary
>> >>>>> name or product.  I know this isn't legal criteria for determining if
>> >>>>> there is a name conflict, but I surface it only to put some context
>> of
>> >>>>> why the original JSecurity developers (and our well-established
>> >>>>> communities) think we should keep the JSecurity name.  There might be
>> >>>>> older references to this name, unrelated to our project, but we don't
>> >>>>> know for certain if they would constitute a risk in the name overlap.
>> >>>>>
>> >>>>> We'd like some feedback as to if the project name should be changed
>> or
>> >>>>> not.
>> >>>>>
>> >>>>> Here is what one of our mentors summarized after doing some research:
>> >>>>>
>> >>>>> <snip>
>> >>>>> Now, looking a bit forward on google, here are some other references
>> >>>>> to JSecurity :
>> >>>>>
>> >>>>> http://jwicglobal.com/Knowledge.htm
>> >>>>> <http://jwicglobal.com/Knowledge.htm>
>> >>>>> "WIC GLOBAL has developed a comprehensive Information Security
>> >>>>> Assessment service called JSecurity. Our JSecurity experts will
>> >>>>> conduct a full information security risk assessment focusing on:"
>> >>>>>
>> >>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>> >>>>> Seems like they have a service called  J-Security. Be sure that
>> >>>>> Juniper has a legal service who might perfectly well send some nicely
>> >>>>> written "cease and desist" letter to the ASF about this name. Not
>> sure
>> >>>>> that our legals want to deal with that ...
>> >>>>>
>> >>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>> >>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>> >
>> >>>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>> >>>>>
>> >>>>>
>> >>>>> <
>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>> >
>> >>>>> This company has a product named JSecurity. Since when ?
>> >>>>>
>> >>>>> As much as I like the JSecurity name, I also think that we are un
>> >>>>> potential jeopardy if we don't change its name. That's the main issue
>> >>>>> we have : we can't afford any kind of legal action when we already
>> >>>>> know that there are company out there which already use this name.
>> >>>>>
>> >>>>> Anyway, I can be wrong, I'm just trying to gather as much information
>> >>>>> as possible. When you guys think you have set your mind about this
>> >>>>> name, you will have to go to legal@apache.org
>> >>>>> <ma...@apache.org> with the selected name (be it JSecurity or
>> >>>>> any other) to double check that it's ok or not (IFAIK). That is one
>> of
>> >>>>> the condition to exit from the incubator :
>> >>>>> "Check of project name for trademark issues "
>> >>>>>
>> >>>>>
>> >>>>> (
>> http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>> >>>>>
>> >>>>>
>> >>>>> <
>> http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>> >).
>> >>>>>
>> >>>>> </snip>
>> >>>>>
>> >>>>> Thanks for your review and feedback!
>> >>>>>
>> >>>>> Best,
>> >>>>>
>> >>>>> Les
>> >>>>>
>> >>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <
>> lhazlewood@apache.org>
>> >>>>> wrote:
>> >>>>>>
>> >>>>>> Adam,
>> >>>>>>
>> >>>>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I
>> love
>> >>>>>> to see people who aren't necessarily code contributors contribute to
>> >>>>>> the project in other ways.  This is very valuable to us.
>> >>>>>>
>> >>>>>> I am in total agreement with your sentiments thus far.  It is my
>> >>>>>> opinion that the name we have is great as it is and I'd only like to
>> >>>>>> change the name if someone from legal puts pressure on us to do so.
>> >>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post this
>> to
>> >>>>>> legal in just a few minutes asking their feedback.  I'd like to hear
>> >>>>>> what they say regardless of what we end up doing - I'm genuinely
>> >>>>>> curious :)
>> >>>>>>
>> >>>>>> Thanks again very much for chiming in.  Its nice to see that you
>> (and
>> >>>>>> others) are taking continued interest in the project.
>> >>>>>>
>> >>>>>> Best regards,
>> >>>>>>
>> >>>>>> Les
>> >>>>>>
>> >>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>> >>>>>>>
>> >>>>>>> Hi,
>> >>>>>>>
>> >>>>>>> I'm not really a contributor to the JSecurity project yet (though I
>> >>>>>>> hope to
>> >>>>>>> be in the future).  However, this thread has caught my attention,
>> and
>> >>>>>>> so I
>> >>>>>>> thought I'd give a couple of thoughts.
>> >>>>>>>
>> >>>>>>> I have an interest, call it a hobby, in name related issues for
>> >>>>>>> software
>> >>>>>>> projects, open source included.  So, though I don't speak from any
>> >>>>>>> official
>> >>>>>>> background (I guess beyond a little professional), I would like to
>> >>>>>>> point out
>> >>>>>>> a few things about the name Alcatraz.
>> >>>>>>>
>> >>>>>>> First, as I believe has been mentioned, the term Alcatraz has been
>> >>>>>>> associated with other software products already.  So, this is bad
>> >>>>>>> news
>> >>>>>>> with
>> >>>>>>> regards to trademark related issues.  Just because its a geographic
>> >>>>>>> location
>> >>>>>>> doesn't mean that it can't be trademarked.  Thus, likely these
>> other
>> >>>>>>> software products are going to have problems with any related use
>> of
>> >>>>>>> the
>> >>>>>>> term Alcatraz.
>> >>>>>>>
>> >>>>>>> Second, the connotation for JSecurity implies that the product is
>> >>>>>>> used
>> >>>>>>> to
>> >>>>>>> keep people out of the protected system.  This is what the term
>> >>>>>>> "security"
>> >>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep
>> >>>>>>> people
>> >>>>>>> out,
>> >>>>>>> it was meant to keep people in.  The use is only quasi-related, and
>> >>>>>>> even
>> >>>>>>> confusing, for a product with your feature set.  Alcatraz software
>> >>>>>>> would be
>> >>>>>>> a better name for a product which keeps workstation/network users
>> >>>>>>> constrained in their internet use, like a firewall, or a web proxy,
>> >>>>>>> for
>> >>>>>>> example.  Or a child internet monitoring product.
>> >>>>>>>
>> >>>>>>> Don't underestimate the importance of this point.  The name of a
>> >>>>>>> software
>> >>>>>>> should ideally be somewhat self describing, especially when
>> starting
>> >>>>>>> out.
>> >>>>>>> Until the name becomes a core brand, having a self describing name
>> >>>>>>> can
>> >>>>>>> make
>> >>>>>>> a big difference.
>> >>>>>>>
>> >>>>>>> Third, I don't think you can underestimate how important it is that
>> >>>>>>> people
>> >>>>>>> can search the name of your product and find it through Google (and
>> >>>>>>> friends).  Clearly the term Alcatraz has a huge number of unrelated
>> >>>>>>> hits,
>> >>>>>>> and you would clearly be lost any search engine placement with the
>> >>>>>>> name.
>> >>>>>>> Much better to have a name for your software that is the only known
>> >>>>>>> reference so that people can easily find you after having hear the
>> >>>>>>> name.
>> >>>>>>> This is why so many companies go crazy and conjure completely
>> strange
>> >>>>>>> and
>> >>>>>>> nonsensical product names.
>> >>>>>>>
>> >>>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which
>> again
>> >>>>>>> becomes problematic for the above search recognition reasons.
>> >>>>>>> Alkitraz?
>> >>>>>>> Some people simply won't know how to spell it immediately (though
>> >>>>>>> this
>> >>>>>>> is a
>> >>>>>>> minor point, admittedly).
>> >>>>>>>
>> >>>>>>> Fifth, it seems like you're making preparations for something that
>> >>>>>>> you
>> >>>>>>> don't
>> >>>>>>> even know to be a problem.  Yes, the Apache legal team should be
>> >>>>>>> consulted.
>> >>>>>>> However, it seems like jumping the gun to just start changing
>> package
>> >>>>>>> names
>> >>>>>>> with anticipation of a name change.  You would be crazy to start
>> >>>>>>> renaming
>> >>>>>>> packages based on some unknown possibility that it has to happen in
>> >>>>>>> the
>> >>>>>>> future.  What value does this add to the software?
>> >>>>>>>
>> >>>>>>> Following the sigma-six and/or extreme programming world view, you
>> >>>>>>> shouldn't
>> >>>>>>> be making any change to your software until the change is actually
>> >>>>>>> required
>> >>>>>>> and value is added.  Do you have a pending lawsuit?  Has the Apache
>> >>>>>>> council
>> >>>>>>> suggested the change?  Are you being blocked by the incubation
>> >>>>>>> process?
>> >>>>>>> Why
>> >>>>>>> even consider a change until it needs to be done.  Energy could be
>> >>>>>>> better
>> >>>>>>> spent on other matters.
>> >>>>>>>
>> >>>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But,
>> >>>>>>> that's
>> >>>>>>> only a very small part of the bigger issue.  Disruption, confusion,
>> >>>>>>> support,
>> >>>>>>> search engine optimization, etc. are what needs to be thought about
>> >>>>>>> when
>> >>>>>>> changing the name.
>> >>>>>>>
>> >>>>>>> Further, what if you decide to change the name to Alcatraz, and
>> then
>> >>>>>>> get
>> >>>>>>> pressure from another software group?  Ouch, time to rename the
>> >>>>>>> project
>> >>>>>>> yet
>> >>>>>>> again.
>> >>>>>>>
>> >>>>>>> I think you all are better just letting this thing ride until
>> >>>>>>> something
>> >>>>>>> real
>> >>>>>>> convicting suggests you need a change.  JSecurity is a great
>> product
>> >>>>>>> name
>> >>>>>>> which you should stick with until otherwise needed.  And, if that
>> day
>> >>>>>>> comes,
>> >>>>>>> Alcatraz is just simply the wrong name, in my humble opinion, for
>> all
>> >>>>>>> the
>> >>>>>>> reasons mentioned above.
>> >>>>>>>
>> >>>>>>> Thanks,
>> >>>>>>>
>> >>>>>>> Adam
>> >>>>>>>
>> >>>>>>>
>> >>>>>>>
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> Emmanuel Lecharny wrote:
>> >>>>>>>>
>> >>>>>>>> Alan D. Cabrera wrote:
>> >>>>>>>>>
>> >>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>> >>>>>>>>>
>> >>>>>>>>>> Alan D. Cabrera wrote:
>> >>>>>>>>>>>
>> >>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>> >>>>>>>>>>>
>> >>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>> >>>>>>>>>>>> <el...@gmail.com> wrote:
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names
>> we
>> >>>>>>>>>>>>> have googled
>> >>>>>>>>>>>>> too.
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>> >>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
>> >>>>>>>>>>>> googled
>> >>>>>>>>>>>> names.  Could you please forward them on so I can post them to
>> >>>>>>>>>>>> the
>> >>>>>>>>>>>> legal team?
>> >>>>>>>>>>>
>> >>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the
>> >>>>>>>>>>> clear
>> >>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
>> >>>>>>>>>>> packages
>> >>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and
>> the
>> >>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>> >>>>>>>>>>
>> >>>>>>>>>> Well, I think then it's better to stick with JSecurity (because
>> >>>>>>>>>> it's
>> >>>>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>> >>>>>>>>>> needed (or any other name).
>> >>>>>>>>>>
>> >>>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity
>> name
>> >>>>>>>>>> (with all the infos we have already found about it), and also
>> ask
>> >>>>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add
>> >>>>>>>>>> some
>> >>>>>>>>>> more infos related to this name, assuming that being a
>> >>>>>>>>>> geographical
>> >>>>>>>>>> location, it should not be such a problem).
>> >>>>>>>>>
>> >>>>>>>>> Legal is not a clearing house for project names.  They can only
>> >>>>>>>>> give
>> >>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far
>> as
>> >>>>>>>>> I
>> >>>>>>>>> can tell, there is none for alcatraz.
>> >>>>>>>>>
>> >>>>>>>>> What I'm worried about is that the vetting effort for the
>> JSecurity
>> >>>>>>>>> name will have the same track record as the v0.9 release.  If we
>> >>>>>>>>> start
>> >>>>>>>>> with alcatraz then we have one less thing impeding our incubation
>> >>>>>>>>> process.
>> >>>>>>>>
>> >>>>>>>> Let's start with Alcratraz then, and we have quit some time to do
>> >>>>>>>> some
>> >>>>>>>> vetting before 1.0 (hopefully when the project exits from
>> >>>>>>>> incubator).
>> >>>>>>>>
>> >>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>> --
>> >>>>>>>> --
>> >>>>>>>> cordialement, regards,
>> >>>>>>>> Emmanuel Lécharny
>> >>>>>>>> www.iktek.com
>> >>>>>>>> directory.apache.org
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>
>> >>>>>>> --
>> >>>>>>> View this message in context:
>> >>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>> >>>>>>> Sent from the JSecurity Developer mailing list archive at
>> Nabble.com.
>> >>>>>>>
>> >>>>>>>
>> >>>>>>
>> >>>>>
>> >>>>
>> >>>> ---------------------------------------------------------------------
>> >>>> DISCLAIMER: Discussions on this list are informational and educational
>> >>>> only.  Statements made on this list are not privileged, do not
>> >>>> constitute legal advice, and do not necessarily reflect the opinions
>> >>>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
>> >>>> official ASF policies and documents.
>> >>>> ---------------------------------------------------------------------
>> >>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> >>>> For additional commands, e-mail: legal-discuss-help@apache.org
>> >>>>
>> >>>
>> >>> Craig L Russell
>> >>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>> >>> 408 276-5638 mailto:Craig.Russell@sun.com
>> >>> P.S. A good JDO? O, Gasp!
>> >>>
>> >>>
>> >>> ---------------------------------------------------------------------
>> >>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> >>> For additional commands, e-mail: legal-discuss-help@apache.org
>> >>>
>> >>>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> >> For additional commands, e-mail: legal-discuss-help@apache.org
>> >>
>> >
>> > Craig L Russell
>> > Architect, Sun Java Enterprise System http://db.apache.org/jdo
>> > 408 276-5638 mailto:Craig.Russell@sun.com
>> > P.S. A good JDO? O, Gasp!
>> >
>> >
>>
>

Re: [VOTE] Change JSecurity's Name

[Allan Ditzel <al...@gmail.com>]

[ X ] -1 Do not change JSecurity's name

That's my non-binding vote for the time being. :)

On Sat, Jan 10, 2009 at 8:00 PM, Les Hazlewood <lh...@apache.org>wrote:

> -1 to changing the name at this time.
>
> I know my vote isn't binding, but I just want a record of it. At the
> moment, I think any potential causes of conflict, given that there are
> NO trademark or patent conflicts, are dubious at best.
>
> Cheers,
>
> Les
>
> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Cr...@sun.com>
> wrote:
> > any more...
> >
> > ok, former board member. ;-)
> >
> > Craig
> >
> > On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
> >
> >> I'm not a board member. :)
> >>
> >> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com
> >
> >> wrote:
> >>>
> >>> -1 Do not change JSecurity's name
> >>>
> >>> We had the discussion in early December on the legal mailing list and
> no
> >>> issues were raised contrary to Henri's comments. Henri is the only
> board
> >>> member who commented on the JSecurity name during the discussion.
> >>>
> >>> We will have at least three more votes where additional issues
> regarding
> >>> the
> >>> name can be brought up:
> >>>
> >>> 1. The first release of JSecurity code from the incubator.
> >>> 2. The graduation vote of JSecurity taken by the incubator PMC.
> >>> 3. The acceptance of JSecurity by the Apache board after the incubator
> >>> votes.
> >>>
> >>> Craig
> >>>
> >>>
> >>> Dear JSecurity Team,
> >>>
> >>> There has been lengthy debate without consensus as to whether or
> >>> JSecurity's
> >>> name should be changed to something else.  So, there is need for a
> vote.
> >>>
> >>> Please vote on changing JSecurity's name to something else.  This is
> ONLY
> >>> a
> >>> vote of if we should change the name, NOT what any alternate name might
> >>> be.
> >>> I'd like to leave this vote open for 7 days instead of the usual 3 to
> >>> account for time that people may not be able to respond due to the
> >>> holidays.  Of course we can close the vote early if all binding votes
> are
> >>> accounted for prior to the 7 day limit.
> >>>
> >>> The vote is open for the next 7 days and only votes from the JSecurity
> >>> development team are binding.
> >>>
> >>> [ ] +1 Change JSecurity's name
> >>> [ ] -1 Do not change JSecurity's name
> >>>
> >>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
> >>>
> >>>> Given that it's a name you've been using for 4 years, and it's very
> >>>> generic [jXxx being a common pattern in our space and Security being
> >>>> very generic]; I'm inclined to keep the current name; though by the
> >>>> same reasoning, it's a weak name as "Apache JSecurity" isn't very good
> >>>> branding.
> >>>>
> >>>> My tuppence of opinion.
> >>>>
> >>>> Hen
> >>>>
> >>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org>
> >>>> wrote:
> >>>>>
> >>>>> Hi ASF legal team,
> >>>>>
> >>>>> I'm writing this email in hopes of getting your feedback concerning a
> >>>>> discussion we've been having on the JSecurity email list (an
> Incubator
> >>>>> project).
> >>>>>
> >>>>> A few of our mentors have expressed concern that there might be a
> >>>>> possible naming conflict with our project name (JSecurity) and some
> >>>>> other references found through google and other search mechanisms.
> >>>>>
> >>>>> I'd like to point out that the JSecurity name, as an open source
> >>>>> project identity has been around for almost 4 years now, with zero
> >>>>> contact from any external entity claiming conflict with a proprietary
> >>>>> name or product.  I know this isn't legal criteria for determining if
> >>>>> there is a name conflict, but I surface it only to put some context
> of
> >>>>> why the original JSecurity developers (and our well-established
> >>>>> communities) think we should keep the JSecurity name.  There might be
> >>>>> older references to this name, unrelated to our project, but we don't
> >>>>> know for certain if they would constitute a risk in the name overlap.
> >>>>>
> >>>>> We'd like some feedback as to if the project name should be changed
> or
> >>>>> not.
> >>>>>
> >>>>> Here is what one of our mentors summarized after doing some research:
> >>>>>
> >>>>> <snip>
> >>>>> Now, looking a bit forward on google, here are some other references
> >>>>> to JSecurity :
> >>>>>
> >>>>> http://jwicglobal.com/Knowledge.htm
> >>>>> <http://jwicglobal.com/Knowledge.htm>
> >>>>> "WIC GLOBAL has developed a comprehensive Information Security
> >>>>> Assessment service called JSecurity. Our JSecurity experts will
> >>>>> conduct a full information security risk assessment focusing on:"
> >>>>>
> >>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
> >>>>> Seems like they have a service called  J-Security. Be sure that
> >>>>> Juniper has a legal service who might perfectly well send some nicely
> >>>>> written "cease and desist" letter to the ASF about this name. Not
> sure
> >>>>> that our legals want to deal with that ...
> >>>>>
> >>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
> >>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
> >
> >>>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
> >>>>>
> >>>>>
> >>>>> <
> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
> >
> >>>>> This company has a product named JSecurity. Since when ?
> >>>>>
> >>>>> As much as I like the JSecurity name, I also think that we are un
> >>>>> potential jeopardy if we don't change its name. That's the main issue
> >>>>> we have : we can't afford any kind of legal action when we already
> >>>>> know that there are company out there which already use this name.
> >>>>>
> >>>>> Anyway, I can be wrong, I'm just trying to gather as much information
> >>>>> as possible. When you guys think you have set your mind about this
> >>>>> name, you will have to go to legal@apache.org
> >>>>> <ma...@apache.org> with the selected name (be it JSecurity or
> >>>>> any other) to double check that it's ok or not (IFAIK). That is one
> of
> >>>>> the condition to exit from the incubator :
> >>>>> "Check of project name for trademark issues "
> >>>>>
> >>>>>
> >>>>> (
> http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
> >>>>>
> >>>>>
> >>>>> <
> http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
> >).
> >>>>>
> >>>>> </snip>
> >>>>>
> >>>>> Thanks for your review and feedback!
> >>>>>
> >>>>> Best,
> >>>>>
> >>>>> Les
> >>>>>
> >>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <
> lhazlewood@apache.org>
> >>>>> wrote:
> >>>>>>
> >>>>>> Adam,
> >>>>>>
> >>>>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I
> love
> >>>>>> to see people who aren't necessarily code contributors contribute to
> >>>>>> the project in other ways.  This is very valuable to us.
> >>>>>>
> >>>>>> I am in total agreement with your sentiments thus far.  It is my
> >>>>>> opinion that the name we have is great as it is and I'd only like to
> >>>>>> change the name if someone from legal puts pressure on us to do so.
> >>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post this
> to
> >>>>>> legal in just a few minutes asking their feedback.  I'd like to hear
> >>>>>> what they say regardless of what we end up doing - I'm genuinely
> >>>>>> curious :)
> >>>>>>
> >>>>>> Thanks again very much for chiming in.  Its nice to see that you
> (and
> >>>>>> others) are taking continued interest in the project.
> >>>>>>
> >>>>>> Best regards,
> >>>>>>
> >>>>>> Les
> >>>>>>
> >>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
> >>>>>>>
> >>>>>>> Hi,
> >>>>>>>
> >>>>>>> I'm not really a contributor to the JSecurity project yet (though I
> >>>>>>> hope to
> >>>>>>> be in the future).  However, this thread has caught my attention,
> and
> >>>>>>> so I
> >>>>>>> thought I'd give a couple of thoughts.
> >>>>>>>
> >>>>>>> I have an interest, call it a hobby, in name related issues for
> >>>>>>> software
> >>>>>>> projects, open source included.  So, though I don't speak from any
> >>>>>>> official
> >>>>>>> background (I guess beyond a little professional), I would like to
> >>>>>>> point out
> >>>>>>> a few things about the name Alcatraz.
> >>>>>>>
> >>>>>>> First, as I believe has been mentioned, the term Alcatraz has been
> >>>>>>> associated with other software products already.  So, this is bad
> >>>>>>> news
> >>>>>>> with
> >>>>>>> regards to trademark related issues.  Just because its a geographic
> >>>>>>> location
> >>>>>>> doesn't mean that it can't be trademarked.  Thus, likely these
> other
> >>>>>>> software products are going to have problems with any related use
> of
> >>>>>>> the
> >>>>>>> term Alcatraz.
> >>>>>>>
> >>>>>>> Second, the connotation for JSecurity implies that the product is
> >>>>>>> used
> >>>>>>> to
> >>>>>>> keep people out of the protected system.  This is what the term
> >>>>>>> "security"
> >>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep
> >>>>>>> people
> >>>>>>> out,
> >>>>>>> it was meant to keep people in.  The use is only quasi-related, and
> >>>>>>> even
> >>>>>>> confusing, for a product with your feature set.  Alcatraz software
> >>>>>>> would be
> >>>>>>> a better name for a product which keeps workstation/network users
> >>>>>>> constrained in their internet use, like a firewall, or a web proxy,
> >>>>>>> for
> >>>>>>> example.  Or a child internet monitoring product.
> >>>>>>>
> >>>>>>> Don't underestimate the importance of this point.  The name of a
> >>>>>>> software
> >>>>>>> should ideally be somewhat self describing, especially when
> starting
> >>>>>>> out.
> >>>>>>> Until the name becomes a core brand, having a self describing name
> >>>>>>> can
> >>>>>>> make
> >>>>>>> a big difference.
> >>>>>>>
> >>>>>>> Third, I don't think you can underestimate how important it is that
> >>>>>>> people
> >>>>>>> can search the name of your product and find it through Google (and
> >>>>>>> friends).  Clearly the term Alcatraz has a huge number of unrelated
> >>>>>>> hits,
> >>>>>>> and you would clearly be lost any search engine placement with the
> >>>>>>> name.
> >>>>>>> Much better to have a name for your software that is the only known
> >>>>>>> reference so that people can easily find you after having hear the
> >>>>>>> name.
> >>>>>>> This is why so many companies go crazy and conjure completely
> strange
> >>>>>>> and
> >>>>>>> nonsensical product names.
> >>>>>>>
> >>>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which
> again
> >>>>>>> becomes problematic for the above search recognition reasons.
> >>>>>>> Alkitraz?
> >>>>>>> Some people simply won't know how to spell it immediately (though
> >>>>>>> this
> >>>>>>> is a
> >>>>>>> minor point, admittedly).
> >>>>>>>
> >>>>>>> Fifth, it seems like you're making preparations for something that
> >>>>>>> you
> >>>>>>> don't
> >>>>>>> even know to be a problem.  Yes, the Apache legal team should be
> >>>>>>> consulted.
> >>>>>>> However, it seems like jumping the gun to just start changing
> package
> >>>>>>> names
> >>>>>>> with anticipation of a name change.  You would be crazy to start
> >>>>>>> renaming
> >>>>>>> packages based on some unknown possibility that it has to happen in
> >>>>>>> the
> >>>>>>> future.  What value does this add to the software?
> >>>>>>>
> >>>>>>> Following the sigma-six and/or extreme programming world view, you
> >>>>>>> shouldn't
> >>>>>>> be making any change to your software until the change is actually
> >>>>>>> required
> >>>>>>> and value is added.  Do you have a pending lawsuit?  Has the Apache
> >>>>>>> council
> >>>>>>> suggested the change?  Are you being blocked by the incubation
> >>>>>>> process?
> >>>>>>> Why
> >>>>>>> even consider a change until it needs to be done.  Energy could be
> >>>>>>> better
> >>>>>>> spent on other matters.
> >>>>>>>
> >>>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But,
> >>>>>>> that's
> >>>>>>> only a very small part of the bigger issue.  Disruption, confusion,
> >>>>>>> support,
> >>>>>>> search engine optimization, etc. are what needs to be thought about
> >>>>>>> when
> >>>>>>> changing the name.
> >>>>>>>
> >>>>>>> Further, what if you decide to change the name to Alcatraz, and
> then
> >>>>>>> get
> >>>>>>> pressure from another software group?  Ouch, time to rename the
> >>>>>>> project
> >>>>>>> yet
> >>>>>>> again.
> >>>>>>>
> >>>>>>> I think you all are better just letting this thing ride until
> >>>>>>> something
> >>>>>>> real
> >>>>>>> convicting suggests you need a change.  JSecurity is a great
> product
> >>>>>>> name
> >>>>>>> which you should stick with until otherwise needed.  And, if that
> day
> >>>>>>> comes,
> >>>>>>> Alcatraz is just simply the wrong name, in my humble opinion, for
> all
> >>>>>>> the
> >>>>>>> reasons mentioned above.
> >>>>>>>
> >>>>>>> Thanks,
> >>>>>>>
> >>>>>>> Adam
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> Emmanuel Lecharny wrote:
> >>>>>>>>
> >>>>>>>> Alan D. Cabrera wrote:
> >>>>>>>>>
> >>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
> >>>>>>>>>
> >>>>>>>>>> Alan D. Cabrera wrote:
> >>>>>>>>>>>
> >>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
> >>>>>>>>>>>
> >>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
> >>>>>>>>>>>> <el...@gmail.com> wrote:
> >>>>>>>>>>>>
> >>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names
> we
> >>>>>>>>>>>>> have googled
> >>>>>>>>>>>>> too.
> >>>>>>>>>>>>
> >>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
> >>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
> >>>>>>>>>>>> googled
> >>>>>>>>>>>> names.  Could you please forward them on so I can post them to
> >>>>>>>>>>>> the
> >>>>>>>>>>>> legal team?
> >>>>>>>>>>>
> >>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the
> >>>>>>>>>>> clear
> >>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
> >>>>>>>>>>> packages
> >>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and
> the
> >>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
> >>>>>>>>>>
> >>>>>>>>>> Well, I think then it's better to stick with JSecurity (because
> >>>>>>>>>> it's
> >>>>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
> >>>>>>>>>> needed (or any other name).
> >>>>>>>>>>
> >>>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity
> name
> >>>>>>>>>> (with all the infos we have already found about it), and also
> ask
> >>>>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add
> >>>>>>>>>> some
> >>>>>>>>>> more infos related to this name, assuming that being a
> >>>>>>>>>> geographical
> >>>>>>>>>> location, it should not be such a problem).
> >>>>>>>>>
> >>>>>>>>> Legal is not a clearing house for project names.  They can only
> >>>>>>>>> give
> >>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far
> as
> >>>>>>>>> I
> >>>>>>>>> can tell, there is none for alcatraz.
> >>>>>>>>>
> >>>>>>>>> What I'm worried about is that the vetting effort for the
> JSecurity
> >>>>>>>>> name will have the same track record as the v0.9 release.  If we
> >>>>>>>>> start
> >>>>>>>>> with alcatraz then we have one less thing impeding our incubation
> >>>>>>>>> process.
> >>>>>>>>
> >>>>>>>> Let's start with Alcratraz then, and we have quit some time to do
> >>>>>>>> some
> >>>>>>>> vetting before 1.0 (hopefully when the project exits from
> >>>>>>>> incubator).
> >>>>>>>>
> >>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> --
> >>>>>>>> --
> >>>>>>>> cordialement, regards,
> >>>>>>>> Emmanuel Lécharny
> >>>>>>>> www.iktek.com
> >>>>>>>> directory.apache.org
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>
> >>>>>>> --
> >>>>>>> View this message in context:
> >>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
> >>>>>>> Sent from the JSecurity Developer mailing list archive at
> Nabble.com.
> >>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>
> >>>>
> >>>> ---------------------------------------------------------------------
> >>>> DISCLAIMER: Discussions on this list are informational and educational
> >>>> only.  Statements made on this list are not privileged, do not
> >>>> constitute legal advice, and do not necessarily reflect the opinions
> >>>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
> >>>> official ASF policies and documents.
> >>>> ---------------------------------------------------------------------
> >>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> >>>> For additional commands, e-mail: legal-discuss-help@apache.org
> >>>>
> >>>
> >>> Craig L Russell
> >>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
> >>> 408 276-5638 mailto:Craig.Russell@sun.com
> >>> P.S. A good JDO? O, Gasp!
> >>>
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> >>> For additional commands, e-mail: legal-discuss-help@apache.org
> >>>
> >>>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> >> For additional commands, e-mail: legal-discuss-help@apache.org
> >>
> >
> > Craig L Russell
> > Architect, Sun Java Enterprise System http://db.apache.org/jdo
> > 408 276-5638 mailto:Craig.Russell@sun.com
> > P.S. A good JDO? O, Gasp!
> >
> >
>

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 11:20 AM, Les Hazlewood wrote:

> All of this being said, if our IPMC members say with consensus
> something to the effect of:  "Odds are very low there wold ever be
> conflict, but we still desire a name change, Just In Case", then of
> course I'll abide by this.  I just don't think there is enough
> evidence that it would be necessary though.

To be sure there is great, great, value to holding on to the name.   
It's not like we did our best to do due diligence and found nothing.   
Unfortunately "odds being low" isn't good enough.  This is the point  
I'm trying to make.

Before someone states that we can't be 100% sure of anything let me  
state that there's a difference between performing due diligence and  
not finding anything at all and finding entities that could encroach  
on the JSecurity name if they chose to.


Regards,
Alan

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 11:20 AM, Les Hazlewood wrote:

> All of this being said, if our IPMC members say with consensus
> something to the effect of:  "Odds are very low there wold ever be
> conflict, but we still desire a name change, Just In Case", then of
> course I'll abide by this.  I just don't think there is enough
> evidence that it would be necessary though.

To be sure there is great, great, value to holding on to the name.   
It's not like we did our best to do due diligence and found nothing.   
Unfortunately "odds being low" isn't good enough.  This is the point  
I'm trying to make.

Before someone states that we can't be 100% sure of anything let me  
state that there's a difference between performing due diligence and  
not finding anything at all and finding entities that could encroach  
on the JSecurity name if they chose to.


Regards,
Alan


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

I spent quite a bit of time this weekend seeing how pervasive the
JSecurity name as related to our project - presentation videos,
publicly referenced projects, open source sourcecode that integrates
with ours, blogosphere, commercial products built on top of it, etc,
etc.  It is a strong name and many people directly reference it.  They
know what it is.

I just don't think there's anything better than JSecurity.  I also
agree with Craig and Jeremy that any of the matches we've found with a
similar name are

1) Not sufficiently close to JSecurity's domain and not a risk
2) If they are close to JSecurity's domain of Java-based security,
they arrived _after_ we did (see below).
2) Anything with J*Security is not a product, just names of web pages
or contractions of other non-related names J(uniper) Security, J(WIC)
Security, etc.  No product or project conflict.
3) JSecurity's almost 4 year history has been long enough for anyone
with a potential gripe to at least raise an ounce of concern; we've
been the #1 hit from Google's search results for over 3 years, and the
last year we've held all but 1 or 2 of the entire first page's
results.
4) * There are NO patent or trademark filings with the token
"JSecurity" appearing anywhere in them.

Again, IANAL, but I think this is enough to keep the name.  We've got
a really strong base on the current name.  People like it.  Anyone who
does a google search finds years of history with it.

I don't think anyone in our project or our end user community would
mind changing the name if anyone outside of our community actually
filed an actual legal cease-and-desist.  Until then, I just don't
think it is worth the effort or the time to go through the change
process.  If we ever see the actual legal need to do it, we could make
the change quickly enough.  But, given our history for the last 4
years, I just don't see this ever happening in practice.

But, just for completeness, let's look at the only 4 points that were
brought up as potential conflicts:

1.  http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm>
"WIC GLOBAL has developed a comprehensive Information Security
Assessment service called JSecurity. Our JSecurity experts will
conduct a full information security risk assessment focusing on:"

In this case, JSecurity for them is a contraction of 'JWIC Security'.
This company deals with security compliance for financial institutions
as a consulting service - not a software product.  In any event, our
JSecurity project was a well-established project on sourceforge before
they came up with this idea.

2.  http://www.juniper.net/security/ <http://www.juniper.net/security/>
Seems like they have a service called  J-Security.

This is the one of two potential conflicts that *could* lay claim to
having some semblance of J and Security being used together before our
project was founded on Source Forge.  However this is a contraction
for J(uniper) Security, and the resulting 'artifact' is an online
resource/knowledge center, not software product/project related.
They're a hardware company, and I don't see this as overlap at all.
That they might venture into software some day, and be it Java
Software at that, I think is an incredibly low possibility.  Even if
they did (and that's a big if), we still have grounds for showing our
unrelated software project existed first.  IANAL, but that's my take
on it.

3.  http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
<http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
Another JSecurity... Seems to be around since 2/11/2005 (at least)

This is the other one of two potential conflicts that *could* lay
claim to existing before our software project.  This company however,
deals with software related to financial securities, and has nothing
to do with java or software/system security in any way.  No conflict
at all there.

http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
<http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
This company has a product named JSecurity. Since when ?

Their "jSecurity" is a contraction for "jCompany Security".  Their
solution does looks to be java based and software security related.
But it is not the name of a product they're trying to sell.  It is
something that is 'part of' their other product(s).

But although I can't find it on their website, this is definitely a
new surfacing with this name for them as a company.  That is, our
JSecurity software project has been around a LOT longer than them.  In
fact, their website says they use quite a bit of software from Jakarta
and SourceForge - it might be very possible their product could
actually sit on TOP of our framework, which may be a reason why they
chose that name.  In any event, we've been around longer and can
probably lay claim to 'prior art'.


All of this being said, if our IPMC members say with consensus
something to the effect of:  "Odds are very low there wold ever be
conflict, but we still desire a name change, Just In Case", then of
course I'll abide by this.  I just don't think there is enough
evidence that it would be necessary though.

Once again, these are only my opinions - I'll do whatever it takes to
make our software project a viable long-term project successful with a
healthy community at the ASF.  If a name change is required to achieve
this, then fine, but I was hoping for a significant feeling of
consensus before we went down that road, that's all.

Respectfully,

Les

On Sun, Jan 11, 2009 at 1:32 PM, Alan D. Cabrera <li...@toolazydogs.com> wrote:
> Here's my take and I'm not intransigent on this.  I'll use a bit of
> hyperbole to make my point.
>
> If some company who makes hand made woven baskets has had the name JSecurity
> there would be no problem.  If that company decides to  market a program
> that trains people in basket weaving written in java there would be no
> problem.
>
> However, other computer security companies have an earlier claim to
> JSecurity.  If they decide the release a suite of java programs that
> performs security analysis then there's overlap.
>
> Why would we want to live in the grey area anyway?  Am I misunderstanding
> something?
>
> Regards,
> Alan
>
>
> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>
>> Agreed.
>>
>> I don't really understand what problem is being solved here.
>>
>> geir
>>
>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>
>>> -1 to changing the name at this time.
>>>
>>> I know my vote isn't binding, but I just want a record of it. At the
>>> moment, I think any potential causes of conflict, given that there are
>>> NO trademark or patent conflicts, are dubious at best.
>>>
>>> Cheers,
>>>
>>> Les
>>>
>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Cr...@sun.com>
>>> wrote:
>>>>
>>>> any more...
>>>>
>>>> ok, former board member. ;-)
>>>>
>>>> Craig
>>>>
>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>
>>>>> I'm not a board member. :)
>>>>>
>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell
>>>>> <Cr...@sun.com>
>>>>> wrote:
>>>>>>
>>>>>> -1 Do not change JSecurity's name
>>>>>>
>>>>>> We had the discussion in early December on the legal mailing list and
>>>>>> no
>>>>>> issues were raised contrary to Henri's comments. Henri is the only
>>>>>> board
>>>>>> member who commented on the JSecurity name during the discussion.
>>>>>>
>>>>>> We will have at least three more votes where additional issues
>>>>>> regarding
>>>>>> the
>>>>>> name can be brought up:
>>>>>>
>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>> 3. The acceptance of JSecurity by the Apache board after the incubator
>>>>>> votes.
>>>>>>
>>>>>> Craig
>>>>>>
>>>>>>
>>>>>> Dear JSecurity Team,
>>>>>>
>>>>>> There has been lengthy debate without consensus as to whether or
>>>>>> JSecurity's
>>>>>> name should be changed to something else.  So, there is need for a
>>>>>> vote.
>>>>>>
>>>>>> Please vote on changing JSecurity's name to something else.  This is
>>>>>> ONLY
>>>>>> a
>>>>>> vote of if we should change the name, NOT what any alternate name
>>>>>> might
>>>>>> be.
>>>>>> I'd like to leave this vote open for 7 days instead of the usual 3 to
>>>>>> account for time that people may not be able to respond due to the
>>>>>> holidays.  Of course we can close the vote early if all binding votes
>>>>>> are
>>>>>> accounted for prior to the 7 day limit.
>>>>>>
>>>>>> The vote is open for the next 7 days and only votes from the JSecurity
>>>>>> development team are binding.
>>>>>>
>>>>>> [ ] +1 Change JSecurity's name
>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>
>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>
>>>>>>> Given that it's a name you've been using for 4 years, and it's very
>>>>>>> generic [jXxx being a common pattern in our space and Security being
>>>>>>> very generic]; I'm inclined to keep the current name; though by the
>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't very
>>>>>>> good
>>>>>>> branding.
>>>>>>>
>>>>>>> My tuppence of opinion.
>>>>>>>
>>>>>>> Hen
>>>>>>>
>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org>
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi ASF legal team,
>>>>>>>>
>>>>>>>> I'm writing this email in hopes of getting your feedback concerning
>>>>>>>> a
>>>>>>>> discussion we've been having on the JSecurity email list (an
>>>>>>>> Incubator
>>>>>>>> project).
>>>>>>>>
>>>>>>>> A few of our mentors have expressed concern that there might be a
>>>>>>>> possible naming conflict with our project name (JSecurity) and some
>>>>>>>> other references found through google and other search mechanisms.
>>>>>>>>
>>>>>>>> I'd like to point out that the JSecurity name, as an open source
>>>>>>>> project identity has been around for almost 4 years now, with zero
>>>>>>>> contact from any external entity claiming conflict with a
>>>>>>>> proprietary
>>>>>>>> name or product.  I know this isn't legal criteria for determining
>>>>>>>> if
>>>>>>>> there is a name conflict, but I surface it only to put some context
>>>>>>>> of
>>>>>>>> why the original JSecurity developers (and our well-established
>>>>>>>> communities) think we should keep the JSecurity name.  There might
>>>>>>>> be
>>>>>>>> older references to this name, unrelated to our project, but we
>>>>>>>> don't
>>>>>>>> know for certain if they would constitute a risk in the name
>>>>>>>> overlap.
>>>>>>>>
>>>>>>>> We'd like some feedback as to if the project name should be changed
>>>>>>>> or
>>>>>>>> not.
>>>>>>>>
>>>>>>>> Here is what one of our mentors summarized after doing some
>>>>>>>> research:
>>>>>>>>
>>>>>>>> <snip>
>>>>>>>> Now, looking a bit forward on google, here are some other references
>>>>>>>> to JSecurity :
>>>>>>>>
>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>>>>> conduct a full information security risk assessment focusing on:"
>>>>>>>>
>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>>>>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>>>>> Juniper has a legal service who might perfectly well send some
>>>>>>>> nicely
>>>>>>>> written "cease and desist" letter to the ASF about this name. Not
>>>>>>>> sure
>>>>>>>> that our legals want to deal with that ...
>>>>>>>>
>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>>
>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>
>>>>>>>> As much as I like the JSecurity name, I also think that we are un
>>>>>>>> potential jeopardy if we don't change its name. That's the main
>>>>>>>> issue
>>>>>>>> we have : we can't afford any kind of legal action when we already
>>>>>>>> know that there are company out there which already use this name.
>>>>>>>>
>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much
>>>>>>>> information
>>>>>>>> as possible. When you guys think you have set your mind about this
>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>> <ma...@apache.org> with the selected name (be it JSecurity or
>>>>>>>> any other) to double check that it's ok or not (IFAIK). That is one
>>>>>>>> of
>>>>>>>> the condition to exit from the incubator :
>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>>>>>>>>
>>>>>>>> </snip>
>>>>>>>>
>>>>>>>> Thanks for your review and feedback!
>>>>>>>>
>>>>>>>> Best,
>>>>>>>>
>>>>>>>> Les
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood
>>>>>>>> <lh...@apache.org>
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Adam,
>>>>>>>>>
>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I
>>>>>>>>> love
>>>>>>>>> to see people who aren't necessarily code contributors contribute
>>>>>>>>> to
>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>
>>>>>>>>> I am in total agreement with your sentiments thus far.  It is my
>>>>>>>>> opinion that the name we have is great as it is and I'd only like
>>>>>>>>> to
>>>>>>>>> change the name if someone from legal puts pressure on us to do so.
>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post this
>>>>>>>>> to
>>>>>>>>> legal in just a few minutes asking their feedback.  I'd like to
>>>>>>>>> hear
>>>>>>>>> what they say regardless of what we end up doing - I'm genuinely
>>>>>>>>> curious :)
>>>>>>>>>
>>>>>>>>> Thanks again very much for chiming in.  Its nice to see that you
>>>>>>>>> (and
>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>
>>>>>>>>> Best regards,
>>>>>>>>>
>>>>>>>>> Les
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> I'm not really a contributor to the JSecurity project yet (though
>>>>>>>>>> I
>>>>>>>>>> hope to
>>>>>>>>>> be in the future).  However, this thread has caught my attention,
>>>>>>>>>> and
>>>>>>>>>> so I
>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>
>>>>>>>>>> I have an interest, call it a hobby, in name related issues for
>>>>>>>>>> software
>>>>>>>>>> projects, open source included.  So, though I don't speak from any
>>>>>>>>>> official
>>>>>>>>>> background (I guess beyond a little professional), I would like to
>>>>>>>>>> point out
>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>
>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz has been
>>>>>>>>>> associated with other software products already.  So, this is bad
>>>>>>>>>> news
>>>>>>>>>> with
>>>>>>>>>> regards to trademark related issues.  Just because its a
>>>>>>>>>> geographic
>>>>>>>>>> location
>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely these
>>>>>>>>>> other
>>>>>>>>>> software products are going to have problems with any related use
>>>>>>>>>> of
>>>>>>>>>> the
>>>>>>>>>> term Alcatraz.
>>>>>>>>>>
>>>>>>>>>> Second, the connotation for JSecurity implies that the product is
>>>>>>>>>> used
>>>>>>>>>> to
>>>>>>>>>> keep people out of the protected system.  This is what the term
>>>>>>>>>> "security"
>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep
>>>>>>>>>> people
>>>>>>>>>> out,
>>>>>>>>>> it was meant to keep people in.  The use is only quasi-related,
>>>>>>>>>> and
>>>>>>>>>> even
>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz software
>>>>>>>>>> would be
>>>>>>>>>> a better name for a product which keeps workstation/network users
>>>>>>>>>> constrained in their internet use, like a firewall, or a web
>>>>>>>>>> proxy,
>>>>>>>>>> for
>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>
>>>>>>>>>> Don't underestimate the importance of this point.  The name of a
>>>>>>>>>> software
>>>>>>>>>> should ideally be somewhat self describing, especially when
>>>>>>>>>> starting
>>>>>>>>>> out.
>>>>>>>>>> Until the name becomes a core brand, having a self describing name
>>>>>>>>>> can
>>>>>>>>>> make
>>>>>>>>>> a big difference.
>>>>>>>>>>
>>>>>>>>>> Third, I don't think you can underestimate how important it is
>>>>>>>>>> that
>>>>>>>>>> people
>>>>>>>>>> can search the name of your product and find it through Google
>>>>>>>>>> (and
>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of
>>>>>>>>>> unrelated
>>>>>>>>>> hits,
>>>>>>>>>> and you would clearly be lost any search engine placement with the
>>>>>>>>>> name.
>>>>>>>>>> Much better to have a name for your software that is the only
>>>>>>>>>> known
>>>>>>>>>> reference so that people can easily find you after having hear the
>>>>>>>>>> name.
>>>>>>>>>> This is why so many companies go crazy and conjure completely
>>>>>>>>>> strange
>>>>>>>>>> and
>>>>>>>>>> nonsensical product names.
>>>>>>>>>>
>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which
>>>>>>>>>> again
>>>>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>>>>> Alkitraz?
>>>>>>>>>> Some people simply won't know how to spell it immediately (though
>>>>>>>>>> this
>>>>>>>>>> is a
>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>
>>>>>>>>>> Fifth, it seems like you're making preparations for something that
>>>>>>>>>> you
>>>>>>>>>> don't
>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team should be
>>>>>>>>>> consulted.
>>>>>>>>>> However, it seems like jumping the gun to just start changing
>>>>>>>>>> package
>>>>>>>>>> names
>>>>>>>>>> with anticipation of a name change.  You would be crazy to start
>>>>>>>>>> renaming
>>>>>>>>>> packages based on some unknown possibility that it has to happen
>>>>>>>>>> in
>>>>>>>>>> the
>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>
>>>>>>>>>> Following the sigma-six and/or extreme programming world view, you
>>>>>>>>>> shouldn't
>>>>>>>>>> be making any change to your software until the change is actually
>>>>>>>>>> required
>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has the
>>>>>>>>>> Apache
>>>>>>>>>> council
>>>>>>>>>> suggested the change?  Are you being blocked by the incubation
>>>>>>>>>> process?
>>>>>>>>>> Why
>>>>>>>>>> even consider a change until it needs to be done.  Energy could be
>>>>>>>>>> better
>>>>>>>>>> spent on other matters.
>>>>>>>>>>
>>>>>>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.
>>>>>>>>>>  But,
>>>>>>>>>> that's
>>>>>>>>>> only a very small part of the bigger issue.  Disruption,
>>>>>>>>>> confusion,
>>>>>>>>>> support,
>>>>>>>>>> search engine optimization, etc. are what needs to be thought
>>>>>>>>>> about
>>>>>>>>>> when
>>>>>>>>>> changing the name.
>>>>>>>>>>
>>>>>>>>>> Further, what if you decide to change the name to Alcatraz, and
>>>>>>>>>> then
>>>>>>>>>> get
>>>>>>>>>> pressure from another software group?  Ouch, time to rename the
>>>>>>>>>> project
>>>>>>>>>> yet
>>>>>>>>>> again.
>>>>>>>>>>
>>>>>>>>>> I think you all are better just letting this thing ride until
>>>>>>>>>> something
>>>>>>>>>> real
>>>>>>>>>> convicting suggests you need a change.  JSecurity is a great
>>>>>>>>>> product
>>>>>>>>>> name
>>>>>>>>>> which you should stick with until otherwise needed.  And, if that
>>>>>>>>>> day
>>>>>>>>>> comes,
>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble opinion, for
>>>>>>>>>> all
>>>>>>>>>> the
>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>>
>>>>>>>>>> Adam
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>
>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names
>>>>>>>>>>>>>>>> we
>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>> names.  Could you please forward them on so I can post them
>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the
>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and
>>>>>>>>>>>>>> the
>>>>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity (because
>>>>>>>>>>>>> it's
>>>>>>>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>
>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity
>>>>>>>>>>>>> name
>>>>>>>>>>>>> (with all the infos we have already found about it), and also
>>>>>>>>>>>>> ask
>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add
>>>>>>>>>>>>> some
>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>> geographical
>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>
>>>>>>>>>>>> Legal is not a clearing house for project names.  They can only
>>>>>>>>>>>> give
>>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far
>>>>>>>>>>>> as
>>>>>>>>>>>> I
>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> What I'm worried about is that the vetting effort for the
>>>>>>>>>>>> JSecurity
>>>>>>>>>>>> name will have the same track record as the v0.9 release.  If we
>>>>>>>>>>>> start
>>>>>>>>>>>> with alcatraz then we have one less thing impeding our
>>>>>>>>>>>> incubation
>>>>>>>>>>>> process.
>>>>>>>>>>>
>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some time to do
>>>>>>>>>>> some
>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>> incubator).
>>>>>>>>>>>
>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> --
>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>> www.iktek.com
>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> View this message in context:
>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at
>>>>>>>>>> Nabble.com.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> DISCLAIMER: Discussions on this list are informational and
>>>>>>> educational
>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>> constitute legal advice, and do not necessarily reflect the opinions
>>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
>>>>>>> official ASF policies and documents.
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>
>>>>>> Craig L Russell
>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>
>>>>
>>>> Craig L Russell
>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>> P.S. A good JDO? O, Gasp!
>>>>
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>
>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

I spent quite a bit of time this weekend seeing how pervasive the
JSecurity name as related to our project - presentation videos,
publicly referenced projects, open source sourcecode that integrates
with ours, blogosphere, commercial products built on top of it, etc,
etc.  It is a strong name and many people directly reference it.  They
know what it is.

I just don't think there's anything better than JSecurity.  I also
agree with Craig and Jeremy that any of the matches we've found with a
similar name are

1) Not sufficiently close to JSecurity's domain and not a risk
2) If they are close to JSecurity's domain of Java-based security,
they arrived _after_ we did (see below).
2) Anything with J*Security is not a product, just names of web pages
or contractions of other non-related names J(uniper) Security, J(WIC)
Security, etc.  No product or project conflict.
3) JSecurity's almost 4 year history has been long enough for anyone
with a potential gripe to at least raise an ounce of concern; we've
been the #1 hit from Google's search results for over 3 years, and the
last year we've held all but 1 or 2 of the entire first page's
results.
4) * There are NO patent or trademark filings with the token
"JSecurity" appearing anywhere in them.

Again, IANAL, but I think this is enough to keep the name.  We've got
a really strong base on the current name.  People like it.  Anyone who
does a google search finds years of history with it.

I don't think anyone in our project or our end user community would
mind changing the name if anyone outside of our community actually
filed an actual legal cease-and-desist.  Until then, I just don't
think it is worth the effort or the time to go through the change
process.  If we ever see the actual legal need to do it, we could make
the change quickly enough.  But, given our history for the last 4
years, I just don't see this ever happening in practice.

But, just for completeness, let's look at the only 4 points that were
brought up as potential conflicts:

1.  http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm>
"WIC GLOBAL has developed a comprehensive Information Security
Assessment service called JSecurity. Our JSecurity experts will
conduct a full information security risk assessment focusing on:"

In this case, JSecurity for them is a contraction of 'JWIC Security'.
This company deals with security compliance for financial institutions
as a consulting service - not a software product.  In any event, our
JSecurity project was a well-established project on sourceforge before
they came up with this idea.

2.  http://www.juniper.net/security/ <http://www.juniper.net/security/>
Seems like they have a service called  J-Security.

This is the one of two potential conflicts that *could* lay claim to
having some semblance of J and Security being used together before our
project was founded on Source Forge.  However this is a contraction
for J(uniper) Security, and the resulting 'artifact' is an online
resource/knowledge center, not software product/project related.
They're a hardware company, and I don't see this as overlap at all.
That they might venture into software some day, and be it Java
Software at that, I think is an incredibly low possibility.  Even if
they did (and that's a big if), we still have grounds for showing our
unrelated software project existed first.  IANAL, but that's my take
on it.

3.  http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
<http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
Another JSecurity... Seems to be around since 2/11/2005 (at least)

This is the other one of two potential conflicts that *could* lay
claim to existing before our software project.  This company however,
deals with software related to financial securities, and has nothing
to do with java or software/system security in any way.  No conflict
at all there.

http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
<http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
This company has a product named JSecurity. Since when ?

Their "jSecurity" is a contraction for "jCompany Security".  Their
solution does looks to be java based and software security related.
But it is not the name of a product they're trying to sell.  It is
something that is 'part of' their other product(s).

But although I can't find it on their website, this is definitely a
new surfacing with this name for them as a company.  That is, our
JSecurity software project has been around a LOT longer than them.  In
fact, their website says they use quite a bit of software from Jakarta
and SourceForge - it might be very possible their product could
actually sit on TOP of our framework, which may be a reason why they
chose that name.  In any event, we've been around longer and can
probably lay claim to 'prior art'.


All of this being said, if our IPMC members say with consensus
something to the effect of:  "Odds are very low there wold ever be
conflict, but we still desire a name change, Just In Case", then of
course I'll abide by this.  I just don't think there is enough
evidence that it would be necessary though.

Once again, these are only my opinions - I'll do whatever it takes to
make our software project a viable long-term project successful with a
healthy community at the ASF.  If a name change is required to achieve
this, then fine, but I was hoping for a significant feeling of
consensus before we went down that road, that's all.

Respectfully,

Les

On Sun, Jan 11, 2009 at 1:32 PM, Alan D. Cabrera <li...@toolazydogs.com> wrote:
> Here's my take and I'm not intransigent on this.  I'll use a bit of
> hyperbole to make my point.
>
> If some company who makes hand made woven baskets has had the name JSecurity
> there would be no problem.  If that company decides to  market a program
> that trains people in basket weaving written in java there would be no
> problem.
>
> However, other computer security companies have an earlier claim to
> JSecurity.  If they decide the release a suite of java programs that
> performs security analysis then there's overlap.
>
> Why would we want to live in the grey area anyway?  Am I misunderstanding
> something?
>
> Regards,
> Alan
>
>
> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>
>> Agreed.
>>
>> I don't really understand what problem is being solved here.
>>
>> geir
>>
>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>
>>> -1 to changing the name at this time.
>>>
>>> I know my vote isn't binding, but I just want a record of it. At the
>>> moment, I think any potential causes of conflict, given that there are
>>> NO trademark or patent conflicts, are dubious at best.
>>>
>>> Cheers,
>>>
>>> Les
>>>
>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Cr...@sun.com>
>>> wrote:
>>>>
>>>> any more...
>>>>
>>>> ok, former board member. ;-)
>>>>
>>>> Craig
>>>>
>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>
>>>>> I'm not a board member. :)
>>>>>
>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell
>>>>> <Cr...@sun.com>
>>>>> wrote:
>>>>>>
>>>>>> -1 Do not change JSecurity's name
>>>>>>
>>>>>> We had the discussion in early December on the legal mailing list and
>>>>>> no
>>>>>> issues were raised contrary to Henri's comments. Henri is the only
>>>>>> board
>>>>>> member who commented on the JSecurity name during the discussion.
>>>>>>
>>>>>> We will have at least three more votes where additional issues
>>>>>> regarding
>>>>>> the
>>>>>> name can be brought up:
>>>>>>
>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>> 3. The acceptance of JSecurity by the Apache board after the incubator
>>>>>> votes.
>>>>>>
>>>>>> Craig
>>>>>>
>>>>>>
>>>>>> Dear JSecurity Team,
>>>>>>
>>>>>> There has been lengthy debate without consensus as to whether or
>>>>>> JSecurity's
>>>>>> name should be changed to something else.  So, there is need for a
>>>>>> vote.
>>>>>>
>>>>>> Please vote on changing JSecurity's name to something else.  This is
>>>>>> ONLY
>>>>>> a
>>>>>> vote of if we should change the name, NOT what any alternate name
>>>>>> might
>>>>>> be.
>>>>>> I'd like to leave this vote open for 7 days instead of the usual 3 to
>>>>>> account for time that people may not be able to respond due to the
>>>>>> holidays.  Of course we can close the vote early if all binding votes
>>>>>> are
>>>>>> accounted for prior to the 7 day limit.
>>>>>>
>>>>>> The vote is open for the next 7 days and only votes from the JSecurity
>>>>>> development team are binding.
>>>>>>
>>>>>> [ ] +1 Change JSecurity's name
>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>
>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>
>>>>>>> Given that it's a name you've been using for 4 years, and it's very
>>>>>>> generic [jXxx being a common pattern in our space and Security being
>>>>>>> very generic]; I'm inclined to keep the current name; though by the
>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't very
>>>>>>> good
>>>>>>> branding.
>>>>>>>
>>>>>>> My tuppence of opinion.
>>>>>>>
>>>>>>> Hen
>>>>>>>
>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org>
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi ASF legal team,
>>>>>>>>
>>>>>>>> I'm writing this email in hopes of getting your feedback concerning
>>>>>>>> a
>>>>>>>> discussion we've been having on the JSecurity email list (an
>>>>>>>> Incubator
>>>>>>>> project).
>>>>>>>>
>>>>>>>> A few of our mentors have expressed concern that there might be a
>>>>>>>> possible naming conflict with our project name (JSecurity) and some
>>>>>>>> other references found through google and other search mechanisms.
>>>>>>>>
>>>>>>>> I'd like to point out that the JSecurity name, as an open source
>>>>>>>> project identity has been around for almost 4 years now, with zero
>>>>>>>> contact from any external entity claiming conflict with a
>>>>>>>> proprietary
>>>>>>>> name or product.  I know this isn't legal criteria for determining
>>>>>>>> if
>>>>>>>> there is a name conflict, but I surface it only to put some context
>>>>>>>> of
>>>>>>>> why the original JSecurity developers (and our well-established
>>>>>>>> communities) think we should keep the JSecurity name.  There might
>>>>>>>> be
>>>>>>>> older references to this name, unrelated to our project, but we
>>>>>>>> don't
>>>>>>>> know for certain if they would constitute a risk in the name
>>>>>>>> overlap.
>>>>>>>>
>>>>>>>> We'd like some feedback as to if the project name should be changed
>>>>>>>> or
>>>>>>>> not.
>>>>>>>>
>>>>>>>> Here is what one of our mentors summarized after doing some
>>>>>>>> research:
>>>>>>>>
>>>>>>>> <snip>
>>>>>>>> Now, looking a bit forward on google, here are some other references
>>>>>>>> to JSecurity :
>>>>>>>>
>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>>>>> conduct a full information security risk assessment focusing on:"
>>>>>>>>
>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>>>>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>>>>> Juniper has a legal service who might perfectly well send some
>>>>>>>> nicely
>>>>>>>> written "cease and desist" letter to the ASF about this name. Not
>>>>>>>> sure
>>>>>>>> that our legals want to deal with that ...
>>>>>>>>
>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>>
>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>
>>>>>>>> As much as I like the JSecurity name, I also think that we are un
>>>>>>>> potential jeopardy if we don't change its name. That's the main
>>>>>>>> issue
>>>>>>>> we have : we can't afford any kind of legal action when we already
>>>>>>>> know that there are company out there which already use this name.
>>>>>>>>
>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much
>>>>>>>> information
>>>>>>>> as possible. When you guys think you have set your mind about this
>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>> <ma...@apache.org> with the selected name (be it JSecurity or
>>>>>>>> any other) to double check that it's ok or not (IFAIK). That is one
>>>>>>>> of
>>>>>>>> the condition to exit from the incubator :
>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>>>>>>>>
>>>>>>>> </snip>
>>>>>>>>
>>>>>>>> Thanks for your review and feedback!
>>>>>>>>
>>>>>>>> Best,
>>>>>>>>
>>>>>>>> Les
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood
>>>>>>>> <lh...@apache.org>
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Adam,
>>>>>>>>>
>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I
>>>>>>>>> love
>>>>>>>>> to see people who aren't necessarily code contributors contribute
>>>>>>>>> to
>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>
>>>>>>>>> I am in total agreement with your sentiments thus far.  It is my
>>>>>>>>> opinion that the name we have is great as it is and I'd only like
>>>>>>>>> to
>>>>>>>>> change the name if someone from legal puts pressure on us to do so.
>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post this
>>>>>>>>> to
>>>>>>>>> legal in just a few minutes asking their feedback.  I'd like to
>>>>>>>>> hear
>>>>>>>>> what they say regardless of what we end up doing - I'm genuinely
>>>>>>>>> curious :)
>>>>>>>>>
>>>>>>>>> Thanks again very much for chiming in.  Its nice to see that you
>>>>>>>>> (and
>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>
>>>>>>>>> Best regards,
>>>>>>>>>
>>>>>>>>> Les
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> I'm not really a contributor to the JSecurity project yet (though
>>>>>>>>>> I
>>>>>>>>>> hope to
>>>>>>>>>> be in the future).  However, this thread has caught my attention,
>>>>>>>>>> and
>>>>>>>>>> so I
>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>
>>>>>>>>>> I have an interest, call it a hobby, in name related issues for
>>>>>>>>>> software
>>>>>>>>>> projects, open source included.  So, though I don't speak from any
>>>>>>>>>> official
>>>>>>>>>> background (I guess beyond a little professional), I would like to
>>>>>>>>>> point out
>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>
>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz has been
>>>>>>>>>> associated with other software products already.  So, this is bad
>>>>>>>>>> news
>>>>>>>>>> with
>>>>>>>>>> regards to trademark related issues.  Just because its a
>>>>>>>>>> geographic
>>>>>>>>>> location
>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely these
>>>>>>>>>> other
>>>>>>>>>> software products are going to have problems with any related use
>>>>>>>>>> of
>>>>>>>>>> the
>>>>>>>>>> term Alcatraz.
>>>>>>>>>>
>>>>>>>>>> Second, the connotation for JSecurity implies that the product is
>>>>>>>>>> used
>>>>>>>>>> to
>>>>>>>>>> keep people out of the protected system.  This is what the term
>>>>>>>>>> "security"
>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep
>>>>>>>>>> people
>>>>>>>>>> out,
>>>>>>>>>> it was meant to keep people in.  The use is only quasi-related,
>>>>>>>>>> and
>>>>>>>>>> even
>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz software
>>>>>>>>>> would be
>>>>>>>>>> a better name for a product which keeps workstation/network users
>>>>>>>>>> constrained in their internet use, like a firewall, or a web
>>>>>>>>>> proxy,
>>>>>>>>>> for
>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>
>>>>>>>>>> Don't underestimate the importance of this point.  The name of a
>>>>>>>>>> software
>>>>>>>>>> should ideally be somewhat self describing, especially when
>>>>>>>>>> starting
>>>>>>>>>> out.
>>>>>>>>>> Until the name becomes a core brand, having a self describing name
>>>>>>>>>> can
>>>>>>>>>> make
>>>>>>>>>> a big difference.
>>>>>>>>>>
>>>>>>>>>> Third, I don't think you can underestimate how important it is
>>>>>>>>>> that
>>>>>>>>>> people
>>>>>>>>>> can search the name of your product and find it through Google
>>>>>>>>>> (and
>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of
>>>>>>>>>> unrelated
>>>>>>>>>> hits,
>>>>>>>>>> and you would clearly be lost any search engine placement with the
>>>>>>>>>> name.
>>>>>>>>>> Much better to have a name for your software that is the only
>>>>>>>>>> known
>>>>>>>>>> reference so that people can easily find you after having hear the
>>>>>>>>>> name.
>>>>>>>>>> This is why so many companies go crazy and conjure completely
>>>>>>>>>> strange
>>>>>>>>>> and
>>>>>>>>>> nonsensical product names.
>>>>>>>>>>
>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which
>>>>>>>>>> again
>>>>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>>>>> Alkitraz?
>>>>>>>>>> Some people simply won't know how to spell it immediately (though
>>>>>>>>>> this
>>>>>>>>>> is a
>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>
>>>>>>>>>> Fifth, it seems like you're making preparations for something that
>>>>>>>>>> you
>>>>>>>>>> don't
>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team should be
>>>>>>>>>> consulted.
>>>>>>>>>> However, it seems like jumping the gun to just start changing
>>>>>>>>>> package
>>>>>>>>>> names
>>>>>>>>>> with anticipation of a name change.  You would be crazy to start
>>>>>>>>>> renaming
>>>>>>>>>> packages based on some unknown possibility that it has to happen
>>>>>>>>>> in
>>>>>>>>>> the
>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>
>>>>>>>>>> Following the sigma-six and/or extreme programming world view, you
>>>>>>>>>> shouldn't
>>>>>>>>>> be making any change to your software until the change is actually
>>>>>>>>>> required
>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has the
>>>>>>>>>> Apache
>>>>>>>>>> council
>>>>>>>>>> suggested the change?  Are you being blocked by the incubation
>>>>>>>>>> process?
>>>>>>>>>> Why
>>>>>>>>>> even consider a change until it needs to be done.  Energy could be
>>>>>>>>>> better
>>>>>>>>>> spent on other matters.
>>>>>>>>>>
>>>>>>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.
>>>>>>>>>>  But,
>>>>>>>>>> that's
>>>>>>>>>> only a very small part of the bigger issue.  Disruption,
>>>>>>>>>> confusion,
>>>>>>>>>> support,
>>>>>>>>>> search engine optimization, etc. are what needs to be thought
>>>>>>>>>> about
>>>>>>>>>> when
>>>>>>>>>> changing the name.
>>>>>>>>>>
>>>>>>>>>> Further, what if you decide to change the name to Alcatraz, and
>>>>>>>>>> then
>>>>>>>>>> get
>>>>>>>>>> pressure from another software group?  Ouch, time to rename the
>>>>>>>>>> project
>>>>>>>>>> yet
>>>>>>>>>> again.
>>>>>>>>>>
>>>>>>>>>> I think you all are better just letting this thing ride until
>>>>>>>>>> something
>>>>>>>>>> real
>>>>>>>>>> convicting suggests you need a change.  JSecurity is a great
>>>>>>>>>> product
>>>>>>>>>> name
>>>>>>>>>> which you should stick with until otherwise needed.  And, if that
>>>>>>>>>> day
>>>>>>>>>> comes,
>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble opinion, for
>>>>>>>>>> all
>>>>>>>>>> the
>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>>
>>>>>>>>>> Adam
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>
>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names
>>>>>>>>>>>>>>>> we
>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>> names.  Could you please forward them on so I can post them
>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the
>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and
>>>>>>>>>>>>>> the
>>>>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity (because
>>>>>>>>>>>>> it's
>>>>>>>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>
>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity
>>>>>>>>>>>>> name
>>>>>>>>>>>>> (with all the infos we have already found about it), and also
>>>>>>>>>>>>> ask
>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add
>>>>>>>>>>>>> some
>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>> geographical
>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>
>>>>>>>>>>>> Legal is not a clearing house for project names.  They can only
>>>>>>>>>>>> give
>>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far
>>>>>>>>>>>> as
>>>>>>>>>>>> I
>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> What I'm worried about is that the vetting effort for the
>>>>>>>>>>>> JSecurity
>>>>>>>>>>>> name will have the same track record as the v0.9 release.  If we
>>>>>>>>>>>> start
>>>>>>>>>>>> with alcatraz then we have one less thing impeding our
>>>>>>>>>>>> incubation
>>>>>>>>>>>> process.
>>>>>>>>>>>
>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some time to do
>>>>>>>>>>> some
>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>> incubator).
>>>>>>>>>>>
>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> --
>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>> www.iktek.com
>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> View this message in context:
>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at
>>>>>>>>>> Nabble.com.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> DISCLAIMER: Discussions on this list are informational and
>>>>>>> educational
>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>> constitute legal advice, and do not necessarily reflect the opinions
>>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
>>>>>>> official ASF policies and documents.
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>
>>>>>> Craig L Russell
>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>
>>>>
>>>> Craig L Russell
>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>> P.S. A good JDO? O, Gasp!
>>>>
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>
>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

Sorry for the double post - I originally cc'd to legal@ instead of
legal-discuss@ and that failed.  I had to resend.

On Sun, Jan 11, 2009 at 2:27 PM, Les Hazlewood <lh...@apache.org> wrote:
> Great idea.  But would this be something that one of the folks in
> legal@ would want to formulate?  Or should it be one of us 'regular
> joes' just asking a question?  I've cc'd Legal to see what they
> recommend....
>
> Cheers,
>
> Les
>
> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>> Its not a bad idea.  It could be one of those things that they are unlikely
>> to care about unless specifically asked to care, but it would certainly put
>> an end to the discussion.
>>
>> Tim
>>
>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>
>>> Tim Veil wrote:
>>>>
>>>> I guess my take is that
>>>> JSecurity has been in the name of this project for nearly 4 years without
>>>> compliant
>>>> JSecurity has name recognition and a following
>>>> The project of concern, "J-Security" is not a product at all but rather a
>>>> " resource for security information and analysis."
>>>> J-Security's parent company Juniper is in the network hardware business
>>>> not the Java application business
>>>> JSecurity is an open-source software project not a "product" we are
>>>> looking to sell (not a competitor in any way to Juniper)
>>>
>>> Just a suggestion : why don't someone contact Juniper legals and ask if
>>> they see JSecurity as an acceptable name for us ? That would close this long
>>> thread, I think.
>>>
>>> --
>>> --
>>> cordialement, regards,
>>> Emmanuel Lécharny
>>> www.iktek.com
>>> directory.apache.org
>>>
>>>
>>
>>
>

Re: [VOTE] Change JSecurity's Name

[Ralph Goers <ra...@dslextreme.com>]

On Jan 11, 2009, at 4:28 PM, Les Hazlewood wrote:

> Foot work to find who is the right person within Juniper?  or legal@?

With the usual clarification that I am not a lawyer, from past  
discussion and experiences my understanding is that you do not want to  
approach Juniper. If they have a problem they should have contacted  
Apache.

I'd venture that some of the replies forgot to do reply-all so they  
may not have made it back to the jsecurity list. I know I didn't when  
I replied earlier today. To paraphrase what I said earlier, it looks  
like you have done the proper amount of investigation to me and from  
what I can tell if there is a conflict Juniper should have raised it  
long ago. IMO, changing the name based on what Juniper might decide to  
do in the future isn't warranted. Furthermore, I'm not even sure that  
J-Security can be considered to be the same name as JSecurity.

Again, this is just my personal opinion.

Ralph

Re: [VOTE] Change JSecurity's Name

[Ralph Goers <ra...@dslextreme.com>]

On Jan 11, 2009, at 4:28 PM, Les Hazlewood wrote:

> Foot work to find who is the right person within Juniper?  or legal@?

With the usual clarification that I am not a lawyer, from past  
discussion and experiences my understanding is that you do not want to  
approach Juniper. If they have a problem they should have contacted  
Apache.

I'd venture that some of the replies forgot to do reply-all so they  
may not have made it back to the jsecurity list. I know I didn't when  
I replied earlier today. To paraphrase what I said earlier, it looks  
like you have done the proper amount of investigation to me and from  
what I can tell if there is a conflict Juniper should have raised it  
long ago. IMO, changing the name based on what Juniper might decide to  
do in the future isn't warranted. Furthermore, I'm not even sure that  
J-Security can be considered to be the same name as JSecurity.

Again, this is just my personal opinion.

Ralph

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

Foot work to find who is the right person within Juniper?  or legal@?

On Sun, Jan 11, 2009 at 7:20 PM, Alan D. Cabrera <li...@toolazydogs.com> wrote:
> I think there's a lot of foot work that needs to be done to just get us to
> find the right person.  Find that person and I'll be happy to start the
> discussion.  I imagine that something might have to be hand held through the
> lawyers if we're lucky.
>
>
> Regards,
> Alan
>
> On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:
>
>> Great idea.  But would this be something that one of the folks in
>> legal@ would want to formulate?  Or should it be one of us 'regular
>> joes' just asking a question?  I've cc'd Legal to see what they
>> recommend....
>>
>> Cheers,
>>
>> Les
>>
>> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>>>
>>> Its not a bad idea.  It could be one of those things that they are
>>> unlikely
>>> to care about unless specifically asked to care, but it would certainly
>>> put
>>> an end to the discussion.
>>>
>>> Tim
>>>
>>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>>
>>>> Tim Veil wrote:
>>>>>
>>>>> I guess my take is that
>>>>> JSecurity has been in the name of this project for nearly 4 years
>>>>> without
>>>>> compliant
>>>>> JSecurity has name recognition and a following
>>>>> The project of concern, "J-Security" is not a product at all but rather
>>>>> a
>>>>> " resource for security information and analysis."
>>>>> J-Security's parent company Juniper is in the network hardware business
>>>>> not the Java application business
>>>>> JSecurity is an open-source software project not a "product" we are
>>>>> looking to sell (not a competitor in any way to Juniper)
>>>>
>>>> Just a suggestion : why don't someone contact Juniper legals and ask if
>>>> they see JSecurity as an acceptable name for us ? That would close this
>>>> long
>>>> thread, I think.
>>>>
>>>> --
>>>> --
>>>> cordialement, regards,
>>>> Emmanuel Lécharny
>>>> www.iktek.com
>>>> directory.apache.org
>>>>
>>>>
>>>
>>>
>
>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

Foot work to find who is the right person within Juniper?  or legal@?

On Sun, Jan 11, 2009 at 7:20 PM, Alan D. Cabrera <li...@toolazydogs.com> wrote:
> I think there's a lot of foot work that needs to be done to just get us to
> find the right person.  Find that person and I'll be happy to start the
> discussion.  I imagine that something might have to be hand held through the
> lawyers if we're lucky.
>
>
> Regards,
> Alan
>
> On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:
>
>> Great idea.  But would this be something that one of the folks in
>> legal@ would want to formulate?  Or should it be one of us 'regular
>> joes' just asking a question?  I've cc'd Legal to see what they
>> recommend....
>>
>> Cheers,
>>
>> Les
>>
>> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>>>
>>> Its not a bad idea.  It could be one of those things that they are
>>> unlikely
>>> to care about unless specifically asked to care, but it would certainly
>>> put
>>> an end to the discussion.
>>>
>>> Tim
>>>
>>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>>
>>>> Tim Veil wrote:
>>>>>
>>>>> I guess my take is that
>>>>> JSecurity has been in the name of this project for nearly 4 years
>>>>> without
>>>>> compliant
>>>>> JSecurity has name recognition and a following
>>>>> The project of concern, "J-Security" is not a product at all but rather
>>>>> a
>>>>> " resource for security information and analysis."
>>>>> J-Security's parent company Juniper is in the network hardware business
>>>>> not the Java application business
>>>>> JSecurity is an open-source software project not a "product" we are
>>>>> looking to sell (not a competitor in any way to Juniper)
>>>>
>>>> Just a suggestion : why don't someone contact Juniper legals and ask if
>>>> they see JSecurity as an acceptable name for us ? That would close this
>>>> long
>>>> thread, I think.
>>>>
>>>> --
>>>> --
>>>> cordialement, regards,
>>>> Emmanuel Lécharny
>>>> www.iktek.com
>>>> directory.apache.org
>>>>
>>>>
>>>
>>>
>
>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

To the best of my knowledge, there was only one response from Henri
Yandell concerning our current name.  If there was anything else, the
jsecurity-dev wasn't CC'd.  Is there some other thread(s) that we
haven't seen yet?

Regards,

Les

On Sun, Jan 11, 2009 at 7:27 PM, Geir Magnusson Jr. <ge...@pobox.com> wrote:
> I thought this was brought up on legal-discuss.  What was the consensus
> there on this?
>
> On Jan 11, 2009, at 7:20 PM, Alan D. Cabrera wrote:
>
>> I think there's a lot of foot work that needs to be done to just get us to
>> find the right person.  Find that person and I'll be happy to start the
>> discussion.  I imagine that something might have to be hand held through the
>> lawyers if we're lucky.
>>
>>
>> Regards,
>> Alan
>>
>> On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:
>>
>>> Great idea.  But would this be something that one of the folks in
>>> legal@ would want to formulate?  Or should it be one of us 'regular
>>> joes' just asking a question?  I've cc'd Legal to see what they
>>> recommend....
>>>
>>> Cheers,
>>>
>>> Les
>>>
>>> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>>>>
>>>> Its not a bad idea.  It could be one of those things that they are
>>>> unlikely
>>>> to care about unless specifically asked to care, but it would certainly
>>>> put
>>>> an end to the discussion.
>>>>
>>>> Tim
>>>>
>>>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>>>
>>>>> Tim Veil wrote:
>>>>>>
>>>>>> I guess my take is that
>>>>>> JSecurity has been in the name of this project for nearly 4 years
>>>>>> without
>>>>>> compliant
>>>>>> JSecurity has name recognition and a following
>>>>>> The project of concern, "J-Security" is not a product at all but
>>>>>> rather a
>>>>>> " resource for security information and analysis."
>>>>>> J-Security's parent company Juniper is in the network hardware
>>>>>> business
>>>>>> not the Java application business
>>>>>> JSecurity is an open-source software project not a "product" we are
>>>>>> looking to sell (not a competitor in any way to Juniper)
>>>>>
>>>>> Just a suggestion : why don't someone contact Juniper legals and ask if
>>>>> they see JSecurity as an acceptable name for us ? That would close this
>>>>> long
>>>>> thread, I think.
>>>>>
>>>>> --
>>>>> --
>>>>> cordialement, regards,
>>>>> Emmanuel Lécharny
>>>>> www.iktek.com
>>>>> directory.apache.org
>>>>>
>>>>>
>>>>
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>
>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

To the best of my knowledge, there was only one response from Henri
Yandell concerning our current name.  If there was anything else, the
jsecurity-dev wasn't CC'd.  Is there some other thread(s) that we
haven't seen yet?

Regards,

Les

On Sun, Jan 11, 2009 at 7:27 PM, Geir Magnusson Jr. <ge...@pobox.com> wrote:
> I thought this was brought up on legal-discuss.  What was the consensus
> there on this?
>
> On Jan 11, 2009, at 7:20 PM, Alan D. Cabrera wrote:
>
>> I think there's a lot of foot work that needs to be done to just get us to
>> find the right person.  Find that person and I'll be happy to start the
>> discussion.  I imagine that something might have to be hand held through the
>> lawyers if we're lucky.
>>
>>
>> Regards,
>> Alan
>>
>> On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:
>>
>>> Great idea.  But would this be something that one of the folks in
>>> legal@ would want to formulate?  Or should it be one of us 'regular
>>> joes' just asking a question?  I've cc'd Legal to see what they
>>> recommend....
>>>
>>> Cheers,
>>>
>>> Les
>>>
>>> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>>>>
>>>> Its not a bad idea.  It could be one of those things that they are
>>>> unlikely
>>>> to care about unless specifically asked to care, but it would certainly
>>>> put
>>>> an end to the discussion.
>>>>
>>>> Tim
>>>>
>>>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>>>
>>>>> Tim Veil wrote:
>>>>>>
>>>>>> I guess my take is that
>>>>>> JSecurity has been in the name of this project for nearly 4 years
>>>>>> without
>>>>>> compliant
>>>>>> JSecurity has name recognition and a following
>>>>>> The project of concern, "J-Security" is not a product at all but
>>>>>> rather a
>>>>>> " resource for security information and analysis."
>>>>>> J-Security's parent company Juniper is in the network hardware
>>>>>> business
>>>>>> not the Java application business
>>>>>> JSecurity is an open-source software project not a "product" we are
>>>>>> looking to sell (not a competitor in any way to Juniper)
>>>>>
>>>>> Just a suggestion : why don't someone contact Juniper legals and ask if
>>>>> they see JSecurity as an acceptable name for us ? That would close this
>>>>> long
>>>>> thread, I think.
>>>>>
>>>>> --
>>>>> --
>>>>> cordialement, regards,
>>>>> Emmanuel Lécharny
>>>>> www.iktek.com
>>>>> directory.apache.org
>>>>>
>>>>>
>>>>
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>
>

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

If there was then jsecurity-dev was not cc'd.  What exactly was the  
discussion on contacting Juniper?


Regards,
Alan

On Jan 11, 2009, at 4:27 PM, Geir Magnusson Jr. wrote:

> I thought this was brought up on legal-discuss.  What was the  
> consensus there on this?
>
> On Jan 11, 2009, at 7:20 PM, Alan D. Cabrera wrote:
>
>> I think there's a lot of foot work that needs to be done to just  
>> get us to find the right person.  Find that person and I'll be  
>> happy to start the discussion.  I imagine that something might have  
>> to be hand held through the lawyers if we're lucky.
>>
>>
>> Regards,
>> Alan
>>
>> On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:
>>
>>> Great idea.  But would this be something that one of the folks in
>>> legal@ would want to formulate?  Or should it be one of us 'regular
>>> joes' just asking a question?  I've cc'd Legal to see what they
>>> recommend....
>>>
>>> Cheers,
>>>
>>> Les
>>>
>>> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>>>> Its not a bad idea.  It could be one of those things that they  
>>>> are unlikely
>>>> to care about unless specifically asked to care, but it would  
>>>> certainly put
>>>> an end to the discussion.
>>>>
>>>> Tim
>>>>
>>>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>>>
>>>>> Tim Veil wrote:
>>>>>>
>>>>>> I guess my take is that
>>>>>> JSecurity has been in the name of this project for nearly 4  
>>>>>> years without
>>>>>> compliant
>>>>>> JSecurity has name recognition and a following
>>>>>> The project of concern, "J-Security" is not a product at all  
>>>>>> but rather a
>>>>>> " resource for security information and analysis."
>>>>>> J-Security's parent company Juniper is in the network hardware  
>>>>>> business
>>>>>> not the Java application business
>>>>>> JSecurity is an open-source software project not a "product" we  
>>>>>> are
>>>>>> looking to sell (not a competitor in any way to Juniper)
>>>>>
>>>>> Just a suggestion : why don't someone contact Juniper legals and  
>>>>> ask if
>>>>> they see JSecurity as an acceptable name for us ? That would  
>>>>> close this long
>>>>> thread, I think.
>>>>>
>>>>> --
>>>>> --
>>>>> cordialement, regards,
>>>>> Emmanuel Lécharny
>>>>> www.iktek.com
>>>>> directory.apache.org
>>>>>
>>>>>
>>>>
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

If there was then jsecurity-dev was not cc'd.  What exactly was the  
discussion on contacting Juniper?


Regards,
Alan

On Jan 11, 2009, at 4:27 PM, Geir Magnusson Jr. wrote:

> I thought this was brought up on legal-discuss.  What was the  
> consensus there on this?
>
> On Jan 11, 2009, at 7:20 PM, Alan D. Cabrera wrote:
>
>> I think there's a lot of foot work that needs to be done to just  
>> get us to find the right person.  Find that person and I'll be  
>> happy to start the discussion.  I imagine that something might have  
>> to be hand held through the lawyers if we're lucky.
>>
>>
>> Regards,
>> Alan
>>
>> On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:
>>
>>> Great idea.  But would this be something that one of the folks in
>>> legal@ would want to formulate?  Or should it be one of us 'regular
>>> joes' just asking a question?  I've cc'd Legal to see what they
>>> recommend....
>>>
>>> Cheers,
>>>
>>> Les
>>>
>>> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>>>> Its not a bad idea.  It could be one of those things that they  
>>>> are unlikely
>>>> to care about unless specifically asked to care, but it would  
>>>> certainly put
>>>> an end to the discussion.
>>>>
>>>> Tim
>>>>
>>>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>>>
>>>>> Tim Veil wrote:
>>>>>>
>>>>>> I guess my take is that
>>>>>> JSecurity has been in the name of this project for nearly 4  
>>>>>> years without
>>>>>> compliant
>>>>>> JSecurity has name recognition and a following
>>>>>> The project of concern, "J-Security" is not a product at all  
>>>>>> but rather a
>>>>>> " resource for security information and analysis."
>>>>>> J-Security's parent company Juniper is in the network hardware  
>>>>>> business
>>>>>> not the Java application business
>>>>>> JSecurity is an open-source software project not a "product" we  
>>>>>> are
>>>>>> looking to sell (not a competitor in any way to Juniper)
>>>>>
>>>>> Just a suggestion : why don't someone contact Juniper legals and  
>>>>> ask if
>>>>> they see JSecurity as an acceptable name for us ? That would  
>>>>> close this long
>>>>> thread, I think.
>>>>>
>>>>> --
>>>>> --
>>>>> cordialement, regards,
>>>>> Emmanuel Lécharny
>>>>> www.iktek.com
>>>>> directory.apache.org
>>>>>
>>>>>
>>>>
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

["Geir Magnusson Jr." <ge...@pobox.com>]

I thought this was brought up on legal-discuss.  What was the  
consensus there on this?

On Jan 11, 2009, at 7:20 PM, Alan D. Cabrera wrote:

> I think there's a lot of foot work that needs to be done to just get  
> us to find the right person.  Find that person and I'll be happy to  
> start the discussion.  I imagine that something might have to be  
> hand held through the lawyers if we're lucky.
>
>
> Regards,
> Alan
>
> On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:
>
>> Great idea.  But would this be something that one of the folks in
>> legal@ would want to formulate?  Or should it be one of us 'regular
>> joes' just asking a question?  I've cc'd Legal to see what they
>> recommend....
>>
>> Cheers,
>>
>> Les
>>
>> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>>> Its not a bad idea.  It could be one of those things that they are  
>>> unlikely
>>> to care about unless specifically asked to care, but it would  
>>> certainly put
>>> an end to the discussion.
>>>
>>> Tim
>>>
>>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>>
>>>> Tim Veil wrote:
>>>>>
>>>>> I guess my take is that
>>>>> JSecurity has been in the name of this project for nearly 4  
>>>>> years without
>>>>> compliant
>>>>> JSecurity has name recognition and a following
>>>>> The project of concern, "J-Security" is not a product at all but  
>>>>> rather a
>>>>> " resource for security information and analysis."
>>>>> J-Security's parent company Juniper is in the network hardware  
>>>>> business
>>>>> not the Java application business
>>>>> JSecurity is an open-source software project not a "product" we  
>>>>> are
>>>>> looking to sell (not a competitor in any way to Juniper)
>>>>
>>>> Just a suggestion : why don't someone contact Juniper legals and  
>>>> ask if
>>>> they see JSecurity as an acceptable name for us ? That would  
>>>> close this long
>>>> thread, I think.
>>>>
>>>> --
>>>> --
>>>> cordialement, regards,
>>>> Emmanuel Lécharny
>>>> www.iktek.com
>>>> directory.apache.org
>>>>
>>>>
>>>
>>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

["Geir Magnusson Jr." <ge...@pobox.com>]

I thought this was brought up on legal-discuss.  What was the  
consensus there on this?

On Jan 11, 2009, at 7:20 PM, Alan D. Cabrera wrote:

> I think there's a lot of foot work that needs to be done to just get  
> us to find the right person.  Find that person and I'll be happy to  
> start the discussion.  I imagine that something might have to be  
> hand held through the lawyers if we're lucky.
>
>
> Regards,
> Alan
>
> On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:
>
>> Great idea.  But would this be something that one of the folks in
>> legal@ would want to formulate?  Or should it be one of us 'regular
>> joes' just asking a question?  I've cc'd Legal to see what they
>> recommend....
>>
>> Cheers,
>>
>> Les
>>
>> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>>> Its not a bad idea.  It could be one of those things that they are  
>>> unlikely
>>> to care about unless specifically asked to care, but it would  
>>> certainly put
>>> an end to the discussion.
>>>
>>> Tim
>>>
>>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>>
>>>> Tim Veil wrote:
>>>>>
>>>>> I guess my take is that
>>>>> JSecurity has been in the name of this project for nearly 4  
>>>>> years without
>>>>> compliant
>>>>> JSecurity has name recognition and a following
>>>>> The project of concern, "J-Security" is not a product at all but  
>>>>> rather a
>>>>> " resource for security information and analysis."
>>>>> J-Security's parent company Juniper is in the network hardware  
>>>>> business
>>>>> not the Java application business
>>>>> JSecurity is an open-source software project not a "product" we  
>>>>> are
>>>>> looking to sell (not a competitor in any way to Juniper)
>>>>
>>>> Just a suggestion : why don't someone contact Juniper legals and  
>>>> ask if
>>>> they see JSecurity as an acceptable name for us ? That would  
>>>> close this long
>>>> thread, I think.
>>>>
>>>> --
>>>> --
>>>> cordialement, regards,
>>>> Emmanuel Lécharny
>>>> www.iktek.com
>>>> directory.apache.org
>>>>
>>>>
>>>
>>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

I think there's a lot of foot work that needs to be done to just get  
us to find the right person.  Find that person and I'll be happy to  
start the discussion.  I imagine that something might have to be hand  
held through the lawyers if we're lucky.


Regards,
Alan

On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:

> Great idea.  But would this be something that one of the folks in
> legal@ would want to formulate?  Or should it be one of us 'regular
> joes' just asking a question?  I've cc'd Legal to see what they
> recommend....
>
> Cheers,
>
> Les
>
> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>> Its not a bad idea.  It could be one of those things that they are  
>> unlikely
>> to care about unless specifically asked to care, but it would  
>> certainly put
>> an end to the discussion.
>>
>> Tim
>>
>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>
>>> Tim Veil wrote:
>>>>
>>>> I guess my take is that
>>>> JSecurity has been in the name of this project for nearly 4 years  
>>>> without
>>>> compliant
>>>> JSecurity has name recognition and a following
>>>> The project of concern, "J-Security" is not a product at all but  
>>>> rather a
>>>> " resource for security information and analysis."
>>>> J-Security's parent company Juniper is in the network hardware  
>>>> business
>>>> not the Java application business
>>>> JSecurity is an open-source software project not a "product" we are
>>>> looking to sell (not a competitor in any way to Juniper)
>>>
>>> Just a suggestion : why don't someone contact Juniper legals and  
>>> ask if
>>> they see JSecurity as an acceptable name for us ? That would close  
>>> this long
>>> thread, I think.
>>>
>>> --
>>> --
>>> cordialement, regards,
>>> Emmanuel Lécharny
>>> www.iktek.com
>>> directory.apache.org
>>>
>>>
>>
>>


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

I think there's a lot of foot work that needs to be done to just get  
us to find the right person.  Find that person and I'll be happy to  
start the discussion.  I imagine that something might have to be hand  
held through the lawyers if we're lucky.


Regards,
Alan

On Jan 11, 2009, at 11:27 AM, Les Hazlewood wrote:

> Great idea.  But would this be something that one of the folks in
> legal@ would want to formulate?  Or should it be one of us 'regular
> joes' just asking a question?  I've cc'd Legal to see what they
> recommend....
>
> Cheers,
>
> Les
>
> On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
>> Its not a bad idea.  It could be one of those things that they are  
>> unlikely
>> to care about unless specifically asked to care, but it would  
>> certainly put
>> an end to the discussion.
>>
>> Tim
>>
>> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>>
>>> Tim Veil wrote:
>>>>
>>>> I guess my take is that
>>>> JSecurity has been in the name of this project for nearly 4 years  
>>>> without
>>>> compliant
>>>> JSecurity has name recognition and a following
>>>> The project of concern, "J-Security" is not a product at all but  
>>>> rather a
>>>> " resource for security information and analysis."
>>>> J-Security's parent company Juniper is in the network hardware  
>>>> business
>>>> not the Java application business
>>>> JSecurity is an open-source software project not a "product" we are
>>>> looking to sell (not a competitor in any way to Juniper)
>>>
>>> Just a suggestion : why don't someone contact Juniper legals and  
>>> ask if
>>> they see JSecurity as an acceptable name for us ? That would close  
>>> this long
>>> thread, I think.
>>>
>>> --
>>> --
>>> cordialement, regards,
>>> Emmanuel Lécharny
>>> www.iktek.com
>>> directory.apache.org
>>>
>>>
>>
>>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

Great idea.  But would this be something that one of the folks in
legal@ would want to formulate?  Or should it be one of us 'regular
joes' just asking a question?  I've cc'd Legal to see what they
recommend....

Cheers,

Les

On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
> Its not a bad idea.  It could be one of those things that they are unlikely
> to care about unless specifically asked to care, but it would certainly put
> an end to the discussion.
>
> Tim
>
> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>
>> Tim Veil wrote:
>>>
>>> I guess my take is that
>>> JSecurity has been in the name of this project for nearly 4 years without
>>> compliant
>>> JSecurity has name recognition and a following
>>> The project of concern, "J-Security" is not a product at all but rather a
>>> " resource for security information and analysis."
>>> J-Security's parent company Juniper is in the network hardware business
>>> not the Java application business
>>> JSecurity is an open-source software project not a "product" we are
>>> looking to sell (not a competitor in any way to Juniper)
>>
>> Just a suggestion : why don't someone contact Juniper legals and ask if
>> they see JSecurity as an acceptable name for us ? That would close this long
>> thread, I think.
>>
>> --
>> --
>> cordialement, regards,
>> Emmanuel Lécharny
>> www.iktek.com
>> directory.apache.org
>>
>>
>
>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

Great idea.  But would this be something that one of the folks in
legal@ would want to formulate?  Or should it be one of us 'regular
joes' just asking a question?  I've cc'd Legal to see what they
recommend....

Cheers,

Les

On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
> Its not a bad idea.  It could be one of those things that they are unlikely
> to care about unless specifically asked to care, but it would certainly put
> an end to the discussion.
>
> Tim
>
> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>
>> Tim Veil wrote:
>>>
>>> I guess my take is that
>>> JSecurity has been in the name of this project for nearly 4 years without
>>> compliant
>>> JSecurity has name recognition and a following
>>> The project of concern, "J-Security" is not a product at all but rather a
>>> " resource for security information and analysis."
>>> J-Security's parent company Juniper is in the network hardware business
>>> not the Java application business
>>> JSecurity is an open-source software project not a "product" we are
>>> looking to sell (not a competitor in any way to Juniper)
>>
>> Just a suggestion : why don't someone contact Juniper legals and ask if
>> they see JSecurity as an acceptable name for us ? That would close this long
>> thread, I think.
>>
>> --
>> --
>> cordialement, regards,
>> Emmanuel Lécharny
>> www.iktek.com
>> directory.apache.org
>>
>>
>
>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

Great idea.  But would this be something that one of the folks in
legal@ would want to formulate?  Or should it be one of us 'regular
joes' just asking a question?  I've cc'd Legal to see what they
recommend....

Cheers,

Les

On Sun, Jan 11, 2009 at 2:19 PM, Tim Veil <tj...@gmail.com> wrote:
> Its not a bad idea.  It could be one of those things that they are unlikely
> to care about unless specifically asked to care, but it would certainly put
> an end to the discussion.
>
> Tim
>
> On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:
>
>> Tim Veil wrote:
>>>
>>> I guess my take is that
>>> JSecurity has been in the name of this project for nearly 4 years without
>>> compliant
>>> JSecurity has name recognition and a following
>>> The project of concern, "J-Security" is not a product at all but rather a
>>> " resource for security information and analysis."
>>> J-Security's parent company Juniper is in the network hardware business
>>> not the Java application business
>>> JSecurity is an open-source software project not a "product" we are
>>> looking to sell (not a competitor in any way to Juniper)
>>
>> Just a suggestion : why don't someone contact Juniper legals and ask if
>> they see JSecurity as an acceptable name for us ? That would close this long
>> thread, I think.
>>
>> --
>> --
>> cordialement, regards,
>> Emmanuel Lécharny
>> www.iktek.com
>> directory.apache.org
>>
>>
>
>

Fwd: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

A reply.


Regards,
Alan

Begin forwarded message:

> From: "Marc Poussin" <ma...@gmail.com>
> Date: January 12, 2009 5:07:17 AM PST
> To: legal-discuss@apache.org, elecharny@apache.org
> Subject: Re: [VOTE] Change JSecurity's Name
> Reply-To: legal-discuss@apache.org
>
> Emmanuel,
>
> Actually if you file for TMing JSecurity you wont get "sued", but you
> may receive oppositions, wich have to be discussed in front of the
> trademark office you filed in (USPTO in the US, INPI in France etc...)
>
> Oppositions are not systématically formed, and other people may not
> claim their rights on the name.
>
> If you get the TM allowed it will have 3 main conséquences:
> You re entitled to sue anyone using it to protect your right (it s not
> mandatory but usefull :) )
> You have to pay more and more each year to keep your trademark
> protected (TM Fees)
> You have to USE the TM or it could be dismissed by any intrested  
> third party.
>
> It's never mandatory to TM something, because of the cost. TMing gives
> you a right, and allow you to protect yourself. TM system has been
> designed to help yourself to protect a name in which you invest
> time/money.
>
> It's kind of a race in the same time. If two companies have similar
> products (in term of CLASSES), and the same notoriety, then the first
> to register the TM is usually the one that has the TM granted.
>
> Then you can force legally the other guy to drop the name for his  
> own products.
>
> About the second question:
>
> Using the name for more than 4 years gives you no right at all. Only
> the famous Names are "insidly protected". For example, you could not
> register Coca-Cola, or Google for t-shirt or shooes, (in the case they
> dont have protected the class) not because the name is not free, but
> because it would be deceiving for any consumer.
>
> But i wont say that Apache Jsecurity project is yet as well know to
> John Doe than Google or Coca-Cola, so, i will say there is any
> protection existing on that ground.
>
> The only intresting point of this aging is the following: if there is
> an opposition due to the fact that j-security estimate his use of the
> name older, then you could prove, or not, that you were the first in
> the business using that name.
>
> If you got other questions dont hesitate,
>
> Cheers,
>
> Marc
>
> On Mon, Jan 12, 2009 at 1:21 PM, Emmanuel Lécharny <elecharny@apache.org 
> > wrote:
>> Thanks Marc !
>>
>> Some questions :
>>
>> - what are the risks and consequences if we TM JSecurity, and get  
>> sued?
>> - is it mandatory to TM JSecurity, or the fact that it has been in  
>> used for
>> more than 4 years is enough to protect the name ?
>>
>> Marc Poussin wrote:
>>>
>>> Hi,
>>>
>>> After cautious reading of that issue i just checked briefly one  
>>> single
>>> element:
>>>
>>> Trademark registration is done trough a "class" system, defined by  
>>> the
>>> Nice classification.
>>> Usually, a trademark is registred trough one or more classes  
>>> numbered
>>> from 1 to 45
>>>
>>> The trademark form allow you to define what good or service will be
>>> covered by the filing, according to the class.
>>>
>>> When a trademark form is filled, you just choose the class  and not
>>> the subdivision that you intend to protect, and you'll be protected
>>> against counterfeiting acts for this whole class.
>>>
>>> It appears that even if jsecurity and j-security have a really
>>> different activity, one being on hardware, the other one on  
>>> software,
>>> they both are dependant of class 42 (different subdivision):
>>> http://www.wipo.int/classifications/nivilo/nice/index.htm
>>>
>>> So, i would recommand a quick trademark filing, especially on  
>>> class 42
>>> if you want to preserve the name, especially if:
>>>
>>> -the name is popular and already widely used by apache users
>>> -j-security (apachie) project is older in a public way than  
>>> jsecurity
>>> (hardware)
>>> -there is already a wide policy of domain name reservation in  
>>> favor of
>>> apache on jsecurity (like .com, .net, .org etc.) because domain  
>>> names
>>> could be regarded as anteriorizing a trademark...
>>>
>>>
>>> If that name could be used for any identifical/commercial purpose  
>>> now
>>> or later, and it's decided not to protect it, changing name would be
>>> the best option, at least on a trademark law point of view.
>>>
>>> A court argument could always be that they got different activities,
>>> and that there is (almost) no risk for the public to be deceived. I
>>> would like to point that, in front of a judge wich doesn't  
>>> understand
>>> much on computers (and that shit happens often), that kind of
>>> argumentation will be quickly dismissed regarding to classes and
>>> trademark law...
>>>
>>> Concerning google, the trademark is not really an issue anymore,
>>> because they re so well known that they could argue mainly on
>>> parasitism, and keep the trademark issues around theyr main  
>>> services,
>>> where even if the google could be regarded as a public domain  
>>> term, it
>>> wont deprive them from their right to protect against copyright
>>> infrigment.
>>> In the same time, i would say that public usage do not allow to do
>>> anything, just think about Parmesan cheese, and some other French
>>> wine, and italian ham...
>>>
>>> Cheers
>>>
>>> Marc
>>>
>>>
>>>
>>> On Mon, Jan 12, 2009 at 8:05 AM, Niclas Hedhman <ni...@hedhman.org>
>>> wrote:
>>>
>>>>
>>>> On Mon, Jan 12, 2009 at 2:34 PM, Ralph Goers <ralph.goers@dslextreme.com 
>>>> >
>>>> wrote:
>>>>
>>>>
>>>>>
>>>>> As for Google, I think they actually have a fairly serious  
>>>>> problem.
>>>>> "google"
>>>>> and "googling" have become synonymous with searching for  
>>>>> information
>>>>> (see
>>>>> http://dictionary.reference.com/browse/google or
>>>>> http://www.reference.com/search?q=Googler). From what I've read  
>>>>> this is
>>>>> exactly how a company can lose control of their trademark. I'd  
>>>>> venture
>>>>> that
>>>>> if you created a product named "Super Googler" that they would  
>>>>> sue you,
>>>>> but
>>>>> given that the term is now in the public domain I'm wondering if  
>>>>> they'd
>>>>> actually win. OTOH, you'd be pretty stupid to name your product  
>>>>> that
>>>>> unless
>>>>> you want to be sued.
>>>>>
>>>>
>>>> You are right that if you don't protect your marks, you loose them.
>>>> Whether that has happened for Google already or not, is a  
>>>> discussion
>>>> for the courts...
>>>> If there is no JSecurity registered as TM or equivalent, then  
>>>> Alan's
>>>> analogy is way off the mark of realism. And speaking of Google, in
>>>> today's day and age, people who don't regularly google their  
>>>> marks and
>>>> see 'intruders' show up all over the first page, can be argued, are
>>>> not really interested in preventing others from using the mark.
>>>>
>>>> My vote after all this debate is in favor keeping the name, and  
>>>> only
>>>> act when/if there is a problem.
>>>>
>>>>
>>>> Cheers
>>>> Niclas
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>>
>>
>>
>> --
>> --
>> cordialement, regards,
>> Emmanuel Lécharny
>> www.iktek.com
>> directory.apache.org
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

Re: [VOTE] Change JSecurity's Name

[Marc Poussin <ma...@gmail.com>]

Emmanuel,

Actually if you file for TMing JSecurity you wont get "sued", but you
may receive oppositions, wich have to be discussed in front of the
trademark office you filed in (USPTO in the US, INPI in France etc...)

Oppositions are not systématically formed, and other people may not
claim their rights on the name.

If you get the TM allowed it will have 3 main conséquences:
You re entitled to sue anyone using it to protect your right (it s not
mandatory but usefull :) )
You have to pay more and more each year to keep your trademark
protected (TM Fees)
You have to USE the TM or it could be dismissed by any intrested third party.

It's never mandatory to TM something, because of the cost. TMing gives
you a right, and allow you to protect yourself. TM system has been
designed to help yourself to protect a name in which you invest
time/money.

It's kind of a race in the same time. If two companies have similar
products (in term of CLASSES), and the same notoriety, then the first
to register the TM is usually the one that has the TM granted.

Then you can force legally the other guy to drop the name for his own products.

About the second question:

Using the name for more than 4 years gives you no right at all. Only
the famous Names are "insidly protected". For example, you could not
register Coca-Cola, or Google for t-shirt or shooes, (in the case they
dont have protected the class) not because the name is not free, but
because it would be deceiving for any consumer.

But i wont say that Apache Jsecurity project is yet as well know to
John Doe than Google or Coca-Cola, so, i will say there is any
protection existing on that ground.

The only intresting point of this aging is the following: if there is
an opposition due to the fact that j-security estimate his use of the
name older, then you could prove, or not, that you were the first in
the business using that name.

If you got other questions dont hesitate,

Cheers,

Marc

On Mon, Jan 12, 2009 at 1:21 PM, Emmanuel Lécharny <el...@apache.org> wrote:
> Thanks Marc !
>
> Some questions :
>
> - what are the risks and consequences if we TM JSecurity, and get sued?
> - is it mandatory to TM JSecurity, or the fact that it has been in used for
> more than 4 years is enough to protect the name ?
>
> Marc Poussin wrote:
>>
>> Hi,
>>
>> After cautious reading of that issue i just checked briefly one single
>> element:
>>
>> Trademark registration is done trough a "class" system, defined by the
>> Nice classification.
>> Usually, a trademark is registred trough one or more classes numbered
>> from 1 to 45
>>
>> The trademark form allow you to define what good or service will be
>> covered by the filing, according to the class.
>>
>> When a trademark form is filled, you just choose the class  and not
>> the subdivision that you intend to protect, and you'll be protected
>> against counterfeiting acts for this whole class.
>>
>> It appears that even if jsecurity and j-security have a really
>> different activity, one being on hardware, the other one on software,
>> they both are dependant of class 42 (different subdivision):
>> http://www.wipo.int/classifications/nivilo/nice/index.htm
>>
>> So, i would recommand a quick trademark filing, especially on class 42
>> if you want to preserve the name, especially if:
>>
>> -the name is popular and already widely used by apache users
>> -j-security (apachie) project is older in a public way than jsecurity
>> (hardware)
>> -there is already a wide policy of domain name reservation in favor of
>> apache on jsecurity (like .com, .net, .org etc.) because domain names
>> could be regarded as anteriorizing a trademark...
>>
>>
>> If that name could be used for any identifical/commercial purpose now
>> or later, and it's decided not to protect it, changing name would be
>> the best option, at least on a trademark law point of view.
>>
>> A court argument could always be that they got different activities,
>> and that there is (almost) no risk for the public to be deceived. I
>> would like to point that, in front of a judge wich doesn't understand
>> much on computers (and that shit happens often), that kind of
>> argumentation will be quickly dismissed regarding to classes and
>> trademark law...
>>
>> Concerning google, the trademark is not really an issue anymore,
>> because they re so well known that they could argue mainly on
>> parasitism, and keep the trademark issues around theyr main services,
>> where even if the google could be regarded as a public domain term, it
>> wont deprive them from their right to protect against copyright
>> infrigment.
>> In the same time, i would say that public usage do not allow to do
>> anything, just think about Parmesan cheese, and some other French
>> wine, and italian ham...
>>
>> Cheers
>>
>> Marc
>>
>>
>>
>> On Mon, Jan 12, 2009 at 8:05 AM, Niclas Hedhman <ni...@hedhman.org>
>> wrote:
>>
>>>
>>> On Mon, Jan 12, 2009 at 2:34 PM, Ralph Goers <ra...@dslextreme.com>
>>> wrote:
>>>
>>>
>>>>
>>>> As for Google, I think they actually have a fairly serious problem.
>>>> "google"
>>>>  and "googling" have become synonymous with searching for information
>>>> (see
>>>> http://dictionary.reference.com/browse/google or
>>>> http://www.reference.com/search?q=Googler). From what I've read this is
>>>> exactly how a company can lose control of their trademark. I'd venture
>>>> that
>>>> if you created a product named "Super Googler" that they would sue you,
>>>> but
>>>> given that the term is now in the public domain I'm wondering if they'd
>>>> actually win. OTOH, you'd be pretty stupid to name your product that
>>>> unless
>>>> you want to be sued.
>>>>
>>>
>>> You are right that if you don't protect your marks, you loose them.
>>> Whether that has happened for Google already or not, is a discussion
>>> for the courts...
>>> If there is no JSecurity registered as TM or equivalent, then Alan's
>>> analogy is way off the mark of realism. And speaking of Google, in
>>> today's day and age, people who don't regularly google their marks and
>>> see 'intruders' show up all over the first page, can be argued, are
>>> not really interested in preventing others from using the mark.
>>>
>>> My vote after all this debate is in favor keeping the name, and only
>>> act when/if there is a problem.
>>>
>>>
>>> Cheers
>>> Niclas
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>>
>
>
> --
> --
> cordialement, regards,
> Emmanuel Lécharny
> www.iktek.com
> directory.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Fwd: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

An email that never made it to our list.  This is Marc Poussin, a  
french attorney at law, specialized in the innovative fields (juris  
doctor " tax solutions for innovative companies"), trademark, patent,  
and computer law.


Regards,
Alan

Begin forwarded message:

> From: "Marc Poussin" <ma...@gmail.com>
> Date: January 12, 2009 3:56:56 AM PST
> To: legal-discuss@apache.org
> Subject: Re: [VOTE] Change JSecurity's Name
> Reply-To: legal-discuss@apache.org
>
> Hi,
>
> After cautious reading of that issue i just checked briefly one  
> single element:
>
> Trademark registration is done trough a "class" system, defined by the
> Nice classification.
> Usually, a trademark is registred trough one or more classes numbered
> from 1 to 45
>
> The trademark form allow you to define what good or service will be
> covered by the filing, according to the class.
>
> When a trademark form is filled, you just choose the class  and not
> the subdivision that you intend to protect, and you'll be protected
> against counterfeiting acts for this whole class.
>
> It appears that even if jsecurity and j-security have a really
> different activity, one being on hardware, the other one on software,
> they both are dependant of class 42 (different subdivision):
> http://www.wipo.int/classifications/nivilo/nice/index.htm
>
> So, i would recommand a quick trademark filing, especially on class 42
> if you want to preserve the name, especially if:
>
> -the name is popular and already widely used by apache users
> -j-security (apachie) project is older in a public way than  
> jsecurity (hardware)
> -there is already a wide policy of domain name reservation in favor of
> apache on jsecurity (like .com, .net, .org etc.) because domain names
> could be regarded as anteriorizing a trademark...
>
>
> If that name could be used for any identifical/commercial purpose now
> or later, and it's decided not to protect it, changing name would be
> the best option, at least on a trademark law point of view.
>
> A court argument could always be that they got different activities,
> and that there is (almost) no risk for the public to be deceived. I
> would like to point that, in front of a judge wich doesn't understand
> much on computers (and that shit happens often), that kind of
> argumentation will be quickly dismissed regarding to classes and
> trademark law...
>
> Concerning google, the trademark is not really an issue anymore,
> because they re so well known that they could argue mainly on
> parasitism, and keep the trademark issues around theyr main services,
> where even if the google could be regarded as a public domain term, it
> wont deprive them from their right to protect against copyright
> infrigment.
> In the same time, i would say that public usage do not allow to do
> anything, just think about Parmesan cheese, and some other French
> wine, and italian ham...
>
> Cheers
>
> Marc
>
>
>
> On Mon, Jan 12, 2009 at 8:05 AM, Niclas Hedhman <ni...@hedhman.org>  
> wrote:
>> On Mon, Jan 12, 2009 at 2:34 PM, Ralph Goers <ralph.goers@dslextreme.com 
>> > wrote:
>>
>>> As for Google, I think they actually have a fairly serious  
>>> problem. "google"
>>> and "googling" have become synonymous with searching for  
>>> information (see
>>> http://dictionary.reference.com/browse/google or
>>> http://www.reference.com/search?q=Googler). From what I've read  
>>> this is
>>> exactly how a company can lose control of their trademark. I'd  
>>> venture that
>>> if you created a product named "Super Googler" that they would sue  
>>> you, but
>>> given that the term is now in the public domain I'm wondering if  
>>> they'd
>>> actually win. OTOH, you'd be pretty stupid to name your product  
>>> that unless
>>> you want to be sued.
>>
>> You are right that if you don't protect your marks, you loose them.
>> Whether that has happened for Google already or not, is a discussion
>> for the courts...
>> If there is no JSecurity registered as TM or equivalent, then Alan's
>> analogy is way off the mark of realism. And speaking of Google, in
>> today's day and age, people who don't regularly google their marks  
>> and
>> see 'intruders' show up all over the first page, can be argued, are
>> not really interested in preventing others from using the mark.
>>
>> My vote after all this debate is in favor keeping the name, and only
>> act when/if there is a problem.
>>
>>
>> Cheers
>> Niclas
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

Fwd: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

It's continuation.


Regards,
Alan

Begin forwarded message:

> From: Emmanuel Lécharny <el...@apache.org>
> Date: January 12, 2009 4:21:39 AM PST
> To: legal-discuss@apache.org
> Subject: Re: [VOTE] Change JSecurity's Name
> Reply-To: legal-discuss@apache.org
> Reply-To: elecharny@apache.org
>
> Thanks Marc !
>
> Some questions :
>
> - what are the risks and consequences if we TM JSecurity, and get  
> sued?
> - is it mandatory to TM JSecurity, or the fact that it has been in  
> used for more than 4 years is enough to protect the name ?
>
> Marc Poussin wrote:
>> Hi,
>>
>> After cautious reading of that issue i just checked briefly one  
>> single element:
>>
>> Trademark registration is done trough a "class" system, defined by  
>> the
>> Nice classification.
>> Usually, a trademark is registred trough one or more classes numbered
>> from 1 to 45
>>
>> The trademark form allow you to define what good or service will be
>> covered by the filing, according to the class.
>>
>> When a trademark form is filled, you just choose the class  and not
>> the subdivision that you intend to protect, and you'll be protected
>> against counterfeiting acts for this whole class.
>>
>> It appears that even if jsecurity and j-security have a really
>> different activity, one being on hardware, the other one on software,
>> they both are dependant of class 42 (different subdivision):
>> http://www.wipo.int/classifications/nivilo/nice/index.htm
>>
>> So, i would recommand a quick trademark filing, especially on class  
>> 42
>> if you want to preserve the name, especially if:
>>
>> -the name is popular and already widely used by apache users
>> -j-security (apachie) project is older in a public way than  
>> jsecurity (hardware)
>> -there is already a wide policy of domain name reservation in favor  
>> of
>> apache on jsecurity (like .com, .net, .org etc.) because domain names
>> could be regarded as anteriorizing a trademark...
>>
>>
>> If that name could be used for any identifical/commercial purpose now
>> or later, and it's decided not to protect it, changing name would be
>> the best option, at least on a trademark law point of view.
>>
>> A court argument could always be that they got different activities,
>> and that there is (almost) no risk for the public to be deceived. I
>> would like to point that, in front of a judge wich doesn't understand
>> much on computers (and that shit happens often), that kind of
>> argumentation will be quickly dismissed regarding to classes and
>> trademark law...
>>
>> Concerning google, the trademark is not really an issue anymore,
>> because they re so well known that they could argue mainly on
>> parasitism, and keep the trademark issues around theyr main services,
>> where even if the google could be regarded as a public domain term,  
>> it
>> wont deprive them from their right to protect against copyright
>> infrigment.
>> In the same time, i would say that public usage do not allow to do
>> anything, just think about Parmesan cheese, and some other French
>> wine, and italian ham...
>>
>> Cheers
>>
>> Marc
>>
>>
>>
>> On Mon, Jan 12, 2009 at 8:05 AM, Niclas Hedhman  
>> <ni...@hedhman.org> wrote:
>>
>>> On Mon, Jan 12, 2009 at 2:34 PM, Ralph Goers <ralph.goers@dslextreme.com 
>>> > wrote:
>>>
>>>
>>>> As for Google, I think they actually have a fairly serious  
>>>> problem. "google"
>>>> and "googling" have become synonymous with searching for  
>>>> information (see
>>>> http://dictionary.reference.com/browse/google or
>>>> http://www.reference.com/search?q=Googler). From what I've read  
>>>> this is
>>>> exactly how a company can lose control of their trademark. I'd  
>>>> venture that
>>>> if you created a product named "Super Googler" that they would  
>>>> sue you, but
>>>> given that the term is now in the public domain I'm wondering if  
>>>> they'd
>>>> actually win. OTOH, you'd be pretty stupid to name your product  
>>>> that unless
>>>> you want to be sued.
>>>>
>>> You are right that if you don't protect your marks, you loose them.
>>> Whether that has happened for Google already or not, is a discussion
>>> for the courts...
>>> If there is no JSecurity registered as TM or equivalent, then Alan's
>>> analogy is way off the mark of realism. And speaking of Google, in
>>> today's day and age, people who don't regularly google their marks  
>>> and
>>> see 'intruders' show up all over the first page, can be argued, are
>>> not really interested in preventing others from using the mark.
>>>
>>> My vote after all this debate is in favor keeping the name, and only
>>> act when/if there is a problem.
>>>
>>>
>>> Cheers
>>> Niclas
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>>
>
>
> -- 
> --
> cordialement, regards,
> Emmanuel Lécharny
> www.iktek.com
> directory.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

Re: [VOTE] Change JSecurity's Name

[Emmanuel Lécharny <el...@apache.org>]

Thanks Marc !

Some questions :

- what are the risks and consequences if we TM JSecurity, and get sued?
- is it mandatory to TM JSecurity, or the fact that it has been in used 
for more than 4 years is enough to protect the name ?

Marc Poussin wrote:
> Hi,
>
> After cautious reading of that issue i just checked briefly one single element:
>
> Trademark registration is done trough a "class" system, defined by the
> Nice classification.
> Usually, a trademark is registred trough one or more classes numbered
> from 1 to 45
>
> The trademark form allow you to define what good or service will be
> covered by the filing, according to the class.
>
> When a trademark form is filled, you just choose the class  and not
> the subdivision that you intend to protect, and you'll be protected
> against counterfeiting acts for this whole class.
>
> It appears that even if jsecurity and j-security have a really
> different activity, one being on hardware, the other one on software,
> they both are dependant of class 42 (different subdivision):
> http://www.wipo.int/classifications/nivilo/nice/index.htm
>
> So, i would recommand a quick trademark filing, especially on class 42
> if you want to preserve the name, especially if:
>
> -the name is popular and already widely used by apache users
> -j-security (apachie) project is older in a public way than jsecurity (hardware)
> -there is already a wide policy of domain name reservation in favor of
> apache on jsecurity (like .com, .net, .org etc.) because domain names
> could be regarded as anteriorizing a trademark...
>
>
> If that name could be used for any identifical/commercial purpose now
> or later, and it's decided not to protect it, changing name would be
> the best option, at least on a trademark law point of view.
>
> A court argument could always be that they got different activities,
> and that there is (almost) no risk for the public to be deceived. I
> would like to point that, in front of a judge wich doesn't understand
> much on computers (and that shit happens often), that kind of
> argumentation will be quickly dismissed regarding to classes and
> trademark law...
>
> Concerning google, the trademark is not really an issue anymore,
> because they re so well known that they could argue mainly on
> parasitism, and keep the trademark issues around theyr main services,
> where even if the google could be regarded as a public domain term, it
> wont deprive them from their right to protect against copyright
> infrigment.
> In the same time, i would say that public usage do not allow to do
> anything, just think about Parmesan cheese, and some other French
> wine, and italian ham...
>
> Cheers
>
> Marc
>
>
>
> On Mon, Jan 12, 2009 at 8:05 AM, Niclas Hedhman <ni...@hedhman.org> wrote:
>   
>> On Mon, Jan 12, 2009 at 2:34 PM, Ralph Goers <ra...@dslextreme.com> wrote:
>>
>>     
>>> As for Google, I think they actually have a fairly serious problem. "google"
>>>  and "googling" have become synonymous with searching for information (see
>>> http://dictionary.reference.com/browse/google or
>>> http://www.reference.com/search?q=Googler). From what I've read this is
>>> exactly how a company can lose control of their trademark. I'd venture that
>>> if you created a product named "Super Googler" that they would sue you, but
>>> given that the term is now in the public domain I'm wondering if they'd
>>> actually win. OTOH, you'd be pretty stupid to name your product that unless
>>> you want to be sued.
>>>       
>> You are right that if you don't protect your marks, you loose them.
>> Whether that has happened for Google already or not, is a discussion
>> for the courts...
>> If there is no JSecurity registered as TM or equivalent, then Alan's
>> analogy is way off the mark of realism. And speaking of Google, in
>> today's day and age, people who don't regularly google their marks and
>> see 'intruders' show up all over the first page, can be argued, are
>> not really interested in preventing others from using the mark.
>>
>> My vote after all this debate is in favor keeping the name, and only
>> act when/if there is a problem.
>>
>>
>> Cheers
>> Niclas
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>>     
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>
>   


-- 
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Fwd: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

Another message.

Regards,
Alan

Begin forwarded message:

> From: "Marc Poussin" <ma...@gmail.com>
> Date: January 12, 2009 4:00:44 AM PST
> To: legal-discuss@apache.org
> Subject: Re: [VOTE] Change JSecurity's Name
> Reply-To: legal-discuss@apache.org
>
> Oooops sorry forgot something :)
>
> Withing class 42 it s obvisously not the hardware wich is protected,
> but hardware consultancy, and rental (hardware is a good not a
> service) wich is always filled in the same time that the hardware
> class...
>
> Cheers
> On Mon, Jan 12, 2009 at 12:56 PM, Marc Poussin  
> <ma...@gmail.com> wrote:
>> Hi,
>>
>> After cautious reading of that issue i just checked briefly one  
>> single element:
>>
>> Trademark registration is done trough a "class" system, defined by  
>> the
>> Nice classification.
>> Usually, a trademark is registred trough one or more classes numbered
>> from 1 to 45
>>
>> The trademark form allow you to define what good or service will be
>> covered by the filing, according to the class.
>>
>> When a trademark form is filled, you just choose the class  and not
>> the subdivision that you intend to protect, and you'll be protected
>> against counterfeiting acts for this whole class.
>>
>> It appears that even if jsecurity and j-security have a really
>> different activity, one being on hardware, the other one on software,
>> they both are dependant of class 42 (different subdivision):
>> http://www.wipo.int/classifications/nivilo/nice/index.htm
>>
>> So, i would recommand a quick trademark filing, especially on class  
>> 42
>> if you want to preserve the name, especially if:
>>
>> -the name is popular and already widely used by apache users
>> -j-security (apachie) project is older in a public way than  
>> jsecurity (hardware)
>> -there is already a wide policy of domain name reservation in favor  
>> of
>> apache on jsecurity (like .com, .net, .org etc.) because domain names
>> could be regarded as anteriorizing a trademark...
>>
>>
>> If that name could be used for any identifical/commercial purpose now
>> or later, and it's decided not to protect it, changing name would be
>> the best option, at least on a trademark law point of view.
>>
>> A court argument could always be that they got different activities,
>> and that there is (almost) no risk for the public to be deceived. I
>> would like to point that, in front of a judge wich doesn't understand
>> much on computers (and that shit happens often), that kind of
>> argumentation will be quickly dismissed regarding to classes and
>> trademark law...
>>
>> Concerning google, the trademark is not really an issue anymore,
>> because they re so well known that they could argue mainly on
>> parasitism, and keep the trademark issues around theyr main services,
>> where even if the google could be regarded as a public domain term,  
>> it
>> wont deprive them from their right to protect against copyright
>> infrigment.
>> In the same time, i would say that public usage do not allow to do
>> anything, just think about Parmesan cheese, and some other French
>> wine, and italian ham...
>>
>> Cheers
>>
>> Marc
>>
>>
>>
>> On Mon, Jan 12, 2009 at 8:05 AM, Niclas Hedhman  
>> <ni...@hedhman.org> wrote:
>>> On Mon, Jan 12, 2009 at 2:34 PM, Ralph Goers <ralph.goers@dslextreme.com 
>>> > wrote:
>>>
>>>> As for Google, I think they actually have a fairly serious  
>>>> problem. "google"
>>>> and "googling" have become synonymous with searching for  
>>>> information (see
>>>> http://dictionary.reference.com/browse/google or
>>>> http://www.reference.com/search?q=Googler). From what I've read  
>>>> this is
>>>> exactly how a company can lose control of their trademark. I'd  
>>>> venture that
>>>> if you created a product named "Super Googler" that they would  
>>>> sue you, but
>>>> given that the term is now in the public domain I'm wondering if  
>>>> they'd
>>>> actually win. OTOH, you'd be pretty stupid to name your product  
>>>> that unless
>>>> you want to be sued.
>>>
>>> You are right that if you don't protect your marks, you loose them.
>>> Whether that has happened for Google already or not, is a discussion
>>> for the courts...
>>> If there is no JSecurity registered as TM or equivalent, then Alan's
>>> analogy is way off the mark of realism. And speaking of Google, in
>>> today's day and age, people who don't regularly google their marks  
>>> and
>>> see 'intruders' show up all over the first page, can be argued, are
>>> not really interested in preventing others from using the mark.
>>>
>>> My vote after all this debate is in favor keeping the name, and only
>>> act when/if there is a problem.
>>>
>>>
>>> Cheers
>>> Niclas
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

Re: [VOTE] Change JSecurity's Name

[Marc Poussin <ma...@gmail.com>]

Oooops sorry forgot something :)

Withing class 42 it s obvisously not the hardware wich is protected,
but hardware consultancy, and rental (hardware is a good not a
service) wich is always filled in the same time that the hardware
class...

Cheers
On Mon, Jan 12, 2009 at 12:56 PM, Marc Poussin <ma...@gmail.com> wrote:
> Hi,
>
> After cautious reading of that issue i just checked briefly one single element:
>
> Trademark registration is done trough a "class" system, defined by the
> Nice classification.
> Usually, a trademark is registred trough one or more classes numbered
> from 1 to 45
>
> The trademark form allow you to define what good or service will be
> covered by the filing, according to the class.
>
> When a trademark form is filled, you just choose the class  and not
> the subdivision that you intend to protect, and you'll be protected
> against counterfeiting acts for this whole class.
>
> It appears that even if jsecurity and j-security have a really
> different activity, one being on hardware, the other one on software,
> they both are dependant of class 42 (different subdivision):
> http://www.wipo.int/classifications/nivilo/nice/index.htm
>
> So, i would recommand a quick trademark filing, especially on class 42
> if you want to preserve the name, especially if:
>
> -the name is popular and already widely used by apache users
> -j-security (apachie) project is older in a public way than jsecurity (hardware)
> -there is already a wide policy of domain name reservation in favor of
> apache on jsecurity (like .com, .net, .org etc.) because domain names
> could be regarded as anteriorizing a trademark...
>
>
> If that name could be used for any identifical/commercial purpose now
> or later, and it's decided not to protect it, changing name would be
> the best option, at least on a trademark law point of view.
>
> A court argument could always be that they got different activities,
> and that there is (almost) no risk for the public to be deceived. I
> would like to point that, in front of a judge wich doesn't understand
> much on computers (and that shit happens often), that kind of
> argumentation will be quickly dismissed regarding to classes and
> trademark law...
>
> Concerning google, the trademark is not really an issue anymore,
> because they re so well known that they could argue mainly on
> parasitism, and keep the trademark issues around theyr main services,
> where even if the google could be regarded as a public domain term, it
> wont deprive them from their right to protect against copyright
> infrigment.
> In the same time, i would say that public usage do not allow to do
> anything, just think about Parmesan cheese, and some other French
> wine, and italian ham...
>
> Cheers
>
> Marc
>
>
>
> On Mon, Jan 12, 2009 at 8:05 AM, Niclas Hedhman <ni...@hedhman.org> wrote:
>> On Mon, Jan 12, 2009 at 2:34 PM, Ralph Goers <ra...@dslextreme.com> wrote:
>>
>>> As for Google, I think they actually have a fairly serious problem. "google"
>>>  and "googling" have become synonymous with searching for information (see
>>> http://dictionary.reference.com/browse/google or
>>> http://www.reference.com/search?q=Googler). From what I've read this is
>>> exactly how a company can lose control of their trademark. I'd venture that
>>> if you created a product named "Super Googler" that they would sue you, but
>>> given that the term is now in the public domain I'm wondering if they'd
>>> actually win. OTOH, you'd be pretty stupid to name your product that unless
>>> you want to be sued.
>>
>> You are right that if you don't protect your marks, you loose them.
>> Whether that has happened for Google already or not, is a discussion
>> for the courts...
>> If there is no JSecurity registered as TM or equivalent, then Alan's
>> analogy is way off the mark of realism. And speaking of Google, in
>> today's day and age, people who don't regularly google their marks and
>> see 'intruders' show up all over the first page, can be argued, are
>> not really interested in preventing others from using the mark.
>>
>> My vote after all this debate is in favor keeping the name, and only
>> act when/if there is a problem.
>>
>>
>> Cheers
>> Niclas
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

[Marc Poussin <ma...@gmail.com>]

Hi,

After cautious reading of that issue i just checked briefly one single element:

Trademark registration is done trough a "class" system, defined by the
Nice classification.
Usually, a trademark is registred trough one or more classes numbered
from 1 to 45

The trademark form allow you to define what good or service will be
covered by the filing, according to the class.

When a trademark form is filled, you just choose the class  and not
the subdivision that you intend to protect, and you'll be protected
against counterfeiting acts for this whole class.

It appears that even if jsecurity and j-security have a really
different activity, one being on hardware, the other one on software,
they both are dependant of class 42 (different subdivision):
http://www.wipo.int/classifications/nivilo/nice/index.htm

So, i would recommand a quick trademark filing, especially on class 42
if you want to preserve the name, especially if:

-the name is popular and already widely used by apache users
-j-security (apachie) project is older in a public way than jsecurity (hardware)
-there is already a wide policy of domain name reservation in favor of
apache on jsecurity (like .com, .net, .org etc.) because domain names
could be regarded as anteriorizing a trademark...


If that name could be used for any identifical/commercial purpose now
or later, and it's decided not to protect it, changing name would be
the best option, at least on a trademark law point of view.

A court argument could always be that they got different activities,
and that there is (almost) no risk for the public to be deceived. I
would like to point that, in front of a judge wich doesn't understand
much on computers (and that shit happens often), that kind of
argumentation will be quickly dismissed regarding to classes and
trademark law...

Concerning google, the trademark is not really an issue anymore,
because they re so well known that they could argue mainly on
parasitism, and keep the trademark issues around theyr main services,
where even if the google could be regarded as a public domain term, it
wont deprive them from their right to protect against copyright
infrigment.
In the same time, i would say that public usage do not allow to do
anything, just think about Parmesan cheese, and some other French
wine, and italian ham...

Cheers

Marc



On Mon, Jan 12, 2009 at 8:05 AM, Niclas Hedhman <ni...@hedhman.org> wrote:
> On Mon, Jan 12, 2009 at 2:34 PM, Ralph Goers <ra...@dslextreme.com> wrote:
>
>> As for Google, I think they actually have a fairly serious problem. "google"
>>  and "googling" have become synonymous with searching for information (see
>> http://dictionary.reference.com/browse/google or
>> http://www.reference.com/search?q=Googler). From what I've read this is
>> exactly how a company can lose control of their trademark. I'd venture that
>> if you created a product named "Super Googler" that they would sue you, but
>> given that the term is now in the public domain I'm wondering if they'd
>> actually win. OTOH, you'd be pretty stupid to name your product that unless
>> you want to be sued.
>
> You are right that if you don't protect your marks, you loose them.
> Whether that has happened for Google already or not, is a discussion
> for the courts...
> If there is no JSecurity registered as TM or equivalent, then Alan's
> analogy is way off the mark of realism. And speaking of Google, in
> today's day and age, people who don't regularly google their marks and
> see 'intruders' show up all over the first page, can be argued, are
> not really interested in preventing others from using the mark.
>
> My vote after all this debate is in favor keeping the name, and only
> act when/if there is a problem.
>
>
> Cheers
> Niclas
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

[Niclas Hedhman <ni...@hedhman.org>]

On Mon, Jan 12, 2009 at 2:34 PM, Ralph Goers <ra...@dslextreme.com> wrote:

> As for Google, I think they actually have a fairly serious problem. "google"
>  and "googling" have become synonymous with searching for information (see
> http://dictionary.reference.com/browse/google or
> http://www.reference.com/search?q=Googler). From what I've read this is
> exactly how a company can lose control of their trademark. I'd venture that
> if you created a product named "Super Googler" that they would sue you, but
> given that the term is now in the public domain I'm wondering if they'd
> actually win. OTOH, you'd be pretty stupid to name your product that unless
> you want to be sued.

You are right that if you don't protect your marks, you loose them.
Whether that has happened for Google already or not, is a discussion
for the courts...
If there is no JSecurity registered as TM or equivalent, then Alan's
analogy is way off the mark of realism. And speaking of Google, in
today's day and age, people who don't regularly google their marks and
see 'intruders' show up all over the first page, can be argued, are
not really interested in preventing others from using the mark.

My vote after all this debate is in favor keeping the name, and only
act when/if there is a problem.


Cheers
Niclas

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

[Tim Veil <ti...@mac.com>]

Whoops, sent that unfinished... My last thought is that in my mind the  
differences between the two projects are significant enough not to  
warrant a change now.

It seems so unlikely that Juniper is going to want to compete in this  
space, it just doesn't seem like a grey area to me.

Thanks,
Tim

On Jan 11, 2009, at 1:52 PM, Tim Veil wrote:

> I guess my take is that
> JSecurity has been in the name of this project for nearly 4 years  
> without compliant
> JSecurity has name recognition and a following
> The project of concern, "J-Security" is not a product at all but  
> rather a " resource for security information and analysis."
> J-Security's parent company Juniper is in the network hardware  
> business not the Java application business
> JSecurity is an open-source software project not a "product" we are  
> looking to sell (not a competitor in any way to Juniper)
>
> On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:
>
>> Here's my take and I'm not intransigent on this.  I'll use a bit of  
>> hyperbole to make my point.
>>
>> If some company who makes hand made woven baskets has had the name  
>> JSecurity there would be no problem.  If that company decides to   
>> market a program that trains people in basket weaving written in  
>> java there would be no problem.
>>
>> However, other computer security companies have an earlier claim to  
>> JSecurity.  If they decide the release a suite of java programs  
>> that performs security analysis then there's overlap.
>>
>> Why would we want to live in the grey area anyway?  Am I  
>> misunderstanding something?
>>
>> Regards,
>> Alan
>>
>>
>> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>>
>>> Agreed.
>>>
>>> I don't really understand what problem is being solved here.
>>>
>>> geir
>>>
>>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>>
>>>> -1 to changing the name at this time.
>>>>
>>>> I know my vote isn't binding, but I just want a record of it. At  
>>>> the
>>>> moment, I think any potential causes of conflict, given that  
>>>> there are
>>>> NO trademark or patent conflicts, are dubious at best.
>>>>
>>>> Cheers,
>>>>
>>>> Les
>>>>
>>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>>>> > wrote:
>>>>> any more...
>>>>>
>>>>> ok, former board member. ;-)
>>>>>
>>>>> Craig
>>>>>
>>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>>
>>>>>> I'm not a board member. :)
>>>>>>
>>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>>>> >
>>>>>> wrote:
>>>>>>>
>>>>>>> -1 Do not change JSecurity's name
>>>>>>>
>>>>>>> We had the discussion in early December on the legal mailing  
>>>>>>> list and no
>>>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>>>> only board
>>>>>>> member who commented on the JSecurity name during the  
>>>>>>> discussion.
>>>>>>>
>>>>>>> We will have at least three more votes where additional issues  
>>>>>>> regarding
>>>>>>> the
>>>>>>> name can be brought up:
>>>>>>>
>>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>>>> incubator
>>>>>>> votes.
>>>>>>>
>>>>>>> Craig
>>>>>>>
>>>>>>>
>>>>>>> Dear JSecurity Team,
>>>>>>>
>>>>>>> There has been lengthy debate without consensus as to whether or
>>>>>>> JSecurity's
>>>>>>> name should be changed to something else.  So, there is need  
>>>>>>> for a vote.
>>>>>>>
>>>>>>> Please vote on changing JSecurity's name to something else.   
>>>>>>> This is ONLY
>>>>>>> a
>>>>>>> vote of if we should change the name, NOT what any alternate  
>>>>>>> name might
>>>>>>> be.
>>>>>>> I'd like to leave this vote open for 7 days instead of the  
>>>>>>> usual 3 to
>>>>>>> account for time that people may not be able to respond due to  
>>>>>>> the
>>>>>>> holidays.  Of course we can close the vote early if all  
>>>>>>> binding votes are
>>>>>>> accounted for prior to the 7 day limit.
>>>>>>>
>>>>>>> The vote is open for the next 7 days and only votes from the  
>>>>>>> JSecurity
>>>>>>> development team are binding.
>>>>>>>
>>>>>>> [ ] +1 Change JSecurity's name
>>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>>
>>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>>
>>>>>>>> Given that it's a name you've been using for 4 years, and  
>>>>>>>> it's very
>>>>>>>> generic [jXxx being a common pattern in our space and  
>>>>>>>> Security being
>>>>>>>> very generic]; I'm inclined to keep the current name; though  
>>>>>>>> by the
>>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>>>> very good
>>>>>>>> branding.
>>>>>>>>
>>>>>>>> My tuppence of opinion.
>>>>>>>>
>>>>>>>> Hen
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>> >
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hi ASF legal team,
>>>>>>>>>
>>>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>>>> concerning a
>>>>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>>>>> Incubator
>>>>>>>>> project).
>>>>>>>>>
>>>>>>>>> A few of our mentors have expressed concern that there might  
>>>>>>>>> be a
>>>>>>>>> possible naming conflict with our project name (JSecurity)  
>>>>>>>>> and some
>>>>>>>>> other references found through google and other search  
>>>>>>>>> mechanisms.
>>>>>>>>>
>>>>>>>>> I'd like to point out that the JSecurity name, as an open  
>>>>>>>>> source
>>>>>>>>> project identity has been around for almost 4 years now,  
>>>>>>>>> with zero
>>>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>>>> proprietary
>>>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>>>> determining if
>>>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>>>> context of
>>>>>>>>> why the original JSecurity developers (and our well- 
>>>>>>>>> established
>>>>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>>>>> might be
>>>>>>>>> older references to this name, unrelated to our project, but  
>>>>>>>>> we don't
>>>>>>>>> know for certain if they would constitute a risk in the name  
>>>>>>>>> overlap.
>>>>>>>>>
>>>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>>>> changed or
>>>>>>>>> not.
>>>>>>>>>
>>>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>>>> research:
>>>>>>>>>
>>>>>>>>> <snip>
>>>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>>>> references
>>>>>>>>> to JSecurity :
>>>>>>>>>
>>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>>>> Assessment service called JSecurity. Our JSecurity experts  
>>>>>>>>> will
>>>>>>>>> conduct a full information security risk assessment focusing  
>>>>>>>>> on:"
>>>>>>>>>
>>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>>>> >
>>>>>>>>> Seems like they have a service called  J-Security. Be sure  
>>>>>>>>> that
>>>>>>>>> Juniper has a legal service who might perfectly well send  
>>>>>>>>> some nicely
>>>>>>>>> written "cease and desist" letter to the ASF about this  
>>>>>>>>> name. Not sure
>>>>>>>>> that our legals want to deal with that ...
>>>>>>>>>
>>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>>>> >
>>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>>>> least)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>>>> >
>>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>>
>>>>>>>>> As much as I like the JSecurity name, I also think that we  
>>>>>>>>> are un
>>>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>>>> main issue
>>>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>>>> already
>>>>>>>>> know that there are company out there which already use this  
>>>>>>>>> name.
>>>>>>>>>
>>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>>>> information
>>>>>>>>> as possible. When you guys think you have set your mind  
>>>>>>>>> about this
>>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>>>> JSecurity or
>>>>>>>>> any other) to double check that it's ok or not (IFAIK). That  
>>>>>>>>> is one of
>>>>>>>>> the condition to exit from the incubator :
>>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>>>> >).
>>>>>>>>>
>>>>>>>>> </snip>
>>>>>>>>>
>>>>>>>>> Thanks for your review and feedback!
>>>>>>>>>
>>>>>>>>> Best,
>>>>>>>>>
>>>>>>>>> Les
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>>> >
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Adam,
>>>>>>>>>>
>>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>>>> opinion.  I love
>>>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>>>> contribute to
>>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>>
>>>>>>>>>> I am in total agreement with your sentiments thus far.  It  
>>>>>>>>>> is my
>>>>>>>>>> opinion that the name we have is great as it is and I'd  
>>>>>>>>>> only like to
>>>>>>>>>> change the name if someone from legal puts pressure on us  
>>>>>>>>>> to do so.
>>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>>>> post this to
>>>>>>>>>> legal in just a few minutes asking their feedback.  I'd  
>>>>>>>>>> like to hear
>>>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>>>> genuinely
>>>>>>>>>> curious :)
>>>>>>>>>>
>>>>>>>>>> Thanks again very much for chiming in.  Its nice to see  
>>>>>>>>>> that you (and
>>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>>
>>>>>>>>>> Best regards,
>>>>>>>>>>
>>>>>>>>>> Les
>>>>>>>>>>
>>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft  
>>>>>>>>>> <ad...@adamtaft.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>>>> (though I
>>>>>>>>>>> hope to
>>>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>>>> attention, and
>>>>>>>>>>> so I
>>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>>
>>>>>>>>>>> I have an interest, call it a hobby, in name related  
>>>>>>>>>>> issues for
>>>>>>>>>>> software
>>>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>>>> from any
>>>>>>>>>>> official
>>>>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>>>>> like to
>>>>>>>>>>> point out
>>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>>>> has been
>>>>>>>>>>> associated with other software products already.  So, this  
>>>>>>>>>>> is bad
>>>>>>>>>>> news
>>>>>>>>>>> with
>>>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>>>> geographic
>>>>>>>>>>> location
>>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>>>> these other
>>>>>>>>>>> software products are going to have problems with any  
>>>>>>>>>>> related use of
>>>>>>>>>>> the
>>>>>>>>>>> term Alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>>>> product is
>>>>>>>>>>> used
>>>>>>>>>>> to
>>>>>>>>>>> keep people out of the protected system.  This is what the  
>>>>>>>>>>> term
>>>>>>>>>>> "security"
>>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant  
>>>>>>>>>>> to keep
>>>>>>>>>>> people
>>>>>>>>>>> out,
>>>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>>>> related, and
>>>>>>>>>>> even
>>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>>>> software
>>>>>>>>>>> would be
>>>>>>>>>>> a better name for a product which keeps workstation/ 
>>>>>>>>>>> network users
>>>>>>>>>>> constrained in their internet use, like a firewall, or a  
>>>>>>>>>>> web proxy,
>>>>>>>>>>> for
>>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>>
>>>>>>>>>>> Don't underestimate the importance of this point.  The  
>>>>>>>>>>> name of a
>>>>>>>>>>> software
>>>>>>>>>>> should ideally be somewhat self describing, especially  
>>>>>>>>>>> when starting
>>>>>>>>>>> out.
>>>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>>>> describing name
>>>>>>>>>>> can
>>>>>>>>>>> make
>>>>>>>>>>> a big difference.
>>>>>>>>>>>
>>>>>>>>>>> Third, I don't think you can underestimate how important  
>>>>>>>>>>> it is that
>>>>>>>>>>> people
>>>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>>>> Google (and
>>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>>>> unrelated
>>>>>>>>>>> hits,
>>>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>>>> with the
>>>>>>>>>>> name.
>>>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>>>> only known
>>>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>>>> hear the
>>>>>>>>>>> name.
>>>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>>>> completely strange
>>>>>>>>>>> and
>>>>>>>>>>> nonsensical product names.
>>>>>>>>>>>
>>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>>>> which again
>>>>>>>>>>> becomes problematic for the above search recognition  
>>>>>>>>>>> reasons.
>>>>>>>>>>> Alkitraz?
>>>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>>>> (though
>>>>>>>>>>> this
>>>>>>>>>>> is a
>>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>>
>>>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>>>> something that
>>>>>>>>>>> you
>>>>>>>>>>> don't
>>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>>>> should be
>>>>>>>>>>> consulted.
>>>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>>>> changing package
>>>>>>>>>>> names
>>>>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>>>>> start
>>>>>>>>>>> renaming
>>>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>>>> happen in
>>>>>>>>>>> the
>>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>>
>>>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>>>> view, you
>>>>>>>>>>> shouldn't
>>>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>>>> actually
>>>>>>>>>>> required
>>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has  
>>>>>>>>>>> the Apache
>>>>>>>>>>> council
>>>>>>>>>>> suggested the change?  Are you being blocked by the  
>>>>>>>>>>> incubation
>>>>>>>>>>> process?
>>>>>>>>>>> Why
>>>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>>>> could be
>>>>>>>>>>> better
>>>>>>>>>>> spent on other matters.
>>>>>>>>>>>
>>>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>>>> Eclipse.  But,
>>>>>>>>>>> that's
>>>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>>>> confusion,
>>>>>>>>>>> support,
>>>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>>>> thought about
>>>>>>>>>>> when
>>>>>>>>>>> changing the name.
>>>>>>>>>>>
>>>>>>>>>>> Further, what if you decide to change the name to  
>>>>>>>>>>> Alcatraz, and then
>>>>>>>>>>> get
>>>>>>>>>>> pressure from another software group?  Ouch, time to  
>>>>>>>>>>> rename the
>>>>>>>>>>> project
>>>>>>>>>>> yet
>>>>>>>>>>> again.
>>>>>>>>>>>
>>>>>>>>>>> I think you all are better just letting this thing ride  
>>>>>>>>>>> until
>>>>>>>>>>> something
>>>>>>>>>>> real
>>>>>>>>>>> convicting suggests you need a change.  JSecurity is a  
>>>>>>>>>>> great product
>>>>>>>>>>> name
>>>>>>>>>>> which you should stick with until otherwise needed.  And,  
>>>>>>>>>>> if that day
>>>>>>>>>>> comes,
>>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>>>> opinion, for all
>>>>>>>>>>> the
>>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>>
>>>>>>>>>>> Thanks,
>>>>>>>>>>>
>>>>>>>>>>> Adam
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them  
>>>>>>>>>>>>>>>>> the names we
>>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post  
>>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>>> names.  Could you please forward them on so I can  
>>>>>>>>>>>>>>>> post them to
>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that  
>>>>>>>>>>>>>>> alcatraz is the
>>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the  
>>>>>>>>>>>>>>> 1.0
>>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>>>> Incubator PMC we can change the packages to be  
>>>>>>>>>>>>>>> jsecurity.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>>>> (because
>>>>>>>>>>>>>> it's
>>>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>>>> (with all the infos we have already found about it),  
>>>>>>>>>>>>>> and also ask
>>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>>>> here : add
>>>>>>>>>>>>>> some
>>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>>> geographical
>>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>>
>>>>>>>>>>>>> Legal is not a clearing house for project names.  They  
>>>>>>>>>>>>> can only
>>>>>>>>>>>>> give
>>>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.   
>>>>>>>>>>>>> So far as
>>>>>>>>>>>>> I
>>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>>
>>>>>>>>>>>>> What I'm worried about is that the vetting effort for  
>>>>>>>>>>>>> the JSecurity
>>>>>>>>>>>>> name will have the same track record as the v0.9  
>>>>>>>>>>>>> release.  If we
>>>>>>>>>>>>> start
>>>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>>>> incubation
>>>>>>>>>>>>> process.
>>>>>>>>>>>>
>>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some  
>>>>>>>>>>>> time to do
>>>>>>>>>>>> some
>>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>>> incubator).
>>>>>>>>>>>>
>>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> --
>>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>>> www.iktek.com
>>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> View this message in context:
>>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>>>> Nabble.com.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>>>> educational
>>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>>>> opinions
>>>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/ 
>>>>>>>> > for
>>>>>>>> official ASF policies and documents.
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>
>>>>>>>
>>>>>>> Craig L Russell
>>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>
>>>>> Craig L Russell
>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>> P.S. A good JDO? O, Gasp!
>>>>>
>>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>
>

Re: [VOTE] Change JSecurity's Name

[Tim Veil <tj...@gmail.com>]

Its not a bad idea.  It could be one of those things that they are  
unlikely to care about unless specifically asked to care, but it would  
certainly put an end to the discussion.

Tim

On Jan 11, 2009, at 2:03 PM, Emmanuel Lécharny wrote:

> Tim Veil wrote:
>> I guess my take is that
>> JSecurity has been in the name of this project for nearly 4 years  
>> without compliant
>> JSecurity has name recognition and a following
>> The project of concern, "J-Security" is not a product at all but  
>> rather a " resource for security information and analysis."
>> J-Security's parent company Juniper is in the network hardware  
>> business not the Java application business
>> JSecurity is an open-source software project not a "product" we are  
>> looking to sell (not a competitor in any way to Juniper)
>
> Just a suggestion : why don't someone contact Juniper legals and ask  
> if they see JSecurity as an acceptable name for us ? That would  
> close this long thread, I think.
>
> -- 
> --
> cordialement, regards,
> Emmanuel Lécharny
> www.iktek.com
> directory.apache.org
>
>

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 11:03 AM, Emmanuel Lécharny wrote:

> Tim Veil wrote:
>> I guess my take is that
>> JSecurity has been in the name of this project for nearly 4 years  
>> without compliant
>> JSecurity has name recognition and a following
>> The project of concern, "J-Security" is not a product at all but  
>> rather a " resource for security information and analysis."
>> J-Security's parent company Juniper is in the network hardware  
>> business not the Java application business
>> JSecurity is an open-source software project not a "product" we are  
>> looking to sell (not a competitor in any way to Juniper)
>
> Just a suggestion : why don't someone contact Juniper legals and ask  
> if they see JSecurity as an acceptable name for us ? That would  
> close this long thread, I think.

Works for me.


Regards,
Alan

Re: [VOTE] Change JSecurity's Name

[Emmanuel Lécharny <el...@apache.org>]

Tim Veil wrote:
> I guess my take is that
> JSecurity has been in the name of this project for nearly 4 years 
> without compliant
> JSecurity has name recognition and a following
> The project of concern, "J-Security" is not a product at all but 
> rather a " resource for security information and analysis."
> J-Security's parent company Juniper is in the network hardware 
> business not the Java application business
> JSecurity is an open-source software project not a "product" we are 
> looking to sell (not a competitor in any way to Juniper)

Just a suggestion : why don't someone contact Juniper legals and ask if 
they see JSecurity as an acceptable name for us ? That would close this 
long thread, I think.

-- 
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org

Re: [VOTE] Change JSecurity's Name

[Ralph Goers <ra...@dslextreme.com>]

On Jan 11, 2009, at 8:36 PM, Alan D. Cabrera wrote:

>
> On Jan 11, 2009, at 3:17 PM, Ralph Goers wrote:
>>
>> Has anyone from Juniper contacted Apache about a problem?  Based on  
>> the research that has been done I don't see this as an obvious  
>> infringement. If the project has been around for 4 years without  
>> complaint I don't think it is worth the time and effort to worry  
>> about things Juniper may or may not choose to do in the future.  If  
>> their claim is on J-Security one could argue that that is not the  
>> same as JSecurity anyway.
>
> Ok, so here's the analogy that I gave earlier.  Let's say that 4  
> years ago a bunch of buddies and I in North Dakota started a project  
> called Google.  It's pretty popular and people in South Dakota even  
> start using it.  We have been out in the wild for 4 years.  At no  
> time during this period has Google Inc. in Mountain View, CA, been  
> concerned about name collision enough to contact anyone on the  
> project.  Does this suggest that they are unlikely to do so in the  
> future when developers in CA start using it?  Not likely.
>
> So my position is that just because no one has complained doesn't  
> mean that we're free and clear.
>
> As for J-Security versus JSecurity do you think that Google would  
> mind if we had a project called G-oogle?
>
> What if I had the strongly held opinion that it's not likely that  
> Google would care?  Is that good enough for ASF to allow a java  
> project called G-oogle?

Again, IANAL and Larry or Sam might tell me I'm nuts, but here goes.

The problem with your analogy is that, at least from what I've read  
here, Juniper doesn't have a software product called J-Security.  
Should they create one now they would be infringing on Apache  
JSecurity's use of the name for that purpose.

As for Google, I think they actually have a fairly serious problem.  
"google"  and "googling" have become synonymous with searching for  
information (see http://dictionary.reference.com/browse/google or http://www.reference.com/search?q=Googler) 
. From what I've read this is exactly how a company can lose control  
of their trademark. I'd venture that if you created a product named  
"Super Googler" that they would sue you, but given that the term is  
now in the public domain I'm wondering if they'd actually win. OTOH,  
you'd be pretty stupid to name your product that unless you want to be  
sued.

Ralph

Re: [VOTE] Change JSecurity's Name

[Ralph Goers <ra...@dslextreme.com>]

On Jan 11, 2009, at 8:36 PM, Alan D. Cabrera wrote:

>
> On Jan 11, 2009, at 3:17 PM, Ralph Goers wrote:
>>
>> Has anyone from Juniper contacted Apache about a problem?  Based on  
>> the research that has been done I don't see this as an obvious  
>> infringement. If the project has been around for 4 years without  
>> complaint I don't think it is worth the time and effort to worry  
>> about things Juniper may or may not choose to do in the future.  If  
>> their claim is on J-Security one could argue that that is not the  
>> same as JSecurity anyway.
>
> Ok, so here's the analogy that I gave earlier.  Let's say that 4  
> years ago a bunch of buddies and I in North Dakota started a project  
> called Google.  It's pretty popular and people in South Dakota even  
> start using it.  We have been out in the wild for 4 years.  At no  
> time during this period has Google Inc. in Mountain View, CA, been  
> concerned about name collision enough to contact anyone on the  
> project.  Does this suggest that they are unlikely to do so in the  
> future when developers in CA start using it?  Not likely.
>
> So my position is that just because no one has complained doesn't  
> mean that we're free and clear.
>
> As for J-Security versus JSecurity do you think that Google would  
> mind if we had a project called G-oogle?
>
> What if I had the strongly held opinion that it's not likely that  
> Google would care?  Is that good enough for ASF to allow a java  
> project called G-oogle?

Again, IANAL and Larry or Sam might tell me I'm nuts, but here goes.

The problem with your analogy is that, at least from what I've read  
here, Juniper doesn't have a software product called J-Security.  
Should they create one now they would be infringing on Apache  
JSecurity's use of the name for that purpose.

As for Google, I think they actually have a fairly serious problem.  
"google"  and "googling" have become synonymous with searching for  
information (see http://dictionary.reference.com/browse/google or http://www.reference.com/search?q=Googler) 
. From what I've read this is exactly how a company can lose control  
of their trademark. I'd venture that if you created a product named  
"Super Googler" that they would sue you, but given that the term is  
now in the public domain I'm wondering if they'd actually win. OTOH,  
you'd be pretty stupid to name your product that unless you want to be  
sued.

Ralph


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 3:17 PM, Ralph Goers wrote:

>
> On Jan 11, 2009, at 2:53 PM, Alan D. Cabrera wrote:
>
>>
>> On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:
>>
>>> I guess my take is that
>>> JSecurity has been in the name of this project for nearly 4 years  
>>> without compliant
>>
>> Sorry, I'm not following.  Unless Juniper has held the name for  
>> three years or less, how is that relevant?
>>
>>> JSecurity has name recognition and a following
>>
>> Sorry, I don't understand if this is pertinent other than it being  
>> motivation for keeping the name.  I also am motivated to keep the  
>> name but I don't see how we can get past the issues below.
>>
>>> The project of concern, "J-Security" is not a product at all but  
>>> rather a " resource for security information and analysis."
>>> J-Security's parent company Juniper is in the network hardware  
>>> business not the Java application business
>>> JSecurity is an open-source software project not a "product" we  
>>> are looking to sell (not a competitor in any way to Juniper)
>>
>> It doesn't matter if we sell a product or not.  It's a name  
>> collision, albeit a potential collision.  If they chose to push out  
>> a product under that name we would be in trouble; if I am wrong  
>> here someone please tell me.
>>
>> Now, if you told me that we held our name longer than Juniper held  
>> theirs then it would be a different story.
>>
>> So to put it more succinctly, here are the criteria where I am  
>> happy to change my vote.  Any single one would work for me.
>>
>> 1) We held the name longer than Juniper - I'll take anyone's word  
>> on this
>> 2) If Juniper came out with a product under their service offering  
>> we would have nothing to worry about - I will only take an informed  
>> opinion
>>
>> I'm guessing that the others would change their vote as well.
>>
>
> Has anyone from Juniper contacted Apache about a problem?  Based on  
> the research that has been done I don't see this as an obvious  
> infringement. If the project has been around for 4 years without  
> complaint I don't think it is worth the time and effort to worry  
> about things Juniper may or may not choose to do in the future.  If  
> their claim is on J-Security one could argue that that is not the  
> same as JSecurity anyway.

Ok, so here's the analogy that I gave earlier.  Let's say that 4 years  
ago a bunch of buddies and I in North Dakota started a project called  
Google.  It's pretty popular and people in South Dakota even start  
using it.  We have been out in the wild for 4 years.  At no time  
during this period has Google Inc. in Mountain View, CA, been  
concerned about name collision enough to contact anyone on the  
project.  Does this suggest that they are unlikely to do so in the  
future when developers in CA start using it?  Not likely.

So my position is that just because no one has complained doesn't mean  
that we're free and clear.

As for J-Security versus JSecurity do you think that Google would mind  
if we had a project called G-oogle?

What if I had the strongly held opinion that it's not likely that  
Google would care?  Is that good enough for ASF to allow a java  
project called G-oogle?


Regards,
Alan

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 3:17 PM, Ralph Goers wrote:

>
> On Jan 11, 2009, at 2:53 PM, Alan D. Cabrera wrote:
>
>>
>> On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:
>>
>>> I guess my take is that
>>> JSecurity has been in the name of this project for nearly 4 years  
>>> without compliant
>>
>> Sorry, I'm not following.  Unless Juniper has held the name for  
>> three years or less, how is that relevant?
>>
>>> JSecurity has name recognition and a following
>>
>> Sorry, I don't understand if this is pertinent other than it being  
>> motivation for keeping the name.  I also am motivated to keep the  
>> name but I don't see how we can get past the issues below.
>>
>>> The project of concern, "J-Security" is not a product at all but  
>>> rather a " resource for security information and analysis."
>>> J-Security's parent company Juniper is in the network hardware  
>>> business not the Java application business
>>> JSecurity is an open-source software project not a "product" we  
>>> are looking to sell (not a competitor in any way to Juniper)
>>
>> It doesn't matter if we sell a product or not.  It's a name  
>> collision, albeit a potential collision.  If they chose to push out  
>> a product under that name we would be in trouble; if I am wrong  
>> here someone please tell me.
>>
>> Now, if you told me that we held our name longer than Juniper held  
>> theirs then it would be a different story.
>>
>> So to put it more succinctly, here are the criteria where I am  
>> happy to change my vote.  Any single one would work for me.
>>
>> 1) We held the name longer than Juniper - I'll take anyone's word  
>> on this
>> 2) If Juniper came out with a product under their service offering  
>> we would have nothing to worry about - I will only take an informed  
>> opinion
>>
>> I'm guessing that the others would change their vote as well.
>>
>
> Has anyone from Juniper contacted Apache about a problem?  Based on  
> the research that has been done I don't see this as an obvious  
> infringement. If the project has been around for 4 years without  
> complaint I don't think it is worth the time and effort to worry  
> about things Juniper may or may not choose to do in the future.  If  
> their claim is on J-Security one could argue that that is not the  
> same as JSecurity anyway.

Ok, so here's the analogy that I gave earlier.  Let's say that 4 years  
ago a bunch of buddies and I in North Dakota started a project called  
Google.  It's pretty popular and people in South Dakota even start  
using it.  We have been out in the wild for 4 years.  At no time  
during this period has Google Inc. in Mountain View, CA, been  
concerned about name collision enough to contact anyone on the  
project.  Does this suggest that they are unlikely to do so in the  
future when developers in CA start using it?  Not likely.

So my position is that just because no one has complained doesn't mean  
that we're free and clear.

As for J-Security versus JSecurity do you think that Google would mind  
if we had a project called G-oogle?

What if I had the strongly held opinion that it's not likely that  
Google would care?  Is that good enough for ASF to allow a java  
project called G-oogle?


Regards,
Alan

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 3:32 PM, Mark Thomas wrote:

>> From: Ralph Goers [mailto:ralph.goers@dslextreme.com]
>>
>> Has anyone from Jupiter contacted Apache about a problem?  Based on  
>> the
>> research that has been done I don't see this as an obvious
>> infringement. If the project has been around for 4 years without
>> complaint I don't think it is worth the time and effort to worry  
>> about
>> things Juniper may or may not choose to do in the future.  If their
>> claim is on J-Security one could argue that that is not the same as
>> JSecurity anyway.
>
> They don't claim J-Security as a trademark [1]. Further, they don't  
> have any
> products with J-Security in the name. The only place I coud find it  
> as the
> name of their research lab.
>
> I say register the trademark JSecurity, as a Java security framework  
> and
> move on.
>
> Mark
>
> [1] http://www.juniper.net/footerlegal.html#05

Here's a good point.  I just did a search on http://www.uspto.gov/main/trademarks.htm 
.

There are no marks on J-Security or JSecurity.  I would imagine that  
anyone who attempted to get that mark would be be too intimidated by  
all the other JSecurity usages out there.

I guess I'm starting to change my mind.  In light of the fact that J- 
Security, or anyone else for that matter, never held a mark and so it  
prior use by them doesn't matter, would the other mentors reconsider  
their vote?


Regards,
Alan


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 3:32 PM, Mark Thomas wrote:

>> From: Ralph Goers [mailto:ralph.goers@dslextreme.com]
>>
>> Has anyone from Jupiter contacted Apache about a problem?  Based on  
>> the
>> research that has been done I don't see this as an obvious
>> infringement. If the project has been around for 4 years without
>> complaint I don't think it is worth the time and effort to worry  
>> about
>> things Juniper may or may not choose to do in the future.  If their
>> claim is on J-Security one could argue that that is not the same as
>> JSecurity anyway.
>
> They don't claim J-Security as a trademark [1]. Further, they don't  
> have any
> products with J-Security in the name. The only place I coud find it  
> as the
> name of their research lab.
>
> I say register the trademark JSecurity, as a Java security framework  
> and
> move on.
>
> Mark
>
> [1] http://www.juniper.net/footerlegal.html#05

Here's a good point.  I just did a search on http://www.uspto.gov/main/trademarks.htm 
.

There are no marks on J-Security or JSecurity.  I would imagine that  
anyone who attempted to get that mark would be be too intimidated by  
all the other JSecurity usages out there.

I guess I'm starting to change my mind.  In light of the fact that J- 
Security, or anyone else for that matter, never held a mark and so it  
prior use by them doesn't matter, would the other mentors reconsider  
their vote?


Regards,
Alan

RE: [VOTE] Change JSecurity's Name

[Mark Thomas <ma...@apache.org>]

> From: Ralph Goers [mailto:ralph.goers@dslextreme.com]
> 
> Has anyone from Jupiter contacted Apache about a problem?  Based on the
> research that has been done I don't see this as an obvious
> infringement. If the project has been around for 4 years without
> complaint I don't think it is worth the time and effort to worry about
> things Juniper may or may not choose to do in the future.  If their
> claim is on J-Security one could argue that that is not the same as
> JSecurity anyway.

They don't claim J-Security as a trademark [1]. Further, they don't have any
products with J-Security in the name. The only place I coud find it as the
name of their research lab.

I say register the trademark JSecurity, as a Java security framework and
move on.

Mark

[1] http://www.juniper.net/footerlegal.html#05




---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

[Ralph Goers <ra...@dslextreme.com>]

On Jan 11, 2009, at 2:53 PM, Alan D. Cabrera wrote:

>
> On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:
>
>> I guess my take is that
>> JSecurity has been in the name of this project for nearly 4 years  
>> without compliant
>
> Sorry, I'm not following.  Unless Juniper has held the name for  
> three years or less, how is that relevant?
>
>> JSecurity has name recognition and a following
>
> Sorry, I don't understand if this is pertinent other than it being  
> motivation for keeping the name.  I also am motivated to keep the  
> name but I don't see how we can get past the issues below.
>
>> The project of concern, "J-Security" is not a product at all but  
>> rather a " resource for security information and analysis."
>> J-Security's parent company Juniper is in the network hardware  
>> business not the Java application business
>> JSecurity is an open-source software project not a "product" we are  
>> looking to sell (not a competitor in any way to Juniper)
>
> It doesn't matter if we sell a product or not.  It's a name  
> collision, albeit a potential collision.  If they chose to push out  
> a product under that name we would be in trouble; if I am wrong here  
> someone please tell me.
>
> Now, if you told me that we held our name longer than Juniper held  
> theirs then it would be a different story.
>
> So to put it more succinctly, here are the criteria where I am happy  
> to change my vote.  Any single one would work for me.
>
> 1) We held the name longer than Juniper - I'll take anyone's word on  
> this
> 2) If Juniper came out with a product under their service offering  
> we would have nothing to worry about - I will only take an informed  
> opinion
>
> I'm guessing that the others would change their vote as well.
>

Has anyone from Jupiter contacted Apache about a problem?  Based on  
the research that has been done I don't see this as an obvious  
infringement. If the project has been around for 4 years without  
complaint I don't think it is worth the time and effort to worry about  
things Juniper may or may not choose to do in the future.  If their  
claim is on J-Security one could argue that that is not the same as  
JSecurity anyway.

Ralph

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 4:02 PM, Tim Veil wrote:

>
> On Jan 11, 2009, at 5:53 PM, Alan D. Cabrera wrote:
>
>>
>> On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:
>>
>>> I guess my take is that
>>> JSecurity has been in the name of this project for nearly 4 years  
>>> without compliant
>>
>> Sorry, I'm not following.  Unless Juniper has held the name for  
>> three years or less, how is that relevant?
>
> I guess I'm suggesting that JSecurity has been out in the wild for 4  
> years.  At no time during this period has Juniper been concerned  
> about name collision enough to contact anyone on the project.  That  
> suggests to me they will be unlikely to do so in the future. I have  
> no idea how long they have been using their name.

Let's say that 4 years ago a bunch of buddies and I in North Dakota  
started a project called Google.  It's pretty popular and people in  
South Dakota even start using it.  We have been out in the wild for 4  
years.  At no time during this period has Google Inc. in Mountain  
View, CA, been concerned about name collision enough to contact anyone  
on the project.  Does this suggest that they are unlikely to do so in  
the future when developers in CA start using it?  Not likely.

>>> JSecurity has name recognition and a following
>>
>> Sorry, I don't understand if this is pertinent other than it being  
>> motivation for keeping the name.  I also am motivated to keep the  
>> name but I don't see how we can get past the issues below.
>>
>>> The project of concern, "J-Security" is not a product at all but  
>>> rather a " resource for security information and analysis."
>>> J-Security's parent company Juniper is in the network hardware  
>>> business not the Java application business
>>> JSecurity is an open-source software project not a "product" we  
>>> are looking to sell (not a competitor in any way to Juniper)
>>
>> It doesn't matter if we sell a product or not.  It's a name  
>> collision, albeit a potential collision.  If they chose to push out  
>> a product under that name we would be in trouble; if I am wrong  
>> here someone please tell me.
>
> I don't think you are wrong it just seems like such a remote  
> possibility.  In order for them to do this they would have to stray  
> pretty far from their existing business. Even if they were to enter  
> the fray and offer a similar product it seems unlikely they would  
> choose to do so under the J-Security banner.  I would imagine they  
> would they would create a new brand for this service since they  
> already have an unrelated presence under the name J-Security.   
> Repackaging their J-Security center into something unrelated  
> wouldn't make much sense.

One of my jobs as a mentor is to protect the ASF as new projects are  
incubated.  Let's hope that discussions with Juniper work out.

>> Now, if you told me that we held our name longer than Juniper held  
>> theirs then it would be a different story.
>>
>> So to put it more succinctly, here are the criteria where I am  
>> happy to change my vote.  Any single one would work for me.
>
>
> Would you change your vote if I use the magic word?  Please?


Heh heh.  I wish it were that easy.  (I'm sure others are mumbling  
that they wish it were as well ;) )


Regards,
Alan


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 4:02 PM, Tim Veil wrote:

>
> On Jan 11, 2009, at 5:53 PM, Alan D. Cabrera wrote:
>
>>
>> On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:
>>
>>> I guess my take is that
>>> JSecurity has been in the name of this project for nearly 4 years  
>>> without compliant
>>
>> Sorry, I'm not following.  Unless Juniper has held the name for  
>> three years or less, how is that relevant?
>
> I guess I'm suggesting that JSecurity has been out in the wild for 4  
> years.  At no time during this period has Juniper been concerned  
> about name collision enough to contact anyone on the project.  That  
> suggests to me they will be unlikely to do so in the future. I have  
> no idea how long they have been using their name.

Let's say that 4 years ago a bunch of buddies and I in North Dakota  
started a project called Google.  It's pretty popular and people in  
South Dakota even start using it.  We have been out in the wild for 4  
years.  At no time during this period has Google Inc. in Mountain  
View, CA, been concerned about name collision enough to contact anyone  
on the project.  Does this suggest that they are unlikely to do so in  
the future when developers in CA start using it?  Not likely.

>>> JSecurity has name recognition and a following
>>
>> Sorry, I don't understand if this is pertinent other than it being  
>> motivation for keeping the name.  I also am motivated to keep the  
>> name but I don't see how we can get past the issues below.
>>
>>> The project of concern, "J-Security" is not a product at all but  
>>> rather a " resource for security information and analysis."
>>> J-Security's parent company Juniper is in the network hardware  
>>> business not the Java application business
>>> JSecurity is an open-source software project not a "product" we  
>>> are looking to sell (not a competitor in any way to Juniper)
>>
>> It doesn't matter if we sell a product or not.  It's a name  
>> collision, albeit a potential collision.  If they chose to push out  
>> a product under that name we would be in trouble; if I am wrong  
>> here someone please tell me.
>
> I don't think you are wrong it just seems like such a remote  
> possibility.  In order for them to do this they would have to stray  
> pretty far from their existing business. Even if they were to enter  
> the fray and offer a similar product it seems unlikely they would  
> choose to do so under the J-Security banner.  I would imagine they  
> would they would create a new brand for this service since they  
> already have an unrelated presence under the name J-Security.   
> Repackaging their J-Security center into something unrelated  
> wouldn't make much sense.

One of my jobs as a mentor is to protect the ASF as new projects are  
incubated.  Let's hope that discussions with Juniper work out.

>> Now, if you told me that we held our name longer than Juniper held  
>> theirs then it would be a different story.
>>
>> So to put it more succinctly, here are the criteria where I am  
>> happy to change my vote.  Any single one would work for me.
>
>
> Would you change your vote if I use the magic word?  Please?


Heh heh.  I wish it were that easy.  (I'm sure others are mumbling  
that they wish it were as well ;) )


Regards,
Alan

Re: [VOTE] Change JSecurity's Name

[Tim Veil <tj...@gmail.com>]

On Jan 11, 2009, at 5:53 PM, Alan D. Cabrera wrote:

>
> On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:
>
>> I guess my take is that
>> JSecurity has been in the name of this project for nearly 4 years  
>> without compliant
>
> Sorry, I'm not following.  Unless Juniper has held the name for  
> three years or less, how is that relevant?

I guess I'm suggesting that JSecurity has been out in the wild for 4  
years.  At no time during this period has Juniper been concerned about  
name collision enough to contact anyone on the project.  That suggests  
to me they will be unlikely to do so in the future. I have no idea how  
long they have been using their name.

>
>
>> JSecurity has name recognition and a following
>
> Sorry, I don't understand if this is pertinent other than it being  
> motivation for keeping the name.  I also am motivated to keep the  
> name but I don't see how we can get past the issues below.
>
>> The project of concern, "J-Security" is not a product at all but  
>> rather a " resource for security information and analysis."
>> J-Security's parent company Juniper is in the network hardware  
>> business not the Java application business
>> JSecurity is an open-source software project not a "product" we are  
>> looking to sell (not a competitor in any way to Juniper)
>
> It doesn't matter if we sell a product or not.  It's a name  
> collision, albeit a potential collision.  If they chose to push out  
> a product under that name we would be in trouble; if I am wrong here  
> someone please tell me.

I don't think you are wrong it just seems like such a remote  
possibility.  In order for them to do this they would have to stray  
pretty far from their existing business. Even if they were to enter  
the fray and offer a similar product it seems unlikely they would  
choose to do so under the J-Security banner.  I would imagine they  
would they would create a new brand for this service since they  
already have an unrelated presence under the name J-Security.   
Repackaging their J-Security center into something unrelated wouldn't  
make much sense.

>
>
> Now, if you told me that we held our name longer than Juniper held  
> theirs then it would be a different story.
>
> So to put it more succinctly, here are the criteria where I am happy  
> to change my vote.  Any single one would work for me.


Would you change your vote if I use the magic word?  Please?


>
>
> 1) We held the name longer than Juniper - I'll take anyone's word on  
> this
> 2) If Juniper came out with a product under their service offering  
> we would have nothing to worry about - I will only take an informed  
> opinion
>
> I'm guessing that the others would change their vote as well.
>
>
> Regards,
> Alan
>
>>
>> On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:
>>
>>> Here's my take and I'm not intransigent on this.  I'll use a bit  
>>> of hyperbole to make my point.
>>>
>>> If some company who makes hand made woven baskets has had the name  
>>> JSecurity there would be no problem.  If that company decides to   
>>> market a program that trains people in basket weaving written in  
>>> java there would be no problem.
>>>
>>> However, other computer security companies have an earlier claim  
>>> to JSecurity.  If they decide the release a suite of java programs  
>>> that performs security analysis then there's overlap.
>>>
>>> Why would we want to live in the grey area anyway?  Am I  
>>> misunderstanding something?
>>>
>>> Regards,
>>> Alan
>>>
>>>
>>> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>>>
>>>> Agreed.
>>>>
>>>> I don't really understand what problem is being solved here.
>>>>
>>>> geir
>>>>
>>>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>>>
>>>>> -1 to changing the name at this time.
>>>>>
>>>>> I know my vote isn't binding, but I just want a record of it. At  
>>>>> the
>>>>> moment, I think any potential causes of conflict, given that  
>>>>> there are
>>>>> NO trademark or patent conflicts, are dubious at best.
>>>>>
>>>>> Cheers,
>>>>>
>>>>> Les
>>>>>
>>>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>>>>> > wrote:
>>>>>> any more...
>>>>>>
>>>>>> ok, former board member. ;-)
>>>>>>
>>>>>> Craig
>>>>>>
>>>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>>>
>>>>>>> I'm not a board member. :)
>>>>>>>
>>>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>>>>> >
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> -1 Do not change JSecurity's name
>>>>>>>>
>>>>>>>> We had the discussion in early December on the legal mailing  
>>>>>>>> list and no
>>>>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>>>>> only board
>>>>>>>> member who commented on the JSecurity name during the  
>>>>>>>> discussion.
>>>>>>>>
>>>>>>>> We will have at least three more votes where additional  
>>>>>>>> issues regarding
>>>>>>>> the
>>>>>>>> name can be brought up:
>>>>>>>>
>>>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>>>>> incubator
>>>>>>>> votes.
>>>>>>>>
>>>>>>>> Craig
>>>>>>>>
>>>>>>>>
>>>>>>>> Dear JSecurity Team,
>>>>>>>>
>>>>>>>> There has been lengthy debate without consensus as to whether  
>>>>>>>> or
>>>>>>>> JSecurity's
>>>>>>>> name should be changed to something else.  So, there is need  
>>>>>>>> for a vote.
>>>>>>>>
>>>>>>>> Please vote on changing JSecurity's name to something else.   
>>>>>>>> This is ONLY
>>>>>>>> a
>>>>>>>> vote of if we should change the name, NOT what any alternate  
>>>>>>>> name might
>>>>>>>> be.
>>>>>>>> I'd like to leave this vote open for 7 days instead of the  
>>>>>>>> usual 3 to
>>>>>>>> account for time that people may not be able to respond due  
>>>>>>>> to the
>>>>>>>> holidays.  Of course we can close the vote early if all  
>>>>>>>> binding votes are
>>>>>>>> accounted for prior to the 7 day limit.
>>>>>>>>
>>>>>>>> The vote is open for the next 7 days and only votes from the  
>>>>>>>> JSecurity
>>>>>>>> development team are binding.
>>>>>>>>
>>>>>>>> [ ] +1 Change JSecurity's name
>>>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>>>
>>>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>>>
>>>>>>>>> Given that it's a name you've been using for 4 years, and  
>>>>>>>>> it's very
>>>>>>>>> generic [jXxx being a common pattern in our space and  
>>>>>>>>> Security being
>>>>>>>>> very generic]; I'm inclined to keep the current name; though  
>>>>>>>>> by the
>>>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>>>>> very good
>>>>>>>>> branding.
>>>>>>>>>
>>>>>>>>> My tuppence of opinion.
>>>>>>>>>
>>>>>>>>> Hen
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>>> >
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi ASF legal team,
>>>>>>>>>>
>>>>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>>>>> concerning a
>>>>>>>>>> discussion we've been having on the JSecurity email list  
>>>>>>>>>> (an Incubator
>>>>>>>>>> project).
>>>>>>>>>>
>>>>>>>>>> A few of our mentors have expressed concern that there  
>>>>>>>>>> might be a
>>>>>>>>>> possible naming conflict with our project name (JSecurity)  
>>>>>>>>>> and some
>>>>>>>>>> other references found through google and other search  
>>>>>>>>>> mechanisms.
>>>>>>>>>>
>>>>>>>>>> I'd like to point out that the JSecurity name, as an open  
>>>>>>>>>> source
>>>>>>>>>> project identity has been around for almost 4 years now,  
>>>>>>>>>> with zero
>>>>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>>>>> proprietary
>>>>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>>>>> determining if
>>>>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>>>>> context of
>>>>>>>>>> why the original JSecurity developers (and our well- 
>>>>>>>>>> established
>>>>>>>>>> communities) think we should keep the JSecurity name.   
>>>>>>>>>> There might be
>>>>>>>>>> older references to this name, unrelated to our project,  
>>>>>>>>>> but we don't
>>>>>>>>>> know for certain if they would constitute a risk in the  
>>>>>>>>>> name overlap.
>>>>>>>>>>
>>>>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>>>>> changed or
>>>>>>>>>> not.
>>>>>>>>>>
>>>>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>>>>> research:
>>>>>>>>>>
>>>>>>>>>> <snip>
>>>>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>>>>> references
>>>>>>>>>> to JSecurity :
>>>>>>>>>>
>>>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>>>> "WIC GLOBAL has developed a comprehensive Information  
>>>>>>>>>> Security
>>>>>>>>>> Assessment service called JSecurity. Our JSecurity experts  
>>>>>>>>>> will
>>>>>>>>>> conduct a full information security risk assessment  
>>>>>>>>>> focusing on:"
>>>>>>>>>>
>>>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>>>>> >
>>>>>>>>>> Seems like they have a service called  J-Security. Be sure  
>>>>>>>>>> that
>>>>>>>>>> Juniper has a legal service who might perfectly well send  
>>>>>>>>>> some nicely
>>>>>>>>>> written "cease and desist" letter to the ASF about this  
>>>>>>>>>> name. Not sure
>>>>>>>>>> that our legals want to deal with that ...
>>>>>>>>>>
>>>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>>>>> >
>>>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>>>>> least)
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>>>>> >
>>>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>>>
>>>>>>>>>> As much as I like the JSecurity name, I also think that we  
>>>>>>>>>> are un
>>>>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>>>>> main issue
>>>>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>>>>> already
>>>>>>>>>> know that there are company out there which already use  
>>>>>>>>>> this name.
>>>>>>>>>>
>>>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>>>>> information
>>>>>>>>>> as possible. When you guys think you have set your mind  
>>>>>>>>>> about this
>>>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>>>>> JSecurity or
>>>>>>>>>> any other) to double check that it's ok or not (IFAIK).  
>>>>>>>>>> That is one of
>>>>>>>>>> the condition to exit from the incubator :
>>>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>>>>> >).
>>>>>>>>>>
>>>>>>>>>> </snip>
>>>>>>>>>>
>>>>>>>>>> Thanks for your review and feedback!
>>>>>>>>>>
>>>>>>>>>> Best,
>>>>>>>>>>
>>>>>>>>>> Les
>>>>>>>>>>
>>>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>>>> >
>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Adam,
>>>>>>>>>>>
>>>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>>>>> opinion.  I love
>>>>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>>>>> contribute to
>>>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>>>
>>>>>>>>>>> I am in total agreement with your sentiments thus far.  It  
>>>>>>>>>>> is my
>>>>>>>>>>> opinion that the name we have is great as it is and I'd  
>>>>>>>>>>> only like to
>>>>>>>>>>> change the name if someone from legal puts pressure on us  
>>>>>>>>>>> to do so.
>>>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>>>>> post this to
>>>>>>>>>>> legal in just a few minutes asking their feedback.  I'd  
>>>>>>>>>>> like to hear
>>>>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>>>>> genuinely
>>>>>>>>>>> curious :)
>>>>>>>>>>>
>>>>>>>>>>> Thanks again very much for chiming in.  Its nice to see  
>>>>>>>>>>> that you (and
>>>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>>>
>>>>>>>>>>> Best regards,
>>>>>>>>>>>
>>>>>>>>>>> Les
>>>>>>>>>>>
>>>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft  
>>>>>>>>>>> <ad...@adamtaft.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>>>>> (though I
>>>>>>>>>>>> hope to
>>>>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>>>>> attention, and
>>>>>>>>>>>> so I
>>>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>>>
>>>>>>>>>>>> I have an interest, call it a hobby, in name related  
>>>>>>>>>>>> issues for
>>>>>>>>>>>> software
>>>>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>>>>> from any
>>>>>>>>>>>> official
>>>>>>>>>>>> background (I guess beyond a little professional), I  
>>>>>>>>>>>> would like to
>>>>>>>>>>>> point out
>>>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>>>>> has been
>>>>>>>>>>>> associated with other software products already.  So,  
>>>>>>>>>>>> this is bad
>>>>>>>>>>>> news
>>>>>>>>>>>> with
>>>>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>>>>> geographic
>>>>>>>>>>>> location
>>>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>>>>> these other
>>>>>>>>>>>> software products are going to have problems with any  
>>>>>>>>>>>> related use of
>>>>>>>>>>>> the
>>>>>>>>>>>> term Alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>>>>> product is
>>>>>>>>>>>> used
>>>>>>>>>>>> to
>>>>>>>>>>>> keep people out of the protected system.  This is what  
>>>>>>>>>>>> the term
>>>>>>>>>>>> "security"
>>>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant  
>>>>>>>>>>>> to keep
>>>>>>>>>>>> people
>>>>>>>>>>>> out,
>>>>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>>>>> related, and
>>>>>>>>>>>> even
>>>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>>>>> software
>>>>>>>>>>>> would be
>>>>>>>>>>>> a better name for a product which keeps workstation/ 
>>>>>>>>>>>> network users
>>>>>>>>>>>> constrained in their internet use, like a firewall, or a  
>>>>>>>>>>>> web proxy,
>>>>>>>>>>>> for
>>>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>>>
>>>>>>>>>>>> Don't underestimate the importance of this point.  The  
>>>>>>>>>>>> name of a
>>>>>>>>>>>> software
>>>>>>>>>>>> should ideally be somewhat self describing, especially  
>>>>>>>>>>>> when starting
>>>>>>>>>>>> out.
>>>>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>>>>> describing name
>>>>>>>>>>>> can
>>>>>>>>>>>> make
>>>>>>>>>>>> a big difference.
>>>>>>>>>>>>
>>>>>>>>>>>> Third, I don't think you can underestimate how important  
>>>>>>>>>>>> it is that
>>>>>>>>>>>> people
>>>>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>>>>> Google (and
>>>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>>>>> unrelated
>>>>>>>>>>>> hits,
>>>>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>>>>> with the
>>>>>>>>>>>> name.
>>>>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>>>>> only known
>>>>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>>>>> hear the
>>>>>>>>>>>> name.
>>>>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>>>>> completely strange
>>>>>>>>>>>> and
>>>>>>>>>>>> nonsensical product names.
>>>>>>>>>>>>
>>>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>>>>> which again
>>>>>>>>>>>> becomes problematic for the above search recognition  
>>>>>>>>>>>> reasons.
>>>>>>>>>>>> Alkitraz?
>>>>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>>>>> (though
>>>>>>>>>>>> this
>>>>>>>>>>>> is a
>>>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>>>
>>>>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>>>>> something that
>>>>>>>>>>>> you
>>>>>>>>>>>> don't
>>>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>>>>> should be
>>>>>>>>>>>> consulted.
>>>>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>>>>> changing package
>>>>>>>>>>>> names
>>>>>>>>>>>> with anticipation of a name change.  You would be crazy  
>>>>>>>>>>>> to start
>>>>>>>>>>>> renaming
>>>>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>>>>> happen in
>>>>>>>>>>>> the
>>>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>>>
>>>>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>>>>> view, you
>>>>>>>>>>>> shouldn't
>>>>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>>>>> actually
>>>>>>>>>>>> required
>>>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has  
>>>>>>>>>>>> the Apache
>>>>>>>>>>>> council
>>>>>>>>>>>> suggested the change?  Are you being blocked by the  
>>>>>>>>>>>> incubation
>>>>>>>>>>>> process?
>>>>>>>>>>>> Why
>>>>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>>>>> could be
>>>>>>>>>>>> better
>>>>>>>>>>>> spent on other matters.
>>>>>>>>>>>>
>>>>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>>>>> Eclipse.  But,
>>>>>>>>>>>> that's
>>>>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>>>>> confusion,
>>>>>>>>>>>> support,
>>>>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>>>>> thought about
>>>>>>>>>>>> when
>>>>>>>>>>>> changing the name.
>>>>>>>>>>>>
>>>>>>>>>>>> Further, what if you decide to change the name to  
>>>>>>>>>>>> Alcatraz, and then
>>>>>>>>>>>> get
>>>>>>>>>>>> pressure from another software group?  Ouch, time to  
>>>>>>>>>>>> rename the
>>>>>>>>>>>> project
>>>>>>>>>>>> yet
>>>>>>>>>>>> again.
>>>>>>>>>>>>
>>>>>>>>>>>> I think you all are better just letting this thing ride  
>>>>>>>>>>>> until
>>>>>>>>>>>> something
>>>>>>>>>>>> real
>>>>>>>>>>>> convicting suggests you need a change.  JSecurity is a  
>>>>>>>>>>>> great product
>>>>>>>>>>>> name
>>>>>>>>>>>> which you should stick with until otherwise needed.  And,  
>>>>>>>>>>>> if that day
>>>>>>>>>>>> comes,
>>>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>>>>> opinion, for all
>>>>>>>>>>>> the
>>>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>
>>>>>>>>>>>> Adam
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them  
>>>>>>>>>>>>>>>>>> the names we
>>>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to  
>>>>>>>>>>>>>>>>> post to
>>>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>>>> names.  Could you please forward them on so I can  
>>>>>>>>>>>>>>>>> post them to
>>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that  
>>>>>>>>>>>>>>>> alcatraz is the
>>>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up  
>>>>>>>>>>>>>>>> the 1.0
>>>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>>>>> Incubator PMC we can change the packages to be  
>>>>>>>>>>>>>>>> jsecurity.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>>>>> (because
>>>>>>>>>>>>>>> it's
>>>>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>>>>> (with all the infos we have already found about it),  
>>>>>>>>>>>>>>> and also ask
>>>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>>>>> here : add
>>>>>>>>>>>>>>> some
>>>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>>>> geographical
>>>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Legal is not a clearing house for project names.  They  
>>>>>>>>>>>>>> can only
>>>>>>>>>>>>>> give
>>>>>>>>>>>>>> advice if there's a potential conflict, i.e.  
>>>>>>>>>>>>>> JSecurity.  So far as
>>>>>>>>>>>>>> I
>>>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> What I'm worried about is that the vetting effort for  
>>>>>>>>>>>>>> the JSecurity
>>>>>>>>>>>>>> name will have the same track record as the v0.9  
>>>>>>>>>>>>>> release.  If we
>>>>>>>>>>>>>> start
>>>>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>>>>> incubation
>>>>>>>>>>>>>> process.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some  
>>>>>>>>>>>>> time to do
>>>>>>>>>>>>> some
>>>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>>>> incubator).
>>>>>>>>>>>>>
>>>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> --
>>>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>>>> www.iktek.com
>>>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> View this message in context:
>>>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>>>>> Nabble.com.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ---------------------------------------------------------------------
>>>>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>>>>> educational
>>>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>>>>> opinions
>>>>>>>>> and policies of the ASF.  See <http://www.apache.org/ 
>>>>>>>>> licenses/> for
>>>>>>>>> official ASF policies and documents.
>>>>>>>>> ---------------------------------------------------------------------
>>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>>
>>>>>>>>
>>>>>>>> Craig L Russell
>>>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>
>>>>>> Craig L Russell
>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>
>>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>>
>>>
>>
>

Re: [VOTE] Change JSecurity's Name

[Tim Veil <tj...@gmail.com>]

On Jan 11, 2009, at 5:53 PM, Alan D. Cabrera wrote:

>
> On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:
>
>> I guess my take is that
>> JSecurity has been in the name of this project for nearly 4 years  
>> without compliant
>
> Sorry, I'm not following.  Unless Juniper has held the name for  
> three years or less, how is that relevant?

I guess I'm suggesting that JSecurity has been out in the wild for 4  
years.  At no time during this period has Juniper been concerned about  
name collision enough to contact anyone on the project.  That suggests  
to me they will be unlikely to do so in the future. I have no idea how  
long they have been using their name.

>
>
>> JSecurity has name recognition and a following
>
> Sorry, I don't understand if this is pertinent other than it being  
> motivation for keeping the name.  I also am motivated to keep the  
> name but I don't see how we can get past the issues below.
>
>> The project of concern, "J-Security" is not a product at all but  
>> rather a " resource for security information and analysis."
>> J-Security's parent company Juniper is in the network hardware  
>> business not the Java application business
>> JSecurity is an open-source software project not a "product" we are  
>> looking to sell (not a competitor in any way to Juniper)
>
> It doesn't matter if we sell a product or not.  It's a name  
> collision, albeit a potential collision.  If they chose to push out  
> a product under that name we would be in trouble; if I am wrong here  
> someone please tell me.

I don't think you are wrong it just seems like such a remote  
possibility.  In order for them to do this they would have to stray  
pretty far from their existing business. Even if they were to enter  
the fray and offer a similar product it seems unlikely they would  
choose to do so under the J-Security banner.  I would imagine they  
would they would create a new brand for this service since they  
already have an unrelated presence under the name J-Security.   
Repackaging their J-Security center into something unrelated wouldn't  
make much sense.

>
>
> Now, if you told me that we held our name longer than Juniper held  
> theirs then it would be a different story.
>
> So to put it more succinctly, here are the criteria where I am happy  
> to change my vote.  Any single one would work for me.


Would you change your vote if I use the magic word?  Please?


>
>
> 1) We held the name longer than Juniper - I'll take anyone's word on  
> this
> 2) If Juniper came out with a product under their service offering  
> we would have nothing to worry about - I will only take an informed  
> opinion
>
> I'm guessing that the others would change their vote as well.
>
>
> Regards,
> Alan
>
>>
>> On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:
>>
>>> Here's my take and I'm not intransigent on this.  I'll use a bit  
>>> of hyperbole to make my point.
>>>
>>> If some company who makes hand made woven baskets has had the name  
>>> JSecurity there would be no problem.  If that company decides to   
>>> market a program that trains people in basket weaving written in  
>>> java there would be no problem.
>>>
>>> However, other computer security companies have an earlier claim  
>>> to JSecurity.  If they decide the release a suite of java programs  
>>> that performs security analysis then there's overlap.
>>>
>>> Why would we want to live in the grey area anyway?  Am I  
>>> misunderstanding something?
>>>
>>> Regards,
>>> Alan
>>>
>>>
>>> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>>>
>>>> Agreed.
>>>>
>>>> I don't really understand what problem is being solved here.
>>>>
>>>> geir
>>>>
>>>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>>>
>>>>> -1 to changing the name at this time.
>>>>>
>>>>> I know my vote isn't binding, but I just want a record of it. At  
>>>>> the
>>>>> moment, I think any potential causes of conflict, given that  
>>>>> there are
>>>>> NO trademark or patent conflicts, are dubious at best.
>>>>>
>>>>> Cheers,
>>>>>
>>>>> Les
>>>>>
>>>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>>>>> > wrote:
>>>>>> any more...
>>>>>>
>>>>>> ok, former board member. ;-)
>>>>>>
>>>>>> Craig
>>>>>>
>>>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>>>
>>>>>>> I'm not a board member. :)
>>>>>>>
>>>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>>>>> >
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> -1 Do not change JSecurity's name
>>>>>>>>
>>>>>>>> We had the discussion in early December on the legal mailing  
>>>>>>>> list and no
>>>>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>>>>> only board
>>>>>>>> member who commented on the JSecurity name during the  
>>>>>>>> discussion.
>>>>>>>>
>>>>>>>> We will have at least three more votes where additional  
>>>>>>>> issues regarding
>>>>>>>> the
>>>>>>>> name can be brought up:
>>>>>>>>
>>>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>>>>> incubator
>>>>>>>> votes.
>>>>>>>>
>>>>>>>> Craig
>>>>>>>>
>>>>>>>>
>>>>>>>> Dear JSecurity Team,
>>>>>>>>
>>>>>>>> There has been lengthy debate without consensus as to whether  
>>>>>>>> or
>>>>>>>> JSecurity's
>>>>>>>> name should be changed to something else.  So, there is need  
>>>>>>>> for a vote.
>>>>>>>>
>>>>>>>> Please vote on changing JSecurity's name to something else.   
>>>>>>>> This is ONLY
>>>>>>>> a
>>>>>>>> vote of if we should change the name, NOT what any alternate  
>>>>>>>> name might
>>>>>>>> be.
>>>>>>>> I'd like to leave this vote open for 7 days instead of the  
>>>>>>>> usual 3 to
>>>>>>>> account for time that people may not be able to respond due  
>>>>>>>> to the
>>>>>>>> holidays.  Of course we can close the vote early if all  
>>>>>>>> binding votes are
>>>>>>>> accounted for prior to the 7 day limit.
>>>>>>>>
>>>>>>>> The vote is open for the next 7 days and only votes from the  
>>>>>>>> JSecurity
>>>>>>>> development team are binding.
>>>>>>>>
>>>>>>>> [ ] +1 Change JSecurity's name
>>>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>>>
>>>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>>>
>>>>>>>>> Given that it's a name you've been using for 4 years, and  
>>>>>>>>> it's very
>>>>>>>>> generic [jXxx being a common pattern in our space and  
>>>>>>>>> Security being
>>>>>>>>> very generic]; I'm inclined to keep the current name; though  
>>>>>>>>> by the
>>>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>>>>> very good
>>>>>>>>> branding.
>>>>>>>>>
>>>>>>>>> My tuppence of opinion.
>>>>>>>>>
>>>>>>>>> Hen
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>>> >
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi ASF legal team,
>>>>>>>>>>
>>>>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>>>>> concerning a
>>>>>>>>>> discussion we've been having on the JSecurity email list  
>>>>>>>>>> (an Incubator
>>>>>>>>>> project).
>>>>>>>>>>
>>>>>>>>>> A few of our mentors have expressed concern that there  
>>>>>>>>>> might be a
>>>>>>>>>> possible naming conflict with our project name (JSecurity)  
>>>>>>>>>> and some
>>>>>>>>>> other references found through google and other search  
>>>>>>>>>> mechanisms.
>>>>>>>>>>
>>>>>>>>>> I'd like to point out that the JSecurity name, as an open  
>>>>>>>>>> source
>>>>>>>>>> project identity has been around for almost 4 years now,  
>>>>>>>>>> with zero
>>>>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>>>>> proprietary
>>>>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>>>>> determining if
>>>>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>>>>> context of
>>>>>>>>>> why the original JSecurity developers (and our well- 
>>>>>>>>>> established
>>>>>>>>>> communities) think we should keep the JSecurity name.   
>>>>>>>>>> There might be
>>>>>>>>>> older references to this name, unrelated to our project,  
>>>>>>>>>> but we don't
>>>>>>>>>> know for certain if they would constitute a risk in the  
>>>>>>>>>> name overlap.
>>>>>>>>>>
>>>>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>>>>> changed or
>>>>>>>>>> not.
>>>>>>>>>>
>>>>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>>>>> research:
>>>>>>>>>>
>>>>>>>>>> <snip>
>>>>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>>>>> references
>>>>>>>>>> to JSecurity :
>>>>>>>>>>
>>>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>>>> "WIC GLOBAL has developed a comprehensive Information  
>>>>>>>>>> Security
>>>>>>>>>> Assessment service called JSecurity. Our JSecurity experts  
>>>>>>>>>> will
>>>>>>>>>> conduct a full information security risk assessment  
>>>>>>>>>> focusing on:"
>>>>>>>>>>
>>>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>>>>> >
>>>>>>>>>> Seems like they have a service called  J-Security. Be sure  
>>>>>>>>>> that
>>>>>>>>>> Juniper has a legal service who might perfectly well send  
>>>>>>>>>> some nicely
>>>>>>>>>> written "cease and desist" letter to the ASF about this  
>>>>>>>>>> name. Not sure
>>>>>>>>>> that our legals want to deal with that ...
>>>>>>>>>>
>>>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>>>>> >
>>>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>>>>> least)
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>>>>> >
>>>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>>>
>>>>>>>>>> As much as I like the JSecurity name, I also think that we  
>>>>>>>>>> are un
>>>>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>>>>> main issue
>>>>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>>>>> already
>>>>>>>>>> know that there are company out there which already use  
>>>>>>>>>> this name.
>>>>>>>>>>
>>>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>>>>> information
>>>>>>>>>> as possible. When you guys think you have set your mind  
>>>>>>>>>> about this
>>>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>>>>> JSecurity or
>>>>>>>>>> any other) to double check that it's ok or not (IFAIK).  
>>>>>>>>>> That is one of
>>>>>>>>>> the condition to exit from the incubator :
>>>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>>>>> >).
>>>>>>>>>>
>>>>>>>>>> </snip>
>>>>>>>>>>
>>>>>>>>>> Thanks for your review and feedback!
>>>>>>>>>>
>>>>>>>>>> Best,
>>>>>>>>>>
>>>>>>>>>> Les
>>>>>>>>>>
>>>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>>>> >
>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Adam,
>>>>>>>>>>>
>>>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>>>>> opinion.  I love
>>>>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>>>>> contribute to
>>>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>>>
>>>>>>>>>>> I am in total agreement with your sentiments thus far.  It  
>>>>>>>>>>> is my
>>>>>>>>>>> opinion that the name we have is great as it is and I'd  
>>>>>>>>>>> only like to
>>>>>>>>>>> change the name if someone from legal puts pressure on us  
>>>>>>>>>>> to do so.
>>>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>>>>> post this to
>>>>>>>>>>> legal in just a few minutes asking their feedback.  I'd  
>>>>>>>>>>> like to hear
>>>>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>>>>> genuinely
>>>>>>>>>>> curious :)
>>>>>>>>>>>
>>>>>>>>>>> Thanks again very much for chiming in.  Its nice to see  
>>>>>>>>>>> that you (and
>>>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>>>
>>>>>>>>>>> Best regards,
>>>>>>>>>>>
>>>>>>>>>>> Les
>>>>>>>>>>>
>>>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft  
>>>>>>>>>>> <ad...@adamtaft.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>>>>> (though I
>>>>>>>>>>>> hope to
>>>>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>>>>> attention, and
>>>>>>>>>>>> so I
>>>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>>>
>>>>>>>>>>>> I have an interest, call it a hobby, in name related  
>>>>>>>>>>>> issues for
>>>>>>>>>>>> software
>>>>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>>>>> from any
>>>>>>>>>>>> official
>>>>>>>>>>>> background (I guess beyond a little professional), I  
>>>>>>>>>>>> would like to
>>>>>>>>>>>> point out
>>>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>>>>> has been
>>>>>>>>>>>> associated with other software products already.  So,  
>>>>>>>>>>>> this is bad
>>>>>>>>>>>> news
>>>>>>>>>>>> with
>>>>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>>>>> geographic
>>>>>>>>>>>> location
>>>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>>>>> these other
>>>>>>>>>>>> software products are going to have problems with any  
>>>>>>>>>>>> related use of
>>>>>>>>>>>> the
>>>>>>>>>>>> term Alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>>>>> product is
>>>>>>>>>>>> used
>>>>>>>>>>>> to
>>>>>>>>>>>> keep people out of the protected system.  This is what  
>>>>>>>>>>>> the term
>>>>>>>>>>>> "security"
>>>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant  
>>>>>>>>>>>> to keep
>>>>>>>>>>>> people
>>>>>>>>>>>> out,
>>>>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>>>>> related, and
>>>>>>>>>>>> even
>>>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>>>>> software
>>>>>>>>>>>> would be
>>>>>>>>>>>> a better name for a product which keeps workstation/ 
>>>>>>>>>>>> network users
>>>>>>>>>>>> constrained in their internet use, like a firewall, or a  
>>>>>>>>>>>> web proxy,
>>>>>>>>>>>> for
>>>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>>>
>>>>>>>>>>>> Don't underestimate the importance of this point.  The  
>>>>>>>>>>>> name of a
>>>>>>>>>>>> software
>>>>>>>>>>>> should ideally be somewhat self describing, especially  
>>>>>>>>>>>> when starting
>>>>>>>>>>>> out.
>>>>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>>>>> describing name
>>>>>>>>>>>> can
>>>>>>>>>>>> make
>>>>>>>>>>>> a big difference.
>>>>>>>>>>>>
>>>>>>>>>>>> Third, I don't think you can underestimate how important  
>>>>>>>>>>>> it is that
>>>>>>>>>>>> people
>>>>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>>>>> Google (and
>>>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>>>>> unrelated
>>>>>>>>>>>> hits,
>>>>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>>>>> with the
>>>>>>>>>>>> name.
>>>>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>>>>> only known
>>>>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>>>>> hear the
>>>>>>>>>>>> name.
>>>>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>>>>> completely strange
>>>>>>>>>>>> and
>>>>>>>>>>>> nonsensical product names.
>>>>>>>>>>>>
>>>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>>>>> which again
>>>>>>>>>>>> becomes problematic for the above search recognition  
>>>>>>>>>>>> reasons.
>>>>>>>>>>>> Alkitraz?
>>>>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>>>>> (though
>>>>>>>>>>>> this
>>>>>>>>>>>> is a
>>>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>>>
>>>>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>>>>> something that
>>>>>>>>>>>> you
>>>>>>>>>>>> don't
>>>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>>>>> should be
>>>>>>>>>>>> consulted.
>>>>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>>>>> changing package
>>>>>>>>>>>> names
>>>>>>>>>>>> with anticipation of a name change.  You would be crazy  
>>>>>>>>>>>> to start
>>>>>>>>>>>> renaming
>>>>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>>>>> happen in
>>>>>>>>>>>> the
>>>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>>>
>>>>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>>>>> view, you
>>>>>>>>>>>> shouldn't
>>>>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>>>>> actually
>>>>>>>>>>>> required
>>>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has  
>>>>>>>>>>>> the Apache
>>>>>>>>>>>> council
>>>>>>>>>>>> suggested the change?  Are you being blocked by the  
>>>>>>>>>>>> incubation
>>>>>>>>>>>> process?
>>>>>>>>>>>> Why
>>>>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>>>>> could be
>>>>>>>>>>>> better
>>>>>>>>>>>> spent on other matters.
>>>>>>>>>>>>
>>>>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>>>>> Eclipse.  But,
>>>>>>>>>>>> that's
>>>>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>>>>> confusion,
>>>>>>>>>>>> support,
>>>>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>>>>> thought about
>>>>>>>>>>>> when
>>>>>>>>>>>> changing the name.
>>>>>>>>>>>>
>>>>>>>>>>>> Further, what if you decide to change the name to  
>>>>>>>>>>>> Alcatraz, and then
>>>>>>>>>>>> get
>>>>>>>>>>>> pressure from another software group?  Ouch, time to  
>>>>>>>>>>>> rename the
>>>>>>>>>>>> project
>>>>>>>>>>>> yet
>>>>>>>>>>>> again.
>>>>>>>>>>>>
>>>>>>>>>>>> I think you all are better just letting this thing ride  
>>>>>>>>>>>> until
>>>>>>>>>>>> something
>>>>>>>>>>>> real
>>>>>>>>>>>> convicting suggests you need a change.  JSecurity is a  
>>>>>>>>>>>> great product
>>>>>>>>>>>> name
>>>>>>>>>>>> which you should stick with until otherwise needed.  And,  
>>>>>>>>>>>> if that day
>>>>>>>>>>>> comes,
>>>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>>>>> opinion, for all
>>>>>>>>>>>> the
>>>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>
>>>>>>>>>>>> Adam
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them  
>>>>>>>>>>>>>>>>>> the names we
>>>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to  
>>>>>>>>>>>>>>>>> post to
>>>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>>>> names.  Could you please forward them on so I can  
>>>>>>>>>>>>>>>>> post them to
>>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that  
>>>>>>>>>>>>>>>> alcatraz is the
>>>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up  
>>>>>>>>>>>>>>>> the 1.0
>>>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>>>>> Incubator PMC we can change the packages to be  
>>>>>>>>>>>>>>>> jsecurity.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>>>>> (because
>>>>>>>>>>>>>>> it's
>>>>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>>>>> (with all the infos we have already found about it),  
>>>>>>>>>>>>>>> and also ask
>>>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>>>>> here : add
>>>>>>>>>>>>>>> some
>>>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>>>> geographical
>>>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Legal is not a clearing house for project names.  They  
>>>>>>>>>>>>>> can only
>>>>>>>>>>>>>> give
>>>>>>>>>>>>>> advice if there's a potential conflict, i.e.  
>>>>>>>>>>>>>> JSecurity.  So far as
>>>>>>>>>>>>>> I
>>>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> What I'm worried about is that the vetting effort for  
>>>>>>>>>>>>>> the JSecurity
>>>>>>>>>>>>>> name will have the same track record as the v0.9  
>>>>>>>>>>>>>> release.  If we
>>>>>>>>>>>>>> start
>>>>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>>>>> incubation
>>>>>>>>>>>>>> process.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some  
>>>>>>>>>>>>> time to do
>>>>>>>>>>>>> some
>>>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>>>> incubator).
>>>>>>>>>>>>>
>>>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> --
>>>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>>>> www.iktek.com
>>>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> View this message in context:
>>>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>>>>> Nabble.com.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ---------------------------------------------------------------------
>>>>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>>>>> educational
>>>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>>>>> opinions
>>>>>>>>> and policies of the ASF.  See <http://www.apache.org/ 
>>>>>>>>> licenses/> for
>>>>>>>>> official ASF policies and documents.
>>>>>>>>> ---------------------------------------------------------------------
>>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>>
>>>>>>>>
>>>>>>>> Craig L Russell
>>>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>
>>>>>> Craig L Russell
>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>
>>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>>
>>>
>>
>

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:

> I guess my take is that
> JSecurity has been in the name of this project for nearly 4 years  
> without compliant

Sorry, I'm not following.  Unless Juniper has held the name for three  
years or less, how is that relevant?

> JSecurity has name recognition and a following

Sorry, I don't understand if this is pertinent other than it being  
motivation for keeping the name.  I also am motivated to keep the name  
but I don't see how we can get past the issues below.

> The project of concern, "J-Security" is not a product at all but  
> rather a " resource for security information and analysis."
> J-Security's parent company Juniper is in the network hardware  
> business not the Java application business
> JSecurity is an open-source software project not a "product" we are  
> looking to sell (not a competitor in any way to Juniper)

It doesn't matter if we sell a product or not.  It's a name collision,  
albeit a potential collision.  If they chose to push out a product  
under that name we would be in trouble; if I am wrong here someone  
please tell me.

Now, if you told me that we held our name longer than Juniper held  
theirs then it would be a different story.

So to put it more succinctly, here are the criteria where I am happy  
to change my vote.  Any single one would work for me.

1) We held the name longer than Juniper - I'll take anyone's word on  
this
2) If Juniper came out with a product under their service offering we  
would have nothing to worry about - I will only take an informed opinion

I'm guessing that the others would change their vote as well.


Regards,
Alan

>
> On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:
>
>> Here's my take and I'm not intransigent on this.  I'll use a bit of  
>> hyperbole to make my point.
>>
>> If some company who makes hand made woven baskets has had the name  
>> JSecurity there would be no problem.  If that company decides to   
>> market a program that trains people in basket weaving written in  
>> java there would be no problem.
>>
>> However, other computer security companies have an earlier claim to  
>> JSecurity.  If they decide the release a suite of java programs  
>> that performs security analysis then there's overlap.
>>
>> Why would we want to live in the grey area anyway?  Am I  
>> misunderstanding something?
>>
>> Regards,
>> Alan
>>
>>
>> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>>
>>> Agreed.
>>>
>>> I don't really understand what problem is being solved here.
>>>
>>> geir
>>>
>>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>>
>>>> -1 to changing the name at this time.
>>>>
>>>> I know my vote isn't binding, but I just want a record of it. At  
>>>> the
>>>> moment, I think any potential causes of conflict, given that  
>>>> there are
>>>> NO trademark or patent conflicts, are dubious at best.
>>>>
>>>> Cheers,
>>>>
>>>> Les
>>>>
>>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>>>> > wrote:
>>>>> any more...
>>>>>
>>>>> ok, former board member. ;-)
>>>>>
>>>>> Craig
>>>>>
>>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>>
>>>>>> I'm not a board member. :)
>>>>>>
>>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>>>> >
>>>>>> wrote:
>>>>>>>
>>>>>>> -1 Do not change JSecurity's name
>>>>>>>
>>>>>>> We had the discussion in early December on the legal mailing  
>>>>>>> list and no
>>>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>>>> only board
>>>>>>> member who commented on the JSecurity name during the  
>>>>>>> discussion.
>>>>>>>
>>>>>>> We will have at least three more votes where additional issues  
>>>>>>> regarding
>>>>>>> the
>>>>>>> name can be brought up:
>>>>>>>
>>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>>>> incubator
>>>>>>> votes.
>>>>>>>
>>>>>>> Craig
>>>>>>>
>>>>>>>
>>>>>>> Dear JSecurity Team,
>>>>>>>
>>>>>>> There has been lengthy debate without consensus as to whether or
>>>>>>> JSecurity's
>>>>>>> name should be changed to something else.  So, there is need  
>>>>>>> for a vote.
>>>>>>>
>>>>>>> Please vote on changing JSecurity's name to something else.   
>>>>>>> This is ONLY
>>>>>>> a
>>>>>>> vote of if we should change the name, NOT what any alternate  
>>>>>>> name might
>>>>>>> be.
>>>>>>> I'd like to leave this vote open for 7 days instead of the  
>>>>>>> usual 3 to
>>>>>>> account for time that people may not be able to respond due to  
>>>>>>> the
>>>>>>> holidays.  Of course we can close the vote early if all  
>>>>>>> binding votes are
>>>>>>> accounted for prior to the 7 day limit.
>>>>>>>
>>>>>>> The vote is open for the next 7 days and only votes from the  
>>>>>>> JSecurity
>>>>>>> development team are binding.
>>>>>>>
>>>>>>> [ ] +1 Change JSecurity's name
>>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>>
>>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>>
>>>>>>>> Given that it's a name you've been using for 4 years, and  
>>>>>>>> it's very
>>>>>>>> generic [jXxx being a common pattern in our space and  
>>>>>>>> Security being
>>>>>>>> very generic]; I'm inclined to keep the current name; though  
>>>>>>>> by the
>>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>>>> very good
>>>>>>>> branding.
>>>>>>>>
>>>>>>>> My tuppence of opinion.
>>>>>>>>
>>>>>>>> Hen
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>> >
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hi ASF legal team,
>>>>>>>>>
>>>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>>>> concerning a
>>>>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>>>>> Incubator
>>>>>>>>> project).
>>>>>>>>>
>>>>>>>>> A few of our mentors have expressed concern that there might  
>>>>>>>>> be a
>>>>>>>>> possible naming conflict with our project name (JSecurity)  
>>>>>>>>> and some
>>>>>>>>> other references found through google and other search  
>>>>>>>>> mechanisms.
>>>>>>>>>
>>>>>>>>> I'd like to point out that the JSecurity name, as an open  
>>>>>>>>> source
>>>>>>>>> project identity has been around for almost 4 years now,  
>>>>>>>>> with zero
>>>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>>>> proprietary
>>>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>>>> determining if
>>>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>>>> context of
>>>>>>>>> why the original JSecurity developers (and our well- 
>>>>>>>>> established
>>>>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>>>>> might be
>>>>>>>>> older references to this name, unrelated to our project, but  
>>>>>>>>> we don't
>>>>>>>>> know for certain if they would constitute a risk in the name  
>>>>>>>>> overlap.
>>>>>>>>>
>>>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>>>> changed or
>>>>>>>>> not.
>>>>>>>>>
>>>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>>>> research:
>>>>>>>>>
>>>>>>>>> <snip>
>>>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>>>> references
>>>>>>>>> to JSecurity :
>>>>>>>>>
>>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>>>> Assessment service called JSecurity. Our JSecurity experts  
>>>>>>>>> will
>>>>>>>>> conduct a full information security risk assessment focusing  
>>>>>>>>> on:"
>>>>>>>>>
>>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>>>> >
>>>>>>>>> Seems like they have a service called  J-Security. Be sure  
>>>>>>>>> that
>>>>>>>>> Juniper has a legal service who might perfectly well send  
>>>>>>>>> some nicely
>>>>>>>>> written "cease and desist" letter to the ASF about this  
>>>>>>>>> name. Not sure
>>>>>>>>> that our legals want to deal with that ...
>>>>>>>>>
>>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>>>> >
>>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>>>> least)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>>>> >
>>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>>
>>>>>>>>> As much as I like the JSecurity name, I also think that we  
>>>>>>>>> are un
>>>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>>>> main issue
>>>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>>>> already
>>>>>>>>> know that there are company out there which already use this  
>>>>>>>>> name.
>>>>>>>>>
>>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>>>> information
>>>>>>>>> as possible. When you guys think you have set your mind  
>>>>>>>>> about this
>>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>>>> JSecurity or
>>>>>>>>> any other) to double check that it's ok or not (IFAIK). That  
>>>>>>>>> is one of
>>>>>>>>> the condition to exit from the incubator :
>>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>>>> >).
>>>>>>>>>
>>>>>>>>> </snip>
>>>>>>>>>
>>>>>>>>> Thanks for your review and feedback!
>>>>>>>>>
>>>>>>>>> Best,
>>>>>>>>>
>>>>>>>>> Les
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>>> >
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Adam,
>>>>>>>>>>
>>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>>>> opinion.  I love
>>>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>>>> contribute to
>>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>>
>>>>>>>>>> I am in total agreement with your sentiments thus far.  It  
>>>>>>>>>> is my
>>>>>>>>>> opinion that the name we have is great as it is and I'd  
>>>>>>>>>> only like to
>>>>>>>>>> change the name if someone from legal puts pressure on us  
>>>>>>>>>> to do so.
>>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>>>> post this to
>>>>>>>>>> legal in just a few minutes asking their feedback.  I'd  
>>>>>>>>>> like to hear
>>>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>>>> genuinely
>>>>>>>>>> curious :)
>>>>>>>>>>
>>>>>>>>>> Thanks again very much for chiming in.  Its nice to see  
>>>>>>>>>> that you (and
>>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>>
>>>>>>>>>> Best regards,
>>>>>>>>>>
>>>>>>>>>> Les
>>>>>>>>>>
>>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft  
>>>>>>>>>> <ad...@adamtaft.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>>>> (though I
>>>>>>>>>>> hope to
>>>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>>>> attention, and
>>>>>>>>>>> so I
>>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>>
>>>>>>>>>>> I have an interest, call it a hobby, in name related  
>>>>>>>>>>> issues for
>>>>>>>>>>> software
>>>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>>>> from any
>>>>>>>>>>> official
>>>>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>>>>> like to
>>>>>>>>>>> point out
>>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>>>> has been
>>>>>>>>>>> associated with other software products already.  So, this  
>>>>>>>>>>> is bad
>>>>>>>>>>> news
>>>>>>>>>>> with
>>>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>>>> geographic
>>>>>>>>>>> location
>>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>>>> these other
>>>>>>>>>>> software products are going to have problems with any  
>>>>>>>>>>> related use of
>>>>>>>>>>> the
>>>>>>>>>>> term Alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>>>> product is
>>>>>>>>>>> used
>>>>>>>>>>> to
>>>>>>>>>>> keep people out of the protected system.  This is what the  
>>>>>>>>>>> term
>>>>>>>>>>> "security"
>>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant  
>>>>>>>>>>> to keep
>>>>>>>>>>> people
>>>>>>>>>>> out,
>>>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>>>> related, and
>>>>>>>>>>> even
>>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>>>> software
>>>>>>>>>>> would be
>>>>>>>>>>> a better name for a product which keeps workstation/ 
>>>>>>>>>>> network users
>>>>>>>>>>> constrained in their internet use, like a firewall, or a  
>>>>>>>>>>> web proxy,
>>>>>>>>>>> for
>>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>>
>>>>>>>>>>> Don't underestimate the importance of this point.  The  
>>>>>>>>>>> name of a
>>>>>>>>>>> software
>>>>>>>>>>> should ideally be somewhat self describing, especially  
>>>>>>>>>>> when starting
>>>>>>>>>>> out.
>>>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>>>> describing name
>>>>>>>>>>> can
>>>>>>>>>>> make
>>>>>>>>>>> a big difference.
>>>>>>>>>>>
>>>>>>>>>>> Third, I don't think you can underestimate how important  
>>>>>>>>>>> it is that
>>>>>>>>>>> people
>>>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>>>> Google (and
>>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>>>> unrelated
>>>>>>>>>>> hits,
>>>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>>>> with the
>>>>>>>>>>> name.
>>>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>>>> only known
>>>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>>>> hear the
>>>>>>>>>>> name.
>>>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>>>> completely strange
>>>>>>>>>>> and
>>>>>>>>>>> nonsensical product names.
>>>>>>>>>>>
>>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>>>> which again
>>>>>>>>>>> becomes problematic for the above search recognition  
>>>>>>>>>>> reasons.
>>>>>>>>>>> Alkitraz?
>>>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>>>> (though
>>>>>>>>>>> this
>>>>>>>>>>> is a
>>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>>
>>>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>>>> something that
>>>>>>>>>>> you
>>>>>>>>>>> don't
>>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>>>> should be
>>>>>>>>>>> consulted.
>>>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>>>> changing package
>>>>>>>>>>> names
>>>>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>>>>> start
>>>>>>>>>>> renaming
>>>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>>>> happen in
>>>>>>>>>>> the
>>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>>
>>>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>>>> view, you
>>>>>>>>>>> shouldn't
>>>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>>>> actually
>>>>>>>>>>> required
>>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has  
>>>>>>>>>>> the Apache
>>>>>>>>>>> council
>>>>>>>>>>> suggested the change?  Are you being blocked by the  
>>>>>>>>>>> incubation
>>>>>>>>>>> process?
>>>>>>>>>>> Why
>>>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>>>> could be
>>>>>>>>>>> better
>>>>>>>>>>> spent on other matters.
>>>>>>>>>>>
>>>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>>>> Eclipse.  But,
>>>>>>>>>>> that's
>>>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>>>> confusion,
>>>>>>>>>>> support,
>>>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>>>> thought about
>>>>>>>>>>> when
>>>>>>>>>>> changing the name.
>>>>>>>>>>>
>>>>>>>>>>> Further, what if you decide to change the name to  
>>>>>>>>>>> Alcatraz, and then
>>>>>>>>>>> get
>>>>>>>>>>> pressure from another software group?  Ouch, time to  
>>>>>>>>>>> rename the
>>>>>>>>>>> project
>>>>>>>>>>> yet
>>>>>>>>>>> again.
>>>>>>>>>>>
>>>>>>>>>>> I think you all are better just letting this thing ride  
>>>>>>>>>>> until
>>>>>>>>>>> something
>>>>>>>>>>> real
>>>>>>>>>>> convicting suggests you need a change.  JSecurity is a  
>>>>>>>>>>> great product
>>>>>>>>>>> name
>>>>>>>>>>> which you should stick with until otherwise needed.  And,  
>>>>>>>>>>> if that day
>>>>>>>>>>> comes,
>>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>>>> opinion, for all
>>>>>>>>>>> the
>>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>>
>>>>>>>>>>> Thanks,
>>>>>>>>>>>
>>>>>>>>>>> Adam
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them  
>>>>>>>>>>>>>>>>> the names we
>>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post  
>>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>>> names.  Could you please forward them on so I can  
>>>>>>>>>>>>>>>> post them to
>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that  
>>>>>>>>>>>>>>> alcatraz is the
>>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the  
>>>>>>>>>>>>>>> 1.0
>>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>>>> Incubator PMC we can change the packages to be  
>>>>>>>>>>>>>>> jsecurity.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>>>> (because
>>>>>>>>>>>>>> it's
>>>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>>>> (with all the infos we have already found about it),  
>>>>>>>>>>>>>> and also ask
>>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>>>> here : add
>>>>>>>>>>>>>> some
>>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>>> geographical
>>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>>
>>>>>>>>>>>>> Legal is not a clearing house for project names.  They  
>>>>>>>>>>>>> can only
>>>>>>>>>>>>> give
>>>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.   
>>>>>>>>>>>>> So far as
>>>>>>>>>>>>> I
>>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>>
>>>>>>>>>>>>> What I'm worried about is that the vetting effort for  
>>>>>>>>>>>>> the JSecurity
>>>>>>>>>>>>> name will have the same track record as the v0.9  
>>>>>>>>>>>>> release.  If we
>>>>>>>>>>>>> start
>>>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>>>> incubation
>>>>>>>>>>>>> process.
>>>>>>>>>>>>
>>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some  
>>>>>>>>>>>> time to do
>>>>>>>>>>>> some
>>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>>> incubator).
>>>>>>>>>>>>
>>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> --
>>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>>> www.iktek.com
>>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> View this message in context:
>>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>>>> Nabble.com.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>>>> educational
>>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>>>> opinions
>>>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/ 
>>>>>>>> > for
>>>>>>>> official ASF policies and documents.
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>
>>>>>>>
>>>>>>> Craig L Russell
>>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>
>>>>> Craig L Russell
>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>> P.S. A good JDO? O, Gasp!
>>>>>
>>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>
>

Re: [VOTE] Change JSecurity's Name

[Tim Veil <ti...@mac.com>]

Whoops, sent that unfinished... My last thought is that in my mind the  
differences between the two projects are significant enough not to  
warrant a change now.

It seems so unlikely that Juniper is going to want to compete in this  
space, it just doesn't seem like a grey area to me.

Thanks,
Tim

On Jan 11, 2009, at 1:52 PM, Tim Veil wrote:

> I guess my take is that
> JSecurity has been in the name of this project for nearly 4 years  
> without compliant
> JSecurity has name recognition and a following
> The project of concern, "J-Security" is not a product at all but  
> rather a " resource for security information and analysis."
> J-Security's parent company Juniper is in the network hardware  
> business not the Java application business
> JSecurity is an open-source software project not a "product" we are  
> looking to sell (not a competitor in any way to Juniper)
>
> On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:
>
>> Here's my take and I'm not intransigent on this.  I'll use a bit of  
>> hyperbole to make my point.
>>
>> If some company who makes hand made woven baskets has had the name  
>> JSecurity there would be no problem.  If that company decides to   
>> market a program that trains people in basket weaving written in  
>> java there would be no problem.
>>
>> However, other computer security companies have an earlier claim to  
>> JSecurity.  If they decide the release a suite of java programs  
>> that performs security analysis then there's overlap.
>>
>> Why would we want to live in the grey area anyway?  Am I  
>> misunderstanding something?
>>
>> Regards,
>> Alan
>>
>>
>> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>>
>>> Agreed.
>>>
>>> I don't really understand what problem is being solved here.
>>>
>>> geir
>>>
>>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>>
>>>> -1 to changing the name at this time.
>>>>
>>>> I know my vote isn't binding, but I just want a record of it. At  
>>>> the
>>>> moment, I think any potential causes of conflict, given that  
>>>> there are
>>>> NO trademark or patent conflicts, are dubious at best.
>>>>
>>>> Cheers,
>>>>
>>>> Les
>>>>
>>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>>>> > wrote:
>>>>> any more...
>>>>>
>>>>> ok, former board member. ;-)
>>>>>
>>>>> Craig
>>>>>
>>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>>
>>>>>> I'm not a board member. :)
>>>>>>
>>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>>>> >
>>>>>> wrote:
>>>>>>>
>>>>>>> -1 Do not change JSecurity's name
>>>>>>>
>>>>>>> We had the discussion in early December on the legal mailing  
>>>>>>> list and no
>>>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>>>> only board
>>>>>>> member who commented on the JSecurity name during the  
>>>>>>> discussion.
>>>>>>>
>>>>>>> We will have at least three more votes where additional issues  
>>>>>>> regarding
>>>>>>> the
>>>>>>> name can be brought up:
>>>>>>>
>>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>>>> incubator
>>>>>>> votes.
>>>>>>>
>>>>>>> Craig
>>>>>>>
>>>>>>>
>>>>>>> Dear JSecurity Team,
>>>>>>>
>>>>>>> There has been lengthy debate without consensus as to whether or
>>>>>>> JSecurity's
>>>>>>> name should be changed to something else.  So, there is need  
>>>>>>> for a vote.
>>>>>>>
>>>>>>> Please vote on changing JSecurity's name to something else.   
>>>>>>> This is ONLY
>>>>>>> a
>>>>>>> vote of if we should change the name, NOT what any alternate  
>>>>>>> name might
>>>>>>> be.
>>>>>>> I'd like to leave this vote open for 7 days instead of the  
>>>>>>> usual 3 to
>>>>>>> account for time that people may not be able to respond due to  
>>>>>>> the
>>>>>>> holidays.  Of course we can close the vote early if all  
>>>>>>> binding votes are
>>>>>>> accounted for prior to the 7 day limit.
>>>>>>>
>>>>>>> The vote is open for the next 7 days and only votes from the  
>>>>>>> JSecurity
>>>>>>> development team are binding.
>>>>>>>
>>>>>>> [ ] +1 Change JSecurity's name
>>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>>
>>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>>
>>>>>>>> Given that it's a name you've been using for 4 years, and  
>>>>>>>> it's very
>>>>>>>> generic [jXxx being a common pattern in our space and  
>>>>>>>> Security being
>>>>>>>> very generic]; I'm inclined to keep the current name; though  
>>>>>>>> by the
>>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>>>> very good
>>>>>>>> branding.
>>>>>>>>
>>>>>>>> My tuppence of opinion.
>>>>>>>>
>>>>>>>> Hen
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>> >
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hi ASF legal team,
>>>>>>>>>
>>>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>>>> concerning a
>>>>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>>>>> Incubator
>>>>>>>>> project).
>>>>>>>>>
>>>>>>>>> A few of our mentors have expressed concern that there might  
>>>>>>>>> be a
>>>>>>>>> possible naming conflict with our project name (JSecurity)  
>>>>>>>>> and some
>>>>>>>>> other references found through google and other search  
>>>>>>>>> mechanisms.
>>>>>>>>>
>>>>>>>>> I'd like to point out that the JSecurity name, as an open  
>>>>>>>>> source
>>>>>>>>> project identity has been around for almost 4 years now,  
>>>>>>>>> with zero
>>>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>>>> proprietary
>>>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>>>> determining if
>>>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>>>> context of
>>>>>>>>> why the original JSecurity developers (and our well- 
>>>>>>>>> established
>>>>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>>>>> might be
>>>>>>>>> older references to this name, unrelated to our project, but  
>>>>>>>>> we don't
>>>>>>>>> know for certain if they would constitute a risk in the name  
>>>>>>>>> overlap.
>>>>>>>>>
>>>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>>>> changed or
>>>>>>>>> not.
>>>>>>>>>
>>>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>>>> research:
>>>>>>>>>
>>>>>>>>> <snip>
>>>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>>>> references
>>>>>>>>> to JSecurity :
>>>>>>>>>
>>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>>>> Assessment service called JSecurity. Our JSecurity experts  
>>>>>>>>> will
>>>>>>>>> conduct a full information security risk assessment focusing  
>>>>>>>>> on:"
>>>>>>>>>
>>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>>>> >
>>>>>>>>> Seems like they have a service called  J-Security. Be sure  
>>>>>>>>> that
>>>>>>>>> Juniper has a legal service who might perfectly well send  
>>>>>>>>> some nicely
>>>>>>>>> written "cease and desist" letter to the ASF about this  
>>>>>>>>> name. Not sure
>>>>>>>>> that our legals want to deal with that ...
>>>>>>>>>
>>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>>>> >
>>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>>>> least)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>>>> >
>>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>>
>>>>>>>>> As much as I like the JSecurity name, I also think that we  
>>>>>>>>> are un
>>>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>>>> main issue
>>>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>>>> already
>>>>>>>>> know that there are company out there which already use this  
>>>>>>>>> name.
>>>>>>>>>
>>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>>>> information
>>>>>>>>> as possible. When you guys think you have set your mind  
>>>>>>>>> about this
>>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>>>> JSecurity or
>>>>>>>>> any other) to double check that it's ok or not (IFAIK). That  
>>>>>>>>> is one of
>>>>>>>>> the condition to exit from the incubator :
>>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>>>> >).
>>>>>>>>>
>>>>>>>>> </snip>
>>>>>>>>>
>>>>>>>>> Thanks for your review and feedback!
>>>>>>>>>
>>>>>>>>> Best,
>>>>>>>>>
>>>>>>>>> Les
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>>> >
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Adam,
>>>>>>>>>>
>>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>>>> opinion.  I love
>>>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>>>> contribute to
>>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>>
>>>>>>>>>> I am in total agreement with your sentiments thus far.  It  
>>>>>>>>>> is my
>>>>>>>>>> opinion that the name we have is great as it is and I'd  
>>>>>>>>>> only like to
>>>>>>>>>> change the name if someone from legal puts pressure on us  
>>>>>>>>>> to do so.
>>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>>>> post this to
>>>>>>>>>> legal in just a few minutes asking their feedback.  I'd  
>>>>>>>>>> like to hear
>>>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>>>> genuinely
>>>>>>>>>> curious :)
>>>>>>>>>>
>>>>>>>>>> Thanks again very much for chiming in.  Its nice to see  
>>>>>>>>>> that you (and
>>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>>
>>>>>>>>>> Best regards,
>>>>>>>>>>
>>>>>>>>>> Les
>>>>>>>>>>
>>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft  
>>>>>>>>>> <ad...@adamtaft.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>>>> (though I
>>>>>>>>>>> hope to
>>>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>>>> attention, and
>>>>>>>>>>> so I
>>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>>
>>>>>>>>>>> I have an interest, call it a hobby, in name related  
>>>>>>>>>>> issues for
>>>>>>>>>>> software
>>>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>>>> from any
>>>>>>>>>>> official
>>>>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>>>>> like to
>>>>>>>>>>> point out
>>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>>>> has been
>>>>>>>>>>> associated with other software products already.  So, this  
>>>>>>>>>>> is bad
>>>>>>>>>>> news
>>>>>>>>>>> with
>>>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>>>> geographic
>>>>>>>>>>> location
>>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>>>> these other
>>>>>>>>>>> software products are going to have problems with any  
>>>>>>>>>>> related use of
>>>>>>>>>>> the
>>>>>>>>>>> term Alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>>>> product is
>>>>>>>>>>> used
>>>>>>>>>>> to
>>>>>>>>>>> keep people out of the protected system.  This is what the  
>>>>>>>>>>> term
>>>>>>>>>>> "security"
>>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant  
>>>>>>>>>>> to keep
>>>>>>>>>>> people
>>>>>>>>>>> out,
>>>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>>>> related, and
>>>>>>>>>>> even
>>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>>>> software
>>>>>>>>>>> would be
>>>>>>>>>>> a better name for a product which keeps workstation/ 
>>>>>>>>>>> network users
>>>>>>>>>>> constrained in their internet use, like a firewall, or a  
>>>>>>>>>>> web proxy,
>>>>>>>>>>> for
>>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>>
>>>>>>>>>>> Don't underestimate the importance of this point.  The  
>>>>>>>>>>> name of a
>>>>>>>>>>> software
>>>>>>>>>>> should ideally be somewhat self describing, especially  
>>>>>>>>>>> when starting
>>>>>>>>>>> out.
>>>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>>>> describing name
>>>>>>>>>>> can
>>>>>>>>>>> make
>>>>>>>>>>> a big difference.
>>>>>>>>>>>
>>>>>>>>>>> Third, I don't think you can underestimate how important  
>>>>>>>>>>> it is that
>>>>>>>>>>> people
>>>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>>>> Google (and
>>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>>>> unrelated
>>>>>>>>>>> hits,
>>>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>>>> with the
>>>>>>>>>>> name.
>>>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>>>> only known
>>>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>>>> hear the
>>>>>>>>>>> name.
>>>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>>>> completely strange
>>>>>>>>>>> and
>>>>>>>>>>> nonsensical product names.
>>>>>>>>>>>
>>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>>>> which again
>>>>>>>>>>> becomes problematic for the above search recognition  
>>>>>>>>>>> reasons.
>>>>>>>>>>> Alkitraz?
>>>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>>>> (though
>>>>>>>>>>> this
>>>>>>>>>>> is a
>>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>>
>>>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>>>> something that
>>>>>>>>>>> you
>>>>>>>>>>> don't
>>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>>>> should be
>>>>>>>>>>> consulted.
>>>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>>>> changing package
>>>>>>>>>>> names
>>>>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>>>>> start
>>>>>>>>>>> renaming
>>>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>>>> happen in
>>>>>>>>>>> the
>>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>>
>>>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>>>> view, you
>>>>>>>>>>> shouldn't
>>>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>>>> actually
>>>>>>>>>>> required
>>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has  
>>>>>>>>>>> the Apache
>>>>>>>>>>> council
>>>>>>>>>>> suggested the change?  Are you being blocked by the  
>>>>>>>>>>> incubation
>>>>>>>>>>> process?
>>>>>>>>>>> Why
>>>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>>>> could be
>>>>>>>>>>> better
>>>>>>>>>>> spent on other matters.
>>>>>>>>>>>
>>>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>>>> Eclipse.  But,
>>>>>>>>>>> that's
>>>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>>>> confusion,
>>>>>>>>>>> support,
>>>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>>>> thought about
>>>>>>>>>>> when
>>>>>>>>>>> changing the name.
>>>>>>>>>>>
>>>>>>>>>>> Further, what if you decide to change the name to  
>>>>>>>>>>> Alcatraz, and then
>>>>>>>>>>> get
>>>>>>>>>>> pressure from another software group?  Ouch, time to  
>>>>>>>>>>> rename the
>>>>>>>>>>> project
>>>>>>>>>>> yet
>>>>>>>>>>> again.
>>>>>>>>>>>
>>>>>>>>>>> I think you all are better just letting this thing ride  
>>>>>>>>>>> until
>>>>>>>>>>> something
>>>>>>>>>>> real
>>>>>>>>>>> convicting suggests you need a change.  JSecurity is a  
>>>>>>>>>>> great product
>>>>>>>>>>> name
>>>>>>>>>>> which you should stick with until otherwise needed.  And,  
>>>>>>>>>>> if that day
>>>>>>>>>>> comes,
>>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>>>> opinion, for all
>>>>>>>>>>> the
>>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>>
>>>>>>>>>>> Thanks,
>>>>>>>>>>>
>>>>>>>>>>> Adam
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them  
>>>>>>>>>>>>>>>>> the names we
>>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post  
>>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>>> names.  Could you please forward them on so I can  
>>>>>>>>>>>>>>>> post them to
>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that  
>>>>>>>>>>>>>>> alcatraz is the
>>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the  
>>>>>>>>>>>>>>> 1.0
>>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>>>> Incubator PMC we can change the packages to be  
>>>>>>>>>>>>>>> jsecurity.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>>>> (because
>>>>>>>>>>>>>> it's
>>>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>>>> (with all the infos we have already found about it),  
>>>>>>>>>>>>>> and also ask
>>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>>>> here : add
>>>>>>>>>>>>>> some
>>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>>> geographical
>>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>>
>>>>>>>>>>>>> Legal is not a clearing house for project names.  They  
>>>>>>>>>>>>> can only
>>>>>>>>>>>>> give
>>>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.   
>>>>>>>>>>>>> So far as
>>>>>>>>>>>>> I
>>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>>
>>>>>>>>>>>>> What I'm worried about is that the vetting effort for  
>>>>>>>>>>>>> the JSecurity
>>>>>>>>>>>>> name will have the same track record as the v0.9  
>>>>>>>>>>>>> release.  If we
>>>>>>>>>>>>> start
>>>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>>>> incubation
>>>>>>>>>>>>> process.
>>>>>>>>>>>>
>>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some  
>>>>>>>>>>>> time to do
>>>>>>>>>>>> some
>>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>>> incubator).
>>>>>>>>>>>>
>>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> --
>>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>>> www.iktek.com
>>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> View this message in context:
>>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>>>> Nabble.com.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>>>> educational
>>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>>>> opinions
>>>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/ 
>>>>>>>> > for
>>>>>>>> official ASF policies and documents.
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>
>>>>>>>
>>>>>>> Craig L Russell
>>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>
>>>>> Craig L Russell
>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>> P.S. A good JDO? O, Gasp!
>>>>>
>>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>
>

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:

> I guess my take is that
> JSecurity has been in the name of this project for nearly 4 years  
> without compliant

Sorry, I'm not following.  Unless Juniper has held the name for three  
years or less, how is that relevant?

> JSecurity has name recognition and a following

Sorry, I don't understand if this is pertinent other than it being  
motivation for keeping the name.  I also am motivated to keep the name  
but I don't see how we can get past the issues below.

> The project of concern, "J-Security" is not a product at all but  
> rather a " resource for security information and analysis."
> J-Security's parent company Juniper is in the network hardware  
> business not the Java application business
> JSecurity is an open-source software project not a "product" we are  
> looking to sell (not a competitor in any way to Juniper)

It doesn't matter if we sell a product or not.  It's a name collision,  
albeit a potential collision.  If they chose to push out a product  
under that name we would be in trouble; if I am wrong here someone  
please tell me.

Now, if you told me that we held our name longer than Juniper held  
theirs then it would be a different story.

So to put it more succinctly, here are the criteria where I am happy  
to change my vote.  Any single one would work for me.

1) We held the name longer than Juniper - I'll take anyone's word on  
this
2) If Juniper came out with a product under their service offering we  
would have nothing to worry about - I will only take an informed opinion

I'm guessing that the others would change their vote as well.


Regards,
Alan

>
> On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:
>
>> Here's my take and I'm not intransigent on this.  I'll use a bit of  
>> hyperbole to make my point.
>>
>> If some company who makes hand made woven baskets has had the name  
>> JSecurity there would be no problem.  If that company decides to   
>> market a program that trains people in basket weaving written in  
>> java there would be no problem.
>>
>> However, other computer security companies have an earlier claim to  
>> JSecurity.  If they decide the release a suite of java programs  
>> that performs security analysis then there's overlap.
>>
>> Why would we want to live in the grey area anyway?  Am I  
>> misunderstanding something?
>>
>> Regards,
>> Alan
>>
>>
>> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>>
>>> Agreed.
>>>
>>> I don't really understand what problem is being solved here.
>>>
>>> geir
>>>
>>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>>
>>>> -1 to changing the name at this time.
>>>>
>>>> I know my vote isn't binding, but I just want a record of it. At  
>>>> the
>>>> moment, I think any potential causes of conflict, given that  
>>>> there are
>>>> NO trademark or patent conflicts, are dubious at best.
>>>>
>>>> Cheers,
>>>>
>>>> Les
>>>>
>>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>>>> > wrote:
>>>>> any more...
>>>>>
>>>>> ok, former board member. ;-)
>>>>>
>>>>> Craig
>>>>>
>>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>>
>>>>>> I'm not a board member. :)
>>>>>>
>>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>>>> >
>>>>>> wrote:
>>>>>>>
>>>>>>> -1 Do not change JSecurity's name
>>>>>>>
>>>>>>> We had the discussion in early December on the legal mailing  
>>>>>>> list and no
>>>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>>>> only board
>>>>>>> member who commented on the JSecurity name during the  
>>>>>>> discussion.
>>>>>>>
>>>>>>> We will have at least three more votes where additional issues  
>>>>>>> regarding
>>>>>>> the
>>>>>>> name can be brought up:
>>>>>>>
>>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>>>> incubator
>>>>>>> votes.
>>>>>>>
>>>>>>> Craig
>>>>>>>
>>>>>>>
>>>>>>> Dear JSecurity Team,
>>>>>>>
>>>>>>> There has been lengthy debate without consensus as to whether or
>>>>>>> JSecurity's
>>>>>>> name should be changed to something else.  So, there is need  
>>>>>>> for a vote.
>>>>>>>
>>>>>>> Please vote on changing JSecurity's name to something else.   
>>>>>>> This is ONLY
>>>>>>> a
>>>>>>> vote of if we should change the name, NOT what any alternate  
>>>>>>> name might
>>>>>>> be.
>>>>>>> I'd like to leave this vote open for 7 days instead of the  
>>>>>>> usual 3 to
>>>>>>> account for time that people may not be able to respond due to  
>>>>>>> the
>>>>>>> holidays.  Of course we can close the vote early if all  
>>>>>>> binding votes are
>>>>>>> accounted for prior to the 7 day limit.
>>>>>>>
>>>>>>> The vote is open for the next 7 days and only votes from the  
>>>>>>> JSecurity
>>>>>>> development team are binding.
>>>>>>>
>>>>>>> [ ] +1 Change JSecurity's name
>>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>>
>>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>>
>>>>>>>> Given that it's a name you've been using for 4 years, and  
>>>>>>>> it's very
>>>>>>>> generic [jXxx being a common pattern in our space and  
>>>>>>>> Security being
>>>>>>>> very generic]; I'm inclined to keep the current name; though  
>>>>>>>> by the
>>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>>>> very good
>>>>>>>> branding.
>>>>>>>>
>>>>>>>> My tuppence of opinion.
>>>>>>>>
>>>>>>>> Hen
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>> >
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hi ASF legal team,
>>>>>>>>>
>>>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>>>> concerning a
>>>>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>>>>> Incubator
>>>>>>>>> project).
>>>>>>>>>
>>>>>>>>> A few of our mentors have expressed concern that there might  
>>>>>>>>> be a
>>>>>>>>> possible naming conflict with our project name (JSecurity)  
>>>>>>>>> and some
>>>>>>>>> other references found through google and other search  
>>>>>>>>> mechanisms.
>>>>>>>>>
>>>>>>>>> I'd like to point out that the JSecurity name, as an open  
>>>>>>>>> source
>>>>>>>>> project identity has been around for almost 4 years now,  
>>>>>>>>> with zero
>>>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>>>> proprietary
>>>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>>>> determining if
>>>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>>>> context of
>>>>>>>>> why the original JSecurity developers (and our well- 
>>>>>>>>> established
>>>>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>>>>> might be
>>>>>>>>> older references to this name, unrelated to our project, but  
>>>>>>>>> we don't
>>>>>>>>> know for certain if they would constitute a risk in the name  
>>>>>>>>> overlap.
>>>>>>>>>
>>>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>>>> changed or
>>>>>>>>> not.
>>>>>>>>>
>>>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>>>> research:
>>>>>>>>>
>>>>>>>>> <snip>
>>>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>>>> references
>>>>>>>>> to JSecurity :
>>>>>>>>>
>>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>>>> Assessment service called JSecurity. Our JSecurity experts  
>>>>>>>>> will
>>>>>>>>> conduct a full information security risk assessment focusing  
>>>>>>>>> on:"
>>>>>>>>>
>>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>>>> >
>>>>>>>>> Seems like they have a service called  J-Security. Be sure  
>>>>>>>>> that
>>>>>>>>> Juniper has a legal service who might perfectly well send  
>>>>>>>>> some nicely
>>>>>>>>> written "cease and desist" letter to the ASF about this  
>>>>>>>>> name. Not sure
>>>>>>>>> that our legals want to deal with that ...
>>>>>>>>>
>>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>>>> >
>>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>>>> least)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>>>> >
>>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>>
>>>>>>>>> As much as I like the JSecurity name, I also think that we  
>>>>>>>>> are un
>>>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>>>> main issue
>>>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>>>> already
>>>>>>>>> know that there are company out there which already use this  
>>>>>>>>> name.
>>>>>>>>>
>>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>>>> information
>>>>>>>>> as possible. When you guys think you have set your mind  
>>>>>>>>> about this
>>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>>>> JSecurity or
>>>>>>>>> any other) to double check that it's ok or not (IFAIK). That  
>>>>>>>>> is one of
>>>>>>>>> the condition to exit from the incubator :
>>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>>>> >).
>>>>>>>>>
>>>>>>>>> </snip>
>>>>>>>>>
>>>>>>>>> Thanks for your review and feedback!
>>>>>>>>>
>>>>>>>>> Best,
>>>>>>>>>
>>>>>>>>> Les
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>>> >
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Adam,
>>>>>>>>>>
>>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>>>> opinion.  I love
>>>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>>>> contribute to
>>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>>
>>>>>>>>>> I am in total agreement with your sentiments thus far.  It  
>>>>>>>>>> is my
>>>>>>>>>> opinion that the name we have is great as it is and I'd  
>>>>>>>>>> only like to
>>>>>>>>>> change the name if someone from legal puts pressure on us  
>>>>>>>>>> to do so.
>>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>>>> post this to
>>>>>>>>>> legal in just a few minutes asking their feedback.  I'd  
>>>>>>>>>> like to hear
>>>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>>>> genuinely
>>>>>>>>>> curious :)
>>>>>>>>>>
>>>>>>>>>> Thanks again very much for chiming in.  Its nice to see  
>>>>>>>>>> that you (and
>>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>>
>>>>>>>>>> Best regards,
>>>>>>>>>>
>>>>>>>>>> Les
>>>>>>>>>>
>>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft  
>>>>>>>>>> <ad...@adamtaft.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>>>> (though I
>>>>>>>>>>> hope to
>>>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>>>> attention, and
>>>>>>>>>>> so I
>>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>>
>>>>>>>>>>> I have an interest, call it a hobby, in name related  
>>>>>>>>>>> issues for
>>>>>>>>>>> software
>>>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>>>> from any
>>>>>>>>>>> official
>>>>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>>>>> like to
>>>>>>>>>>> point out
>>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>>>> has been
>>>>>>>>>>> associated with other software products already.  So, this  
>>>>>>>>>>> is bad
>>>>>>>>>>> news
>>>>>>>>>>> with
>>>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>>>> geographic
>>>>>>>>>>> location
>>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>>>> these other
>>>>>>>>>>> software products are going to have problems with any  
>>>>>>>>>>> related use of
>>>>>>>>>>> the
>>>>>>>>>>> term Alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>>>> product is
>>>>>>>>>>> used
>>>>>>>>>>> to
>>>>>>>>>>> keep people out of the protected system.  This is what the  
>>>>>>>>>>> term
>>>>>>>>>>> "security"
>>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant  
>>>>>>>>>>> to keep
>>>>>>>>>>> people
>>>>>>>>>>> out,
>>>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>>>> related, and
>>>>>>>>>>> even
>>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>>>> software
>>>>>>>>>>> would be
>>>>>>>>>>> a better name for a product which keeps workstation/ 
>>>>>>>>>>> network users
>>>>>>>>>>> constrained in their internet use, like a firewall, or a  
>>>>>>>>>>> web proxy,
>>>>>>>>>>> for
>>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>>
>>>>>>>>>>> Don't underestimate the importance of this point.  The  
>>>>>>>>>>> name of a
>>>>>>>>>>> software
>>>>>>>>>>> should ideally be somewhat self describing, especially  
>>>>>>>>>>> when starting
>>>>>>>>>>> out.
>>>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>>>> describing name
>>>>>>>>>>> can
>>>>>>>>>>> make
>>>>>>>>>>> a big difference.
>>>>>>>>>>>
>>>>>>>>>>> Third, I don't think you can underestimate how important  
>>>>>>>>>>> it is that
>>>>>>>>>>> people
>>>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>>>> Google (and
>>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>>>> unrelated
>>>>>>>>>>> hits,
>>>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>>>> with the
>>>>>>>>>>> name.
>>>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>>>> only known
>>>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>>>> hear the
>>>>>>>>>>> name.
>>>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>>>> completely strange
>>>>>>>>>>> and
>>>>>>>>>>> nonsensical product names.
>>>>>>>>>>>
>>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>>>> which again
>>>>>>>>>>> becomes problematic for the above search recognition  
>>>>>>>>>>> reasons.
>>>>>>>>>>> Alkitraz?
>>>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>>>> (though
>>>>>>>>>>> this
>>>>>>>>>>> is a
>>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>>
>>>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>>>> something that
>>>>>>>>>>> you
>>>>>>>>>>> don't
>>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>>>> should be
>>>>>>>>>>> consulted.
>>>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>>>> changing package
>>>>>>>>>>> names
>>>>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>>>>> start
>>>>>>>>>>> renaming
>>>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>>>> happen in
>>>>>>>>>>> the
>>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>>
>>>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>>>> view, you
>>>>>>>>>>> shouldn't
>>>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>>>> actually
>>>>>>>>>>> required
>>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has  
>>>>>>>>>>> the Apache
>>>>>>>>>>> council
>>>>>>>>>>> suggested the change?  Are you being blocked by the  
>>>>>>>>>>> incubation
>>>>>>>>>>> process?
>>>>>>>>>>> Why
>>>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>>>> could be
>>>>>>>>>>> better
>>>>>>>>>>> spent on other matters.
>>>>>>>>>>>
>>>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>>>> Eclipse.  But,
>>>>>>>>>>> that's
>>>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>>>> confusion,
>>>>>>>>>>> support,
>>>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>>>> thought about
>>>>>>>>>>> when
>>>>>>>>>>> changing the name.
>>>>>>>>>>>
>>>>>>>>>>> Further, what if you decide to change the name to  
>>>>>>>>>>> Alcatraz, and then
>>>>>>>>>>> get
>>>>>>>>>>> pressure from another software group?  Ouch, time to  
>>>>>>>>>>> rename the
>>>>>>>>>>> project
>>>>>>>>>>> yet
>>>>>>>>>>> again.
>>>>>>>>>>>
>>>>>>>>>>> I think you all are better just letting this thing ride  
>>>>>>>>>>> until
>>>>>>>>>>> something
>>>>>>>>>>> real
>>>>>>>>>>> convicting suggests you need a change.  JSecurity is a  
>>>>>>>>>>> great product
>>>>>>>>>>> name
>>>>>>>>>>> which you should stick with until otherwise needed.  And,  
>>>>>>>>>>> if that day
>>>>>>>>>>> comes,
>>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>>>> opinion, for all
>>>>>>>>>>> the
>>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>>
>>>>>>>>>>> Thanks,
>>>>>>>>>>>
>>>>>>>>>>> Adam
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them  
>>>>>>>>>>>>>>>>> the names we
>>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post  
>>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>>> names.  Could you please forward them on so I can  
>>>>>>>>>>>>>>>> post them to
>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that  
>>>>>>>>>>>>>>> alcatraz is the
>>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the  
>>>>>>>>>>>>>>> 1.0
>>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>>>> Incubator PMC we can change the packages to be  
>>>>>>>>>>>>>>> jsecurity.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>>>> (because
>>>>>>>>>>>>>> it's
>>>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>>>> (with all the infos we have already found about it),  
>>>>>>>>>>>>>> and also ask
>>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>>>> here : add
>>>>>>>>>>>>>> some
>>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>>> geographical
>>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>>
>>>>>>>>>>>>> Legal is not a clearing house for project names.  They  
>>>>>>>>>>>>> can only
>>>>>>>>>>>>> give
>>>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.   
>>>>>>>>>>>>> So far as
>>>>>>>>>>>>> I
>>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>>
>>>>>>>>>>>>> What I'm worried about is that the vetting effort for  
>>>>>>>>>>>>> the JSecurity
>>>>>>>>>>>>> name will have the same track record as the v0.9  
>>>>>>>>>>>>> release.  If we
>>>>>>>>>>>>> start
>>>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>>>> incubation
>>>>>>>>>>>>> process.
>>>>>>>>>>>>
>>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some  
>>>>>>>>>>>> time to do
>>>>>>>>>>>> some
>>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>>> incubator).
>>>>>>>>>>>>
>>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> --
>>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>>> www.iktek.com
>>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> View this message in context:
>>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>>>> Nabble.com.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>>>> educational
>>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>>>> opinions
>>>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/ 
>>>>>>>> > for
>>>>>>>> official ASF policies and documents.
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>
>>>>>>>
>>>>>>> Craig L Russell
>>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>
>>>>> Craig L Russell
>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>> P.S. A good JDO? O, Gasp!
>>>>>
>>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>
>

Re: [VOTE] Change JSecurity's Name

[Tim Veil <tj...@gmail.com>]

I guess my take is that
JSecurity has been in the name of this project for nearly 4 years  
without compliant
JSecurity has name recognition and a following
The project of concern, "J-Security" is not a product at all but  
rather a " resource for security information and analysis."
J-Security's parent company Juniper is in the network hardware  
business not the Java application business
JSecurity is an open-source software project not a "product" we are  
looking to sell (not a competitor in any way to Juniper)

On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:

> Here's my take and I'm not intransigent on this.  I'll use a bit of  
> hyperbole to make my point.
>
> If some company who makes hand made woven baskets has had the name  
> JSecurity there would be no problem.  If that company decides to   
> market a program that trains people in basket weaving written in  
> java there would be no problem.
>
> However, other computer security companies have an earlier claim to  
> JSecurity.  If they decide the release a suite of java programs that  
> performs security analysis then there's overlap.
>
> Why would we want to live in the grey area anyway?  Am I  
> misunderstanding something?
>
> Regards,
> Alan
>
>
> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>
>> Agreed.
>>
>> I don't really understand what problem is being solved here.
>>
>> geir
>>
>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>
>>> -1 to changing the name at this time.
>>>
>>> I know my vote isn't binding, but I just want a record of it. At the
>>> moment, I think any potential causes of conflict, given that there  
>>> are
>>> NO trademark or patent conflicts, are dubious at best.
>>>
>>> Cheers,
>>>
>>> Les
>>>
>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>>> > wrote:
>>>> any more...
>>>>
>>>> ok, former board member. ;-)
>>>>
>>>> Craig
>>>>
>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>
>>>>> I'm not a board member. :)
>>>>>
>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>>> >
>>>>> wrote:
>>>>>>
>>>>>> -1 Do not change JSecurity's name
>>>>>>
>>>>>> We had the discussion in early December on the legal mailing  
>>>>>> list and no
>>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>>> only board
>>>>>> member who commented on the JSecurity name during the discussion.
>>>>>>
>>>>>> We will have at least three more votes where additional issues  
>>>>>> regarding
>>>>>> the
>>>>>> name can be brought up:
>>>>>>
>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>>> incubator
>>>>>> votes.
>>>>>>
>>>>>> Craig
>>>>>>
>>>>>>
>>>>>> Dear JSecurity Team,
>>>>>>
>>>>>> There has been lengthy debate without consensus as to whether or
>>>>>> JSecurity's
>>>>>> name should be changed to something else.  So, there is need  
>>>>>> for a vote.
>>>>>>
>>>>>> Please vote on changing JSecurity's name to something else.   
>>>>>> This is ONLY
>>>>>> a
>>>>>> vote of if we should change the name, NOT what any alternate  
>>>>>> name might
>>>>>> be.
>>>>>> I'd like to leave this vote open for 7 days instead of the  
>>>>>> usual 3 to
>>>>>> account for time that people may not be able to respond due to  
>>>>>> the
>>>>>> holidays.  Of course we can close the vote early if all binding  
>>>>>> votes are
>>>>>> accounted for prior to the 7 day limit.
>>>>>>
>>>>>> The vote is open for the next 7 days and only votes from the  
>>>>>> JSecurity
>>>>>> development team are binding.
>>>>>>
>>>>>> [ ] +1 Change JSecurity's name
>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>
>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>
>>>>>>> Given that it's a name you've been using for 4 years, and it's  
>>>>>>> very
>>>>>>> generic [jXxx being a common pattern in our space and Security  
>>>>>>> being
>>>>>>> very generic]; I'm inclined to keep the current name; though  
>>>>>>> by the
>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>>> very good
>>>>>>> branding.
>>>>>>>
>>>>>>> My tuppence of opinion.
>>>>>>>
>>>>>>> Hen
>>>>>>>
>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>> >
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi ASF legal team,
>>>>>>>>
>>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>>> concerning a
>>>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>>>> Incubator
>>>>>>>> project).
>>>>>>>>
>>>>>>>> A few of our mentors have expressed concern that there might  
>>>>>>>> be a
>>>>>>>> possible naming conflict with our project name (JSecurity)  
>>>>>>>> and some
>>>>>>>> other references found through google and other search  
>>>>>>>> mechanisms.
>>>>>>>>
>>>>>>>> I'd like to point out that the JSecurity name, as an open  
>>>>>>>> source
>>>>>>>> project identity has been around for almost 4 years now, with  
>>>>>>>> zero
>>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>>> proprietary
>>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>>> determining if
>>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>>> context of
>>>>>>>> why the original JSecurity developers (and our well-established
>>>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>>>> might be
>>>>>>>> older references to this name, unrelated to our project, but  
>>>>>>>> we don't
>>>>>>>> know for certain if they would constitute a risk in the name  
>>>>>>>> overlap.
>>>>>>>>
>>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>>> changed or
>>>>>>>> not.
>>>>>>>>
>>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>>> research:
>>>>>>>>
>>>>>>>> <snip>
>>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>>> references
>>>>>>>> to JSecurity :
>>>>>>>>
>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>>>>> conduct a full information security risk assessment focusing  
>>>>>>>> on:"
>>>>>>>>
>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>>> >
>>>>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>>>>> Juniper has a legal service who might perfectly well send  
>>>>>>>> some nicely
>>>>>>>> written "cease and desist" letter to the ASF about this name.  
>>>>>>>> Not sure
>>>>>>>> that our legals want to deal with that ...
>>>>>>>>
>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>>> >
>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>>> least)
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>
>>>>>>>>
>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>>> >
>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>
>>>>>>>> As much as I like the JSecurity name, I also think that we  
>>>>>>>> are un
>>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>>> main issue
>>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>>> already
>>>>>>>> know that there are company out there which already use this  
>>>>>>>> name.
>>>>>>>>
>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>>> information
>>>>>>>> as possible. When you guys think you have set your mind about  
>>>>>>>> this
>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>>> JSecurity or
>>>>>>>> any other) to double check that it's ok or not (IFAIK). That  
>>>>>>>> is one of
>>>>>>>> the condition to exit from the incubator :
>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>
>>>>>>>>
>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>
>>>>>>>>
>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>>> >).
>>>>>>>>
>>>>>>>> </snip>
>>>>>>>>
>>>>>>>> Thanks for your review and feedback!
>>>>>>>>
>>>>>>>> Best,
>>>>>>>>
>>>>>>>> Les
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>> >
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Adam,
>>>>>>>>>
>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>>> opinion.  I love
>>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>>> contribute to
>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>
>>>>>>>>> I am in total agreement with your sentiments thus far.  It  
>>>>>>>>> is my
>>>>>>>>> opinion that the name we have is great as it is and I'd only  
>>>>>>>>> like to
>>>>>>>>> change the name if someone from legal puts pressure on us to  
>>>>>>>>> do so.
>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>>> post this to
>>>>>>>>> legal in just a few minutes asking their feedback.  I'd like  
>>>>>>>>> to hear
>>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>>> genuinely
>>>>>>>>> curious :)
>>>>>>>>>
>>>>>>>>> Thanks again very much for chiming in.  Its nice to see that  
>>>>>>>>> you (and
>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>
>>>>>>>>> Best regards,
>>>>>>>>>
>>>>>>>>> Les
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com>  
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>>> (though I
>>>>>>>>>> hope to
>>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>>> attention, and
>>>>>>>>>> so I
>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>
>>>>>>>>>> I have an interest, call it a hobby, in name related issues  
>>>>>>>>>> for
>>>>>>>>>> software
>>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>>> from any
>>>>>>>>>> official
>>>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>>>> like to
>>>>>>>>>> point out
>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>
>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>>> has been
>>>>>>>>>> associated with other software products already.  So, this  
>>>>>>>>>> is bad
>>>>>>>>>> news
>>>>>>>>>> with
>>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>>> geographic
>>>>>>>>>> location
>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>>> these other
>>>>>>>>>> software products are going to have problems with any  
>>>>>>>>>> related use of
>>>>>>>>>> the
>>>>>>>>>> term Alcatraz.
>>>>>>>>>>
>>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>>> product is
>>>>>>>>>> used
>>>>>>>>>> to
>>>>>>>>>> keep people out of the protected system.  This is what the  
>>>>>>>>>> term
>>>>>>>>>> "security"
>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to  
>>>>>>>>>> keep
>>>>>>>>>> people
>>>>>>>>>> out,
>>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>>> related, and
>>>>>>>>>> even
>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>>> software
>>>>>>>>>> would be
>>>>>>>>>> a better name for a product which keeps workstation/network  
>>>>>>>>>> users
>>>>>>>>>> constrained in their internet use, like a firewall, or a  
>>>>>>>>>> web proxy,
>>>>>>>>>> for
>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>
>>>>>>>>>> Don't underestimate the importance of this point.  The name  
>>>>>>>>>> of a
>>>>>>>>>> software
>>>>>>>>>> should ideally be somewhat self describing, especially when  
>>>>>>>>>> starting
>>>>>>>>>> out.
>>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>>> describing name
>>>>>>>>>> can
>>>>>>>>>> make
>>>>>>>>>> a big difference.
>>>>>>>>>>
>>>>>>>>>> Third, I don't think you can underestimate how important it  
>>>>>>>>>> is that
>>>>>>>>>> people
>>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>>> Google (and
>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>>> unrelated
>>>>>>>>>> hits,
>>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>>> with the
>>>>>>>>>> name.
>>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>>> only known
>>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>>> hear the
>>>>>>>>>> name.
>>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>>> completely strange
>>>>>>>>>> and
>>>>>>>>>> nonsensical product names.
>>>>>>>>>>
>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>>> which again
>>>>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>>>>> Alkitraz?
>>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>>> (though
>>>>>>>>>> this
>>>>>>>>>> is a
>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>
>>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>>> something that
>>>>>>>>>> you
>>>>>>>>>> don't
>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>>> should be
>>>>>>>>>> consulted.
>>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>>> changing package
>>>>>>>>>> names
>>>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>>>> start
>>>>>>>>>> renaming
>>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>>> happen in
>>>>>>>>>> the
>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>
>>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>>> view, you
>>>>>>>>>> shouldn't
>>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>>> actually
>>>>>>>>>> required
>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has  
>>>>>>>>>> the Apache
>>>>>>>>>> council
>>>>>>>>>> suggested the change?  Are you being blocked by the  
>>>>>>>>>> incubation
>>>>>>>>>> process?
>>>>>>>>>> Why
>>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>>> could be
>>>>>>>>>> better
>>>>>>>>>> spent on other matters.
>>>>>>>>>>
>>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>>> Eclipse.  But,
>>>>>>>>>> that's
>>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>>> confusion,
>>>>>>>>>> support,
>>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>>> thought about
>>>>>>>>>> when
>>>>>>>>>> changing the name.
>>>>>>>>>>
>>>>>>>>>> Further, what if you decide to change the name to Alcatraz,  
>>>>>>>>>> and then
>>>>>>>>>> get
>>>>>>>>>> pressure from another software group?  Ouch, time to rename  
>>>>>>>>>> the
>>>>>>>>>> project
>>>>>>>>>> yet
>>>>>>>>>> again.
>>>>>>>>>>
>>>>>>>>>> I think you all are better just letting this thing ride until
>>>>>>>>>> something
>>>>>>>>>> real
>>>>>>>>>> convicting suggests you need a change.  JSecurity is a  
>>>>>>>>>> great product
>>>>>>>>>> name
>>>>>>>>>> which you should stick with until otherwise needed.  And,  
>>>>>>>>>> if that day
>>>>>>>>>> comes,
>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>>> opinion, for all
>>>>>>>>>> the
>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>>
>>>>>>>>>> Adam
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>
>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them  
>>>>>>>>>>>>>>>> the names we
>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>> names.  Could you please forward them on so I can post  
>>>>>>>>>>>>>>> them to
>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz  
>>>>>>>>>>>>>> is the
>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the  
>>>>>>>>>>>>>> 1.0
>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>>> (because
>>>>>>>>>>>>> it's
>>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>
>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>>> (with all the infos we have already found about it), and  
>>>>>>>>>>>>> also ask
>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>>> here : add
>>>>>>>>>>>>> some
>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>> geographical
>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>
>>>>>>>>>>>> Legal is not a clearing house for project names.  They  
>>>>>>>>>>>> can only
>>>>>>>>>>>> give
>>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.   
>>>>>>>>>>>> So far as
>>>>>>>>>>>> I
>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> What I'm worried about is that the vetting effort for the  
>>>>>>>>>>>> JSecurity
>>>>>>>>>>>> name will have the same track record as the v0.9  
>>>>>>>>>>>> release.  If we
>>>>>>>>>>>> start
>>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>>> incubation
>>>>>>>>>>>> process.
>>>>>>>>>>>
>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some  
>>>>>>>>>>> time to do
>>>>>>>>>>> some
>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>> incubator).
>>>>>>>>>>>
>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> --
>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>> www.iktek.com
>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> View this message in context:
>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>>> Nabble.com.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>>> educational
>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>>> opinions
>>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/ 
>>>>>>> > for
>>>>>>> official ASF policies and documents.
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>
>>>>>> Craig L Russell
>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>
>>>>
>>>> Craig L Russell
>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>> P.S. A good JDO? O, Gasp!
>>>>
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>

Re: [VOTE] Change JSecurity's Name

[Tim Veil <tj...@gmail.com>]

I guess my take is that
JSecurity has been in the name of this project for nearly 4 years  
without compliant
JSecurity has name recognition and a following
The project of concern, "J-Security" is not a product at all but  
rather a " resource for security information and analysis."
J-Security's parent company Juniper is in the network hardware  
business not the Java application business
JSecurity is an open-source software project not a "product" we are  
looking to sell (not a competitor in any way to Juniper)

On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:

> Here's my take and I'm not intransigent on this.  I'll use a bit of  
> hyperbole to make my point.
>
> If some company who makes hand made woven baskets has had the name  
> JSecurity there would be no problem.  If that company decides to   
> market a program that trains people in basket weaving written in  
> java there would be no problem.
>
> However, other computer security companies have an earlier claim to  
> JSecurity.  If they decide the release a suite of java programs that  
> performs security analysis then there's overlap.
>
> Why would we want to live in the grey area anyway?  Am I  
> misunderstanding something?
>
> Regards,
> Alan
>
>
> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>
>> Agreed.
>>
>> I don't really understand what problem is being solved here.
>>
>> geir
>>
>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>
>>> -1 to changing the name at this time.
>>>
>>> I know my vote isn't binding, but I just want a record of it. At the
>>> moment, I think any potential causes of conflict, given that there  
>>> are
>>> NO trademark or patent conflicts, are dubious at best.
>>>
>>> Cheers,
>>>
>>> Les
>>>
>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>>> > wrote:
>>>> any more...
>>>>
>>>> ok, former board member. ;-)
>>>>
>>>> Craig
>>>>
>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>
>>>>> I'm not a board member. :)
>>>>>
>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>>> >
>>>>> wrote:
>>>>>>
>>>>>> -1 Do not change JSecurity's name
>>>>>>
>>>>>> We had the discussion in early December on the legal mailing  
>>>>>> list and no
>>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>>> only board
>>>>>> member who commented on the JSecurity name during the discussion.
>>>>>>
>>>>>> We will have at least three more votes where additional issues  
>>>>>> regarding
>>>>>> the
>>>>>> name can be brought up:
>>>>>>
>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>>> incubator
>>>>>> votes.
>>>>>>
>>>>>> Craig
>>>>>>
>>>>>>
>>>>>> Dear JSecurity Team,
>>>>>>
>>>>>> There has been lengthy debate without consensus as to whether or
>>>>>> JSecurity's
>>>>>> name should be changed to something else.  So, there is need  
>>>>>> for a vote.
>>>>>>
>>>>>> Please vote on changing JSecurity's name to something else.   
>>>>>> This is ONLY
>>>>>> a
>>>>>> vote of if we should change the name, NOT what any alternate  
>>>>>> name might
>>>>>> be.
>>>>>> I'd like to leave this vote open for 7 days instead of the  
>>>>>> usual 3 to
>>>>>> account for time that people may not be able to respond due to  
>>>>>> the
>>>>>> holidays.  Of course we can close the vote early if all binding  
>>>>>> votes are
>>>>>> accounted for prior to the 7 day limit.
>>>>>>
>>>>>> The vote is open for the next 7 days and only votes from the  
>>>>>> JSecurity
>>>>>> development team are binding.
>>>>>>
>>>>>> [ ] +1 Change JSecurity's name
>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>
>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>
>>>>>>> Given that it's a name you've been using for 4 years, and it's  
>>>>>>> very
>>>>>>> generic [jXxx being a common pattern in our space and Security  
>>>>>>> being
>>>>>>> very generic]; I'm inclined to keep the current name; though  
>>>>>>> by the
>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>>> very good
>>>>>>> branding.
>>>>>>>
>>>>>>> My tuppence of opinion.
>>>>>>>
>>>>>>> Hen
>>>>>>>
>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>> >
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi ASF legal team,
>>>>>>>>
>>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>>> concerning a
>>>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>>>> Incubator
>>>>>>>> project).
>>>>>>>>
>>>>>>>> A few of our mentors have expressed concern that there might  
>>>>>>>> be a
>>>>>>>> possible naming conflict with our project name (JSecurity)  
>>>>>>>> and some
>>>>>>>> other references found through google and other search  
>>>>>>>> mechanisms.
>>>>>>>>
>>>>>>>> I'd like to point out that the JSecurity name, as an open  
>>>>>>>> source
>>>>>>>> project identity has been around for almost 4 years now, with  
>>>>>>>> zero
>>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>>> proprietary
>>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>>> determining if
>>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>>> context of
>>>>>>>> why the original JSecurity developers (and our well-established
>>>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>>>> might be
>>>>>>>> older references to this name, unrelated to our project, but  
>>>>>>>> we don't
>>>>>>>> know for certain if they would constitute a risk in the name  
>>>>>>>> overlap.
>>>>>>>>
>>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>>> changed or
>>>>>>>> not.
>>>>>>>>
>>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>>> research:
>>>>>>>>
>>>>>>>> <snip>
>>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>>> references
>>>>>>>> to JSecurity :
>>>>>>>>
>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>>>>> conduct a full information security risk assessment focusing  
>>>>>>>> on:"
>>>>>>>>
>>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>>> >
>>>>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>>>>> Juniper has a legal service who might perfectly well send  
>>>>>>>> some nicely
>>>>>>>> written "cease and desist" letter to the ASF about this name.  
>>>>>>>> Not sure
>>>>>>>> that our legals want to deal with that ...
>>>>>>>>
>>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>>> >
>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>>> least)
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>>
>>>>>>>>
>>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>>> >
>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>
>>>>>>>> As much as I like the JSecurity name, I also think that we  
>>>>>>>> are un
>>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>>> main issue
>>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>>> already
>>>>>>>> know that there are company out there which already use this  
>>>>>>>> name.
>>>>>>>>
>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>>> information
>>>>>>>> as possible. When you guys think you have set your mind about  
>>>>>>>> this
>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>>> JSecurity or
>>>>>>>> any other) to double check that it's ok or not (IFAIK). That  
>>>>>>>> is one of
>>>>>>>> the condition to exit from the incubator :
>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>
>>>>>>>>
>>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>>
>>>>>>>>
>>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>>> >).
>>>>>>>>
>>>>>>>> </snip>
>>>>>>>>
>>>>>>>> Thanks for your review and feedback!
>>>>>>>>
>>>>>>>> Best,
>>>>>>>>
>>>>>>>> Les
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>>> >
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Adam,
>>>>>>>>>
>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>>> opinion.  I love
>>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>>> contribute to
>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>
>>>>>>>>> I am in total agreement with your sentiments thus far.  It  
>>>>>>>>> is my
>>>>>>>>> opinion that the name we have is great as it is and I'd only  
>>>>>>>>> like to
>>>>>>>>> change the name if someone from legal puts pressure on us to  
>>>>>>>>> do so.
>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>>> post this to
>>>>>>>>> legal in just a few minutes asking their feedback.  I'd like  
>>>>>>>>> to hear
>>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>>> genuinely
>>>>>>>>> curious :)
>>>>>>>>>
>>>>>>>>> Thanks again very much for chiming in.  Its nice to see that  
>>>>>>>>> you (and
>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>
>>>>>>>>> Best regards,
>>>>>>>>>
>>>>>>>>> Les
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com>  
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>>> (though I
>>>>>>>>>> hope to
>>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>>> attention, and
>>>>>>>>>> so I
>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>
>>>>>>>>>> I have an interest, call it a hobby, in name related issues  
>>>>>>>>>> for
>>>>>>>>>> software
>>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>>> from any
>>>>>>>>>> official
>>>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>>>> like to
>>>>>>>>>> point out
>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>
>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>>> has been
>>>>>>>>>> associated with other software products already.  So, this  
>>>>>>>>>> is bad
>>>>>>>>>> news
>>>>>>>>>> with
>>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>>> geographic
>>>>>>>>>> location
>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>>> these other
>>>>>>>>>> software products are going to have problems with any  
>>>>>>>>>> related use of
>>>>>>>>>> the
>>>>>>>>>> term Alcatraz.
>>>>>>>>>>
>>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>>> product is
>>>>>>>>>> used
>>>>>>>>>> to
>>>>>>>>>> keep people out of the protected system.  This is what the  
>>>>>>>>>> term
>>>>>>>>>> "security"
>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to  
>>>>>>>>>> keep
>>>>>>>>>> people
>>>>>>>>>> out,
>>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>>> related, and
>>>>>>>>>> even
>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>>> software
>>>>>>>>>> would be
>>>>>>>>>> a better name for a product which keeps workstation/network  
>>>>>>>>>> users
>>>>>>>>>> constrained in their internet use, like a firewall, or a  
>>>>>>>>>> web proxy,
>>>>>>>>>> for
>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>
>>>>>>>>>> Don't underestimate the importance of this point.  The name  
>>>>>>>>>> of a
>>>>>>>>>> software
>>>>>>>>>> should ideally be somewhat self describing, especially when  
>>>>>>>>>> starting
>>>>>>>>>> out.
>>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>>> describing name
>>>>>>>>>> can
>>>>>>>>>> make
>>>>>>>>>> a big difference.
>>>>>>>>>>
>>>>>>>>>> Third, I don't think you can underestimate how important it  
>>>>>>>>>> is that
>>>>>>>>>> people
>>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>>> Google (and
>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>>> unrelated
>>>>>>>>>> hits,
>>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>>> with the
>>>>>>>>>> name.
>>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>>> only known
>>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>>> hear the
>>>>>>>>>> name.
>>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>>> completely strange
>>>>>>>>>> and
>>>>>>>>>> nonsensical product names.
>>>>>>>>>>
>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>>> which again
>>>>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>>>>> Alkitraz?
>>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>>> (though
>>>>>>>>>> this
>>>>>>>>>> is a
>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>
>>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>>> something that
>>>>>>>>>> you
>>>>>>>>>> don't
>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>>> should be
>>>>>>>>>> consulted.
>>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>>> changing package
>>>>>>>>>> names
>>>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>>>> start
>>>>>>>>>> renaming
>>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>>> happen in
>>>>>>>>>> the
>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>
>>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>>> view, you
>>>>>>>>>> shouldn't
>>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>>> actually
>>>>>>>>>> required
>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has  
>>>>>>>>>> the Apache
>>>>>>>>>> council
>>>>>>>>>> suggested the change?  Are you being blocked by the  
>>>>>>>>>> incubation
>>>>>>>>>> process?
>>>>>>>>>> Why
>>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>>> could be
>>>>>>>>>> better
>>>>>>>>>> spent on other matters.
>>>>>>>>>>
>>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>>> Eclipse.  But,
>>>>>>>>>> that's
>>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>>> confusion,
>>>>>>>>>> support,
>>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>>> thought about
>>>>>>>>>> when
>>>>>>>>>> changing the name.
>>>>>>>>>>
>>>>>>>>>> Further, what if you decide to change the name to Alcatraz,  
>>>>>>>>>> and then
>>>>>>>>>> get
>>>>>>>>>> pressure from another software group?  Ouch, time to rename  
>>>>>>>>>> the
>>>>>>>>>> project
>>>>>>>>>> yet
>>>>>>>>>> again.
>>>>>>>>>>
>>>>>>>>>> I think you all are better just letting this thing ride until
>>>>>>>>>> something
>>>>>>>>>> real
>>>>>>>>>> convicting suggests you need a change.  JSecurity is a  
>>>>>>>>>> great product
>>>>>>>>>> name
>>>>>>>>>> which you should stick with until otherwise needed.  And,  
>>>>>>>>>> if that day
>>>>>>>>>> comes,
>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>>> opinion, for all
>>>>>>>>>> the
>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>>
>>>>>>>>>> Adam
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>
>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them  
>>>>>>>>>>>>>>>> the names we
>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>> names.  Could you please forward them on so I can post  
>>>>>>>>>>>>>>> them to
>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz  
>>>>>>>>>>>>>> is the
>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the  
>>>>>>>>>>>>>> 1.0
>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>>> (because
>>>>>>>>>>>>> it's
>>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>
>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>>> (with all the infos we have already found about it), and  
>>>>>>>>>>>>> also ask
>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>>> here : add
>>>>>>>>>>>>> some
>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>> geographical
>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>
>>>>>>>>>>>> Legal is not a clearing house for project names.  They  
>>>>>>>>>>>> can only
>>>>>>>>>>>> give
>>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.   
>>>>>>>>>>>> So far as
>>>>>>>>>>>> I
>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> What I'm worried about is that the vetting effort for the  
>>>>>>>>>>>> JSecurity
>>>>>>>>>>>> name will have the same track record as the v0.9  
>>>>>>>>>>>> release.  If we
>>>>>>>>>>>> start
>>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>>> incubation
>>>>>>>>>>>> process.
>>>>>>>>>>>
>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some  
>>>>>>>>>>> time to do
>>>>>>>>>>> some
>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>> incubator).
>>>>>>>>>>>
>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> --
>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>>> www.iktek.com
>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> View this message in context:
>>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>>> Nabble.com.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>>> educational
>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>>> opinions
>>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/ 
>>>>>>> > for
>>>>>>> official ASF policies and documents.
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>
>>>>>> Craig L Russell
>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>
>>>>
>>>> Craig L Russell
>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>> P.S. A good JDO? O, Gasp!
>>>>
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

Here's my take and I'm not intransigent on this.  I'll use a bit of  
hyperbole to make my point.

If some company who makes hand made woven baskets has had the name  
JSecurity there would be no problem.  If that company decides to   
market a program that trains people in basket weaving written in java  
there would be no problem.

However, other computer security companies have an earlier claim to  
JSecurity.  If they decide the release a suite of java programs that  
performs security analysis then there's overlap.

Why would we want to live in the grey area anyway?  Am I  
misunderstanding something?

Regards,
Alan


On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:

> Agreed.
>
> I don't really understand what problem is being solved here.
>
> geir
>
> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>
>> -1 to changing the name at this time.
>>
>> I know my vote isn't binding, but I just want a record of it. At the
>> moment, I think any potential causes of conflict, given that there  
>> are
>> NO trademark or patent conflicts, are dubious at best.
>>
>> Cheers,
>>
>> Les
>>
>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>> > wrote:
>>> any more...
>>>
>>> ok, former board member. ;-)
>>>
>>> Craig
>>>
>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>
>>>> I'm not a board member. :)
>>>>
>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>> >
>>>> wrote:
>>>>>
>>>>> -1 Do not change JSecurity's name
>>>>>
>>>>> We had the discussion in early December on the legal mailing  
>>>>> list and no
>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>> only board
>>>>> member who commented on the JSecurity name during the discussion.
>>>>>
>>>>> We will have at least three more votes where additional issues  
>>>>> regarding
>>>>> the
>>>>> name can be brought up:
>>>>>
>>>>> 1. The first release of JSecurity code from the incubator.
>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>> incubator
>>>>> votes.
>>>>>
>>>>> Craig
>>>>>
>>>>>
>>>>> Dear JSecurity Team,
>>>>>
>>>>> There has been lengthy debate without consensus as to whether or
>>>>> JSecurity's
>>>>> name should be changed to something else.  So, there is need for  
>>>>> a vote.
>>>>>
>>>>> Please vote on changing JSecurity's name to something else.   
>>>>> This is ONLY
>>>>> a
>>>>> vote of if we should change the name, NOT what any alternate  
>>>>> name might
>>>>> be.
>>>>> I'd like to leave this vote open for 7 days instead of the usual  
>>>>> 3 to
>>>>> account for time that people may not be able to respond due to the
>>>>> holidays.  Of course we can close the vote early if all binding  
>>>>> votes are
>>>>> accounted for prior to the 7 day limit.
>>>>>
>>>>> The vote is open for the next 7 days and only votes from the  
>>>>> JSecurity
>>>>> development team are binding.
>>>>>
>>>>> [ ] +1 Change JSecurity's name
>>>>> [ ] -1 Do not change JSecurity's name
>>>>>
>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>
>>>>>> Given that it's a name you've been using for 4 years, and it's  
>>>>>> very
>>>>>> generic [jXxx being a common pattern in our space and Security  
>>>>>> being
>>>>>> very generic]; I'm inclined to keep the current name; though by  
>>>>>> the
>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>> very good
>>>>>> branding.
>>>>>>
>>>>>> My tuppence of opinion.
>>>>>>
>>>>>> Hen
>>>>>>
>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>> >
>>>>>> wrote:
>>>>>>>
>>>>>>> Hi ASF legal team,
>>>>>>>
>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>> concerning a
>>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>>> Incubator
>>>>>>> project).
>>>>>>>
>>>>>>> A few of our mentors have expressed concern that there might  
>>>>>>> be a
>>>>>>> possible naming conflict with our project name (JSecurity) and  
>>>>>>> some
>>>>>>> other references found through google and other search  
>>>>>>> mechanisms.
>>>>>>>
>>>>>>> I'd like to point out that the JSecurity name, as an open source
>>>>>>> project identity has been around for almost 4 years now, with  
>>>>>>> zero
>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>> proprietary
>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>> determining if
>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>> context of
>>>>>>> why the original JSecurity developers (and our well-established
>>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>>> might be
>>>>>>> older references to this name, unrelated to our project, but  
>>>>>>> we don't
>>>>>>> know for certain if they would constitute a risk in the name  
>>>>>>> overlap.
>>>>>>>
>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>> changed or
>>>>>>> not.
>>>>>>>
>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>> research:
>>>>>>>
>>>>>>> <snip>
>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>> references
>>>>>>> to JSecurity :
>>>>>>>
>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>>>> conduct a full information security risk assessment focusing  
>>>>>>> on:"
>>>>>>>
>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>> >
>>>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>>>> Juniper has a legal service who might perfectly well send some  
>>>>>>> nicely
>>>>>>> written "cease and desist" letter to the ASF about this name.  
>>>>>>> Not sure
>>>>>>> that our legals want to deal with that ...
>>>>>>>
>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>> >
>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>> least)
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>
>>>>>>>
>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>> >
>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>
>>>>>>> As much as I like the JSecurity name, I also think that we are  
>>>>>>> un
>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>> main issue
>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>> already
>>>>>>> know that there are company out there which already use this  
>>>>>>> name.
>>>>>>>
>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>> information
>>>>>>> as possible. When you guys think you have set your mind about  
>>>>>>> this
>>>>>>> name, you will have to go to legal@apache.org
>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>> JSecurity or
>>>>>>> any other) to double check that it's ok or not (IFAIK). That  
>>>>>>> is one of
>>>>>>> the condition to exit from the incubator :
>>>>>>> "Check of project name for trademark issues "
>>>>>>>
>>>>>>>
>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>
>>>>>>>
>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>> >).
>>>>>>>
>>>>>>> </snip>
>>>>>>>
>>>>>>> Thanks for your review and feedback!
>>>>>>>
>>>>>>> Best,
>>>>>>>
>>>>>>> Les
>>>>>>>
>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>> >
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Adam,
>>>>>>>>
>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>> opinion.  I love
>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>> contribute to
>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>
>>>>>>>> I am in total agreement with your sentiments thus far.  It is  
>>>>>>>> my
>>>>>>>> opinion that the name we have is great as it is and I'd only  
>>>>>>>> like to
>>>>>>>> change the name if someone from legal puts pressure on us to  
>>>>>>>> do so.
>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>> post this to
>>>>>>>> legal in just a few minutes asking their feedback.  I'd like  
>>>>>>>> to hear
>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>> genuinely
>>>>>>>> curious :)
>>>>>>>>
>>>>>>>> Thanks again very much for chiming in.  Its nice to see that  
>>>>>>>> you (and
>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>
>>>>>>>> Best regards,
>>>>>>>>
>>>>>>>> Les
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com>  
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>> (though I
>>>>>>>>> hope to
>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>> attention, and
>>>>>>>>> so I
>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>
>>>>>>>>> I have an interest, call it a hobby, in name related issues  
>>>>>>>>> for
>>>>>>>>> software
>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>> from any
>>>>>>>>> official
>>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>>> like to
>>>>>>>>> point out
>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>
>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>> has been
>>>>>>>>> associated with other software products already.  So, this  
>>>>>>>>> is bad
>>>>>>>>> news
>>>>>>>>> with
>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>> geographic
>>>>>>>>> location
>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>> these other
>>>>>>>>> software products are going to have problems with any  
>>>>>>>>> related use of
>>>>>>>>> the
>>>>>>>>> term Alcatraz.
>>>>>>>>>
>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>> product is
>>>>>>>>> used
>>>>>>>>> to
>>>>>>>>> keep people out of the protected system.  This is what the  
>>>>>>>>> term
>>>>>>>>> "security"
>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to  
>>>>>>>>> keep
>>>>>>>>> people
>>>>>>>>> out,
>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>> related, and
>>>>>>>>> even
>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>> software
>>>>>>>>> would be
>>>>>>>>> a better name for a product which keeps workstation/network  
>>>>>>>>> users
>>>>>>>>> constrained in their internet use, like a firewall, or a web  
>>>>>>>>> proxy,
>>>>>>>>> for
>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>
>>>>>>>>> Don't underestimate the importance of this point.  The name  
>>>>>>>>> of a
>>>>>>>>> software
>>>>>>>>> should ideally be somewhat self describing, especially when  
>>>>>>>>> starting
>>>>>>>>> out.
>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>> describing name
>>>>>>>>> can
>>>>>>>>> make
>>>>>>>>> a big difference.
>>>>>>>>>
>>>>>>>>> Third, I don't think you can underestimate how important it  
>>>>>>>>> is that
>>>>>>>>> people
>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>> Google (and
>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>> unrelated
>>>>>>>>> hits,
>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>> with the
>>>>>>>>> name.
>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>> only known
>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>> hear the
>>>>>>>>> name.
>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>> completely strange
>>>>>>>>> and
>>>>>>>>> nonsensical product names.
>>>>>>>>>
>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>> which again
>>>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>>>> Alkitraz?
>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>> (though
>>>>>>>>> this
>>>>>>>>> is a
>>>>>>>>> minor point, admittedly).
>>>>>>>>>
>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>> something that
>>>>>>>>> you
>>>>>>>>> don't
>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>> should be
>>>>>>>>> consulted.
>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>> changing package
>>>>>>>>> names
>>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>>> start
>>>>>>>>> renaming
>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>> happen in
>>>>>>>>> the
>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>
>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>> view, you
>>>>>>>>> shouldn't
>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>> actually
>>>>>>>>> required
>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has the  
>>>>>>>>> Apache
>>>>>>>>> council
>>>>>>>>> suggested the change?  Are you being blocked by the incubation
>>>>>>>>> process?
>>>>>>>>> Why
>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>> could be
>>>>>>>>> better
>>>>>>>>> spent on other matters.
>>>>>>>>>
>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>> Eclipse.  But,
>>>>>>>>> that's
>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>> confusion,
>>>>>>>>> support,
>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>> thought about
>>>>>>>>> when
>>>>>>>>> changing the name.
>>>>>>>>>
>>>>>>>>> Further, what if you decide to change the name to Alcatraz,  
>>>>>>>>> and then
>>>>>>>>> get
>>>>>>>>> pressure from another software group?  Ouch, time to rename  
>>>>>>>>> the
>>>>>>>>> project
>>>>>>>>> yet
>>>>>>>>> again.
>>>>>>>>>
>>>>>>>>> I think you all are better just letting this thing ride until
>>>>>>>>> something
>>>>>>>>> real
>>>>>>>>> convicting suggests you need a change.  JSecurity is a great  
>>>>>>>>> product
>>>>>>>>> name
>>>>>>>>> which you should stick with until otherwise needed.  And, if  
>>>>>>>>> that day
>>>>>>>>> comes,
>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>> opinion, for all
>>>>>>>>> the
>>>>>>>>> reasons mentioned above.
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>>
>>>>>>>>> Adam
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>
>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>
>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the  
>>>>>>>>>>>>>>> names we
>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>> names.  Could you please forward them on so I can post  
>>>>>>>>>>>>>> them to
>>>>>>>>>>>>>> the
>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>
>>>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz  
>>>>>>>>>>>>> is the
>>>>>>>>>>>>> clear
>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
>>>>>>>>>>>>> packages
>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>>>
>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>> (because
>>>>>>>>>>>> it's
>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>
>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>> (with all the infos we have already found about it), and  
>>>>>>>>>>>> also ask
>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>> here : add
>>>>>>>>>>>> some
>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>> geographical
>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>
>>>>>>>>>>> Legal is not a clearing house for project names.  They can  
>>>>>>>>>>> only
>>>>>>>>>>> give
>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.   
>>>>>>>>>>> So far as
>>>>>>>>>>> I
>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> What I'm worried about is that the vetting effort for the  
>>>>>>>>>>> JSecurity
>>>>>>>>>>> name will have the same track record as the v0.9 release.   
>>>>>>>>>>> If we
>>>>>>>>>>> start
>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>> incubation
>>>>>>>>>>> process.
>>>>>>>>>>
>>>>>>>>>> Let's start with Alcratraz then, and we have quit some time  
>>>>>>>>>> to do
>>>>>>>>>> some
>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>> incubator).
>>>>>>>>>>
>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> --
>>>>>>>>>> cordialement, regards,
>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>> www.iktek.com
>>>>>>>>>> directory.apache.org
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> View this message in context:
>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>> Nabble.com.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>> educational
>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>> opinions
>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/>  
>>>>>> for
>>>>>> official ASF policies and documents.
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>
>>>>> Craig L Russell
>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>> P.S. A good JDO? O, Gasp!
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>
>>> Craig L Russell
>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>> P.S. A good JDO? O, Gasp!
>>>
>>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

Re: [VOTE] Change JSecurity's Name

["Alan D. Cabrera" <li...@toolazydogs.com>]

Here's my take and I'm not intransigent on this.  I'll use a bit of  
hyperbole to make my point.

If some company who makes hand made woven baskets has had the name  
JSecurity there would be no problem.  If that company decides to   
market a program that trains people in basket weaving written in java  
there would be no problem.

However, other computer security companies have an earlier claim to  
JSecurity.  If they decide the release a suite of java programs that  
performs security analysis then there's overlap.

Why would we want to live in the grey area anyway?  Am I  
misunderstanding something?

Regards,
Alan


On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:

> Agreed.
>
> I don't really understand what problem is being solved here.
>
> geir
>
> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>
>> -1 to changing the name at this time.
>>
>> I know my vote isn't binding, but I just want a record of it. At the
>> moment, I think any potential causes of conflict, given that there  
>> are
>> NO trademark or patent conflicts, are dubious at best.
>>
>> Cheers,
>>
>> Les
>>
>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Craig.Russell@sun.com 
>> > wrote:
>>> any more...
>>>
>>> ok, former board member. ;-)
>>>
>>> Craig
>>>
>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>
>>>> I'm not a board member. :)
>>>>
>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>>> >
>>>> wrote:
>>>>>
>>>>> -1 Do not change JSecurity's name
>>>>>
>>>>> We had the discussion in early December on the legal mailing  
>>>>> list and no
>>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>>> only board
>>>>> member who commented on the JSecurity name during the discussion.
>>>>>
>>>>> We will have at least three more votes where additional issues  
>>>>> regarding
>>>>> the
>>>>> name can be brought up:
>>>>>
>>>>> 1. The first release of JSecurity code from the incubator.
>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>>> incubator
>>>>> votes.
>>>>>
>>>>> Craig
>>>>>
>>>>>
>>>>> Dear JSecurity Team,
>>>>>
>>>>> There has been lengthy debate without consensus as to whether or
>>>>> JSecurity's
>>>>> name should be changed to something else.  So, there is need for  
>>>>> a vote.
>>>>>
>>>>> Please vote on changing JSecurity's name to something else.   
>>>>> This is ONLY
>>>>> a
>>>>> vote of if we should change the name, NOT what any alternate  
>>>>> name might
>>>>> be.
>>>>> I'd like to leave this vote open for 7 days instead of the usual  
>>>>> 3 to
>>>>> account for time that people may not be able to respond due to the
>>>>> holidays.  Of course we can close the vote early if all binding  
>>>>> votes are
>>>>> accounted for prior to the 7 day limit.
>>>>>
>>>>> The vote is open for the next 7 days and only votes from the  
>>>>> JSecurity
>>>>> development team are binding.
>>>>>
>>>>> [ ] +1 Change JSecurity's name
>>>>> [ ] -1 Do not change JSecurity's name
>>>>>
>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>
>>>>>> Given that it's a name you've been using for 4 years, and it's  
>>>>>> very
>>>>>> generic [jXxx being a common pattern in our space and Security  
>>>>>> being
>>>>>> very generic]; I'm inclined to keep the current name; though by  
>>>>>> the
>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>>> very good
>>>>>> branding.
>>>>>>
>>>>>> My tuppence of opinion.
>>>>>>
>>>>>> Hen
>>>>>>
>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>> >
>>>>>> wrote:
>>>>>>>
>>>>>>> Hi ASF legal team,
>>>>>>>
>>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>>> concerning a
>>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>>> Incubator
>>>>>>> project).
>>>>>>>
>>>>>>> A few of our mentors have expressed concern that there might  
>>>>>>> be a
>>>>>>> possible naming conflict with our project name (JSecurity) and  
>>>>>>> some
>>>>>>> other references found through google and other search  
>>>>>>> mechanisms.
>>>>>>>
>>>>>>> I'd like to point out that the JSecurity name, as an open source
>>>>>>> project identity has been around for almost 4 years now, with  
>>>>>>> zero
>>>>>>> contact from any external entity claiming conflict with a  
>>>>>>> proprietary
>>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>>> determining if
>>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>>> context of
>>>>>>> why the original JSecurity developers (and our well-established
>>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>>> might be
>>>>>>> older references to this name, unrelated to our project, but  
>>>>>>> we don't
>>>>>>> know for certain if they would constitute a risk in the name  
>>>>>>> overlap.
>>>>>>>
>>>>>>> We'd like some feedback as to if the project name should be  
>>>>>>> changed or
>>>>>>> not.
>>>>>>>
>>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>>> research:
>>>>>>>
>>>>>>> <snip>
>>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>>> references
>>>>>>> to JSecurity :
>>>>>>>
>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>>>> conduct a full information security risk assessment focusing  
>>>>>>> on:"
>>>>>>>
>>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>>> >
>>>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>>>> Juniper has a legal service who might perfectly well send some  
>>>>>>> nicely
>>>>>>> written "cease and desist" letter to the ASF about this name.  
>>>>>>> Not sure
>>>>>>> that our legals want to deal with that ...
>>>>>>>
>>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>>> >
>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>>> least)
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>>
>>>>>>>
>>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>>> >
>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>
>>>>>>> As much as I like the JSecurity name, I also think that we are  
>>>>>>> un
>>>>>>> potential jeopardy if we don't change its name. That's the  
>>>>>>> main issue
>>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>>> already
>>>>>>> know that there are company out there which already use this  
>>>>>>> name.
>>>>>>>
>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>>> information
>>>>>>> as possible. When you guys think you have set your mind about  
>>>>>>> this
>>>>>>> name, you will have to go to legal@apache.org
>>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>>> JSecurity or
>>>>>>> any other) to double check that it's ok or not (IFAIK). That  
>>>>>>> is one of
>>>>>>> the condition to exit from the incubator :
>>>>>>> "Check of project name for trademark issues "
>>>>>>>
>>>>>>>
>>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>>
>>>>>>>
>>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>>> >).
>>>>>>>
>>>>>>> </snip>
>>>>>>>
>>>>>>> Thanks for your review and feedback!
>>>>>>>
>>>>>>> Best,
>>>>>>>
>>>>>>> Les
>>>>>>>
>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>>> >
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Adam,
>>>>>>>>
>>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>>> opinion.  I love
>>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>>> contribute to
>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>
>>>>>>>> I am in total agreement with your sentiments thus far.  It is  
>>>>>>>> my
>>>>>>>> opinion that the name we have is great as it is and I'd only  
>>>>>>>> like to
>>>>>>>> change the name if someone from legal puts pressure on us to  
>>>>>>>> do so.
>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to  
>>>>>>>> post this to
>>>>>>>> legal in just a few minutes asking their feedback.  I'd like  
>>>>>>>> to hear
>>>>>>>> what they say regardless of what we end up doing - I'm  
>>>>>>>> genuinely
>>>>>>>> curious :)
>>>>>>>>
>>>>>>>> Thanks again very much for chiming in.  Its nice to see that  
>>>>>>>> you (and
>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>
>>>>>>>> Best regards,
>>>>>>>>
>>>>>>>> Les
>>>>>>>>
>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com>  
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>>> (though I
>>>>>>>>> hope to
>>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>>> attention, and
>>>>>>>>> so I
>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>
>>>>>>>>> I have an interest, call it a hobby, in name related issues  
>>>>>>>>> for
>>>>>>>>> software
>>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>>> from any
>>>>>>>>> official
>>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>>> like to
>>>>>>>>> point out
>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>
>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz  
>>>>>>>>> has been
>>>>>>>>> associated with other software products already.  So, this  
>>>>>>>>> is bad
>>>>>>>>> news
>>>>>>>>> with
>>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>>> geographic
>>>>>>>>> location
>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>>> these other
>>>>>>>>> software products are going to have problems with any  
>>>>>>>>> related use of
>>>>>>>>> the
>>>>>>>>> term Alcatraz.
>>>>>>>>>
>>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>>> product is
>>>>>>>>> used
>>>>>>>>> to
>>>>>>>>> keep people out of the protected system.  This is what the  
>>>>>>>>> term
>>>>>>>>> "security"
>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to  
>>>>>>>>> keep
>>>>>>>>> people
>>>>>>>>> out,
>>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>>> related, and
>>>>>>>>> even
>>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>>> software
>>>>>>>>> would be
>>>>>>>>> a better name for a product which keeps workstation/network  
>>>>>>>>> users
>>>>>>>>> constrained in their internet use, like a firewall, or a web  
>>>>>>>>> proxy,
>>>>>>>>> for
>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>
>>>>>>>>> Don't underestimate the importance of this point.  The name  
>>>>>>>>> of a
>>>>>>>>> software
>>>>>>>>> should ideally be somewhat self describing, especially when  
>>>>>>>>> starting
>>>>>>>>> out.
>>>>>>>>> Until the name becomes a core brand, having a self  
>>>>>>>>> describing name
>>>>>>>>> can
>>>>>>>>> make
>>>>>>>>> a big difference.
>>>>>>>>>
>>>>>>>>> Third, I don't think you can underestimate how important it  
>>>>>>>>> is that
>>>>>>>>> people
>>>>>>>>> can search the name of your product and find it through  
>>>>>>>>> Google (and
>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>>> unrelated
>>>>>>>>> hits,
>>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>>> with the
>>>>>>>>> name.
>>>>>>>>> Much better to have a name for your software that is the  
>>>>>>>>> only known
>>>>>>>>> reference so that people can easily find you after having  
>>>>>>>>> hear the
>>>>>>>>> name.
>>>>>>>>> This is why so many companies go crazy and conjure  
>>>>>>>>> completely strange
>>>>>>>>> and
>>>>>>>>> nonsensical product names.
>>>>>>>>>
>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>>> which again
>>>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>>>> Alkitraz?
>>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>>> (though
>>>>>>>>> this
>>>>>>>>> is a
>>>>>>>>> minor point, admittedly).
>>>>>>>>>
>>>>>>>>> Fifth, it seems like you're making preparations for  
>>>>>>>>> something that
>>>>>>>>> you
>>>>>>>>> don't
>>>>>>>>> even know to be a problem.  Yes, the Apache legal team  
>>>>>>>>> should be
>>>>>>>>> consulted.
>>>>>>>>> However, it seems like jumping the gun to just start  
>>>>>>>>> changing package
>>>>>>>>> names
>>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>>> start
>>>>>>>>> renaming
>>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>>> happen in
>>>>>>>>> the
>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>
>>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>>> view, you
>>>>>>>>> shouldn't
>>>>>>>>> be making any change to your software until the change is  
>>>>>>>>> actually
>>>>>>>>> required
>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has the  
>>>>>>>>> Apache
>>>>>>>>> council
>>>>>>>>> suggested the change?  Are you being blocked by the incubation
>>>>>>>>> process?
>>>>>>>>> Why
>>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>>> could be
>>>>>>>>> better
>>>>>>>>> spent on other matters.
>>>>>>>>>
>>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>>> Eclipse.  But,
>>>>>>>>> that's
>>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>>> confusion,
>>>>>>>>> support,
>>>>>>>>> search engine optimization, etc. are what needs to be  
>>>>>>>>> thought about
>>>>>>>>> when
>>>>>>>>> changing the name.
>>>>>>>>>
>>>>>>>>> Further, what if you decide to change the name to Alcatraz,  
>>>>>>>>> and then
>>>>>>>>> get
>>>>>>>>> pressure from another software group?  Ouch, time to rename  
>>>>>>>>> the
>>>>>>>>> project
>>>>>>>>> yet
>>>>>>>>> again.
>>>>>>>>>
>>>>>>>>> I think you all are better just letting this thing ride until
>>>>>>>>> something
>>>>>>>>> real
>>>>>>>>> convicting suggests you need a change.  JSecurity is a great  
>>>>>>>>> product
>>>>>>>>> name
>>>>>>>>> which you should stick with until otherwise needed.  And, if  
>>>>>>>>> that day
>>>>>>>>> comes,
>>>>>>>>> Alcatraz is just simply the wrong name, in my humble  
>>>>>>>>> opinion, for all
>>>>>>>>> the
>>>>>>>>> reasons mentioned above.
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>>
>>>>>>>>> Adam
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>
>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>
>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the  
>>>>>>>>>>>>>>> names we
>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread  
>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>> names.  Could you please forward them on so I can post  
>>>>>>>>>>>>>> them to
>>>>>>>>>>>>>> the
>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>
>>>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz  
>>>>>>>>>>>>> is the
>>>>>>>>>>>>> clear
>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
>>>>>>>>>>>>> packages
>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from  
>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>>>
>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>>> (because
>>>>>>>>>>>> it's
>>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>
>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>> (with all the infos we have already found about it), and  
>>>>>>>>>>>> also ask
>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>>> here : add
>>>>>>>>>>>> some
>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>> geographical
>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>
>>>>>>>>>>> Legal is not a clearing house for project names.  They can  
>>>>>>>>>>> only
>>>>>>>>>>> give
>>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.   
>>>>>>>>>>> So far as
>>>>>>>>>>> I
>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>
>>>>>>>>>>> What I'm worried about is that the vetting effort for the  
>>>>>>>>>>> JSecurity
>>>>>>>>>>> name will have the same track record as the v0.9 release.   
>>>>>>>>>>> If we
>>>>>>>>>>> start
>>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>>> incubation
>>>>>>>>>>> process.
>>>>>>>>>>
>>>>>>>>>> Let's start with Alcratraz then, and we have quit some time  
>>>>>>>>>> to do
>>>>>>>>>> some
>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>> incubator).
>>>>>>>>>>
>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> --
>>>>>>>>>> cordialement, regards,
>>>>>>>>>> Emmanuel Lécharny
>>>>>>>>>> www.iktek.com
>>>>>>>>>> directory.apache.org
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> View this message in context:
>>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>>> Nabble.com.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>>> educational
>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>>> opinions
>>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/>  
>>>>>> for
>>>>>> official ASF policies and documents.
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>
>>>>>
>>>>> Craig L Russell
>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>> P.S. A good JDO? O, Gasp!
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>
>>> Craig L Russell
>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>> P.S. A good JDO? O, Gasp!
>>>
>>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

["Geir Magnusson Jr." <ge...@pobox.com>]

Agreed.

I don't really understand what problem is being solved here.

geir

On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:

> -1 to changing the name at this time.
>
> I know my vote isn't binding, but I just want a record of it. At the
> moment, I think any potential causes of conflict, given that there are
> NO trademark or patent conflicts, are dubious at best.
>
> Cheers,
>
> Les
>
> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell  
> <Cr...@sun.com> wrote:
>> any more...
>>
>> ok, former board member. ;-)
>>
>> Craig
>>
>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>
>>> I'm not a board member. :)
>>>
>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>> >
>>> wrote:
>>>>
>>>> -1 Do not change JSecurity's name
>>>>
>>>> We had the discussion in early December on the legal mailing list  
>>>> and no
>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>> only board
>>>> member who commented on the JSecurity name during the discussion.
>>>>
>>>> We will have at least three more votes where additional issues  
>>>> regarding
>>>> the
>>>> name can be brought up:
>>>>
>>>> 1. The first release of JSecurity code from the incubator.
>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>> incubator
>>>> votes.
>>>>
>>>> Craig
>>>>
>>>>
>>>> Dear JSecurity Team,
>>>>
>>>> There has been lengthy debate without consensus as to whether or
>>>> JSecurity's
>>>> name should be changed to something else.  So, there is need for  
>>>> a vote.
>>>>
>>>> Please vote on changing JSecurity's name to something else.  This  
>>>> is ONLY
>>>> a
>>>> vote of if we should change the name, NOT what any alternate name  
>>>> might
>>>> be.
>>>> I'd like to leave this vote open for 7 days instead of the usual  
>>>> 3 to
>>>> account for time that people may not be able to respond due to the
>>>> holidays.  Of course we can close the vote early if all binding  
>>>> votes are
>>>> accounted for prior to the 7 day limit.
>>>>
>>>> The vote is open for the next 7 days and only votes from the  
>>>> JSecurity
>>>> development team are binding.
>>>>
>>>> [ ] +1 Change JSecurity's name
>>>> [ ] -1 Do not change JSecurity's name
>>>>
>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>
>>>>> Given that it's a name you've been using for 4 years, and it's  
>>>>> very
>>>>> generic [jXxx being a common pattern in our space and Security  
>>>>> being
>>>>> very generic]; I'm inclined to keep the current name; though by  
>>>>> the
>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>> very good
>>>>> branding.
>>>>>
>>>>> My tuppence of opinion.
>>>>>
>>>>> Hen
>>>>>
>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>> >
>>>>> wrote:
>>>>>>
>>>>>> Hi ASF legal team,
>>>>>>
>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>> concerning a
>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>> Incubator
>>>>>> project).
>>>>>>
>>>>>> A few of our mentors have expressed concern that there might be a
>>>>>> possible naming conflict with our project name (JSecurity) and  
>>>>>> some
>>>>>> other references found through google and other search  
>>>>>> mechanisms.
>>>>>>
>>>>>> I'd like to point out that the JSecurity name, as an open source
>>>>>> project identity has been around for almost 4 years now, with  
>>>>>> zero
>>>>>> contact from any external entity claiming conflict with a  
>>>>>> proprietary
>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>> determining if
>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>> context of
>>>>>> why the original JSecurity developers (and our well-established
>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>> might be
>>>>>> older references to this name, unrelated to our project, but we  
>>>>>> don't
>>>>>> know for certain if they would constitute a risk in the name  
>>>>>> overlap.
>>>>>>
>>>>>> We'd like some feedback as to if the project name should be  
>>>>>> changed or
>>>>>> not.
>>>>>>
>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>> research:
>>>>>>
>>>>>> <snip>
>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>> references
>>>>>> to JSecurity :
>>>>>>
>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>>> conduct a full information security risk assessment focusing on:"
>>>>>>
>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>> >
>>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>>> Juniper has a legal service who might perfectly well send some  
>>>>>> nicely
>>>>>> written "cease and desist" letter to the ASF about this name.  
>>>>>> Not sure
>>>>>> that our legals want to deal with that ...
>>>>>>
>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>> >
>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>> least)
>>>>>>
>>>>>>
>>>>>>
>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>
>>>>>>
>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>> >
>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>
>>>>>> As much as I like the JSecurity name, I also think that we are un
>>>>>> potential jeopardy if we don't change its name. That's the main  
>>>>>> issue
>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>> already
>>>>>> know that there are company out there which already use this  
>>>>>> name.
>>>>>>
>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>> information
>>>>>> as possible. When you guys think you have set your mind about  
>>>>>> this
>>>>>> name, you will have to go to legal@apache.org
>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>> JSecurity or
>>>>>> any other) to double check that it's ok or not (IFAIK). That is  
>>>>>> one of
>>>>>> the condition to exit from the incubator :
>>>>>> "Check of project name for trademark issues "
>>>>>>
>>>>>>
>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>
>>>>>>
>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>> >).
>>>>>>
>>>>>> </snip>
>>>>>>
>>>>>> Thanks for your review and feedback!
>>>>>>
>>>>>> Best,
>>>>>>
>>>>>> Les
>>>>>>
>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>> >
>>>>>> wrote:
>>>>>>>
>>>>>>> Adam,
>>>>>>>
>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>> opinion.  I love
>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>> contribute to
>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>
>>>>>>> I am in total agreement with your sentiments thus far.  It is my
>>>>>>> opinion that the name we have is great as it is and I'd only  
>>>>>>> like to
>>>>>>> change the name if someone from legal puts pressure on us to  
>>>>>>> do so.
>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post  
>>>>>>> this to
>>>>>>> legal in just a few minutes asking their feedback.  I'd like  
>>>>>>> to hear
>>>>>>> what they say regardless of what we end up doing - I'm genuinely
>>>>>>> curious :)
>>>>>>>
>>>>>>> Thanks again very much for chiming in.  Its nice to see that  
>>>>>>> you (and
>>>>>>> others) are taking continued interest in the project.
>>>>>>>
>>>>>>> Best regards,
>>>>>>>
>>>>>>> Les
>>>>>>>
>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com>  
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>> (though I
>>>>>>>> hope to
>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>> attention, and
>>>>>>>> so I
>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>
>>>>>>>> I have an interest, call it a hobby, in name related issues for
>>>>>>>> software
>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>> from any
>>>>>>>> official
>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>> like to
>>>>>>>> point out
>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>
>>>>>>>> First, as I believe has been mentioned, the term Alcatraz has  
>>>>>>>> been
>>>>>>>> associated with other software products already.  So, this is  
>>>>>>>> bad
>>>>>>>> news
>>>>>>>> with
>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>> geographic
>>>>>>>> location
>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>> these other
>>>>>>>> software products are going to have problems with any related  
>>>>>>>> use of
>>>>>>>> the
>>>>>>>> term Alcatraz.
>>>>>>>>
>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>> product is
>>>>>>>> used
>>>>>>>> to
>>>>>>>> keep people out of the protected system.  This is what the term
>>>>>>>> "security"
>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to  
>>>>>>>> keep
>>>>>>>> people
>>>>>>>> out,
>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>> related, and
>>>>>>>> even
>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>> software
>>>>>>>> would be
>>>>>>>> a better name for a product which keeps workstation/network  
>>>>>>>> users
>>>>>>>> constrained in their internet use, like a firewall, or a web  
>>>>>>>> proxy,
>>>>>>>> for
>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>
>>>>>>>> Don't underestimate the importance of this point.  The name  
>>>>>>>> of a
>>>>>>>> software
>>>>>>>> should ideally be somewhat self describing, especially when  
>>>>>>>> starting
>>>>>>>> out.
>>>>>>>> Until the name becomes a core brand, having a self describing  
>>>>>>>> name
>>>>>>>> can
>>>>>>>> make
>>>>>>>> a big difference.
>>>>>>>>
>>>>>>>> Third, I don't think you can underestimate how important it  
>>>>>>>> is that
>>>>>>>> people
>>>>>>>> can search the name of your product and find it through  
>>>>>>>> Google (and
>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>> unrelated
>>>>>>>> hits,
>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>> with the
>>>>>>>> name.
>>>>>>>> Much better to have a name for your software that is the only  
>>>>>>>> known
>>>>>>>> reference so that people can easily find you after having  
>>>>>>>> hear the
>>>>>>>> name.
>>>>>>>> This is why so many companies go crazy and conjure completely  
>>>>>>>> strange
>>>>>>>> and
>>>>>>>> nonsensical product names.
>>>>>>>>
>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>> which again
>>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>>> Alkitraz?
>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>> (though
>>>>>>>> this
>>>>>>>> is a
>>>>>>>> minor point, admittedly).
>>>>>>>>
>>>>>>>> Fifth, it seems like you're making preparations for something  
>>>>>>>> that
>>>>>>>> you
>>>>>>>> don't
>>>>>>>> even know to be a problem.  Yes, the Apache legal team should  
>>>>>>>> be
>>>>>>>> consulted.
>>>>>>>> However, it seems like jumping the gun to just start changing  
>>>>>>>> package
>>>>>>>> names
>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>> start
>>>>>>>> renaming
>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>> happen in
>>>>>>>> the
>>>>>>>> future.  What value does this add to the software?
>>>>>>>>
>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>> view, you
>>>>>>>> shouldn't
>>>>>>>> be making any change to your software until the change is  
>>>>>>>> actually
>>>>>>>> required
>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has the  
>>>>>>>> Apache
>>>>>>>> council
>>>>>>>> suggested the change?  Are you being blocked by the incubation
>>>>>>>> process?
>>>>>>>> Why
>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>> could be
>>>>>>>> better
>>>>>>>> spent on other matters.
>>>>>>>>
>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>> Eclipse.  But,
>>>>>>>> that's
>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>> confusion,
>>>>>>>> support,
>>>>>>>> search engine optimization, etc. are what needs to be thought  
>>>>>>>> about
>>>>>>>> when
>>>>>>>> changing the name.
>>>>>>>>
>>>>>>>> Further, what if you decide to change the name to Alcatraz,  
>>>>>>>> and then
>>>>>>>> get
>>>>>>>> pressure from another software group?  Ouch, time to rename the
>>>>>>>> project
>>>>>>>> yet
>>>>>>>> again.
>>>>>>>>
>>>>>>>> I think you all are better just letting this thing ride until
>>>>>>>> something
>>>>>>>> real
>>>>>>>> convicting suggests you need a change.  JSecurity is a great  
>>>>>>>> product
>>>>>>>> name
>>>>>>>> which you should stick with until otherwise needed.  And, if  
>>>>>>>> that day
>>>>>>>> comes,
>>>>>>>> Alcatraz is just simply the wrong name, in my humble opinion,  
>>>>>>>> for all
>>>>>>>> the
>>>>>>>> reasons mentioned above.
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>>
>>>>>>>> Adam
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>
>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>
>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>
>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the  
>>>>>>>>>>>>>> names we
>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with  
>>>>>>>>>>>>> the
>>>>>>>>>>>>> googled
>>>>>>>>>>>>> names.  Could you please forward them on so I can post  
>>>>>>>>>>>>> them to
>>>>>>>>>>>>> the
>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>
>>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz  
>>>>>>>>>>>> is the
>>>>>>>>>>>> clear
>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
>>>>>>>>>>>> packages
>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal  
>>>>>>>>>>>> and the
>>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>>
>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>> (because
>>>>>>>>>>> it's
>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>> alcatraz if
>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>
>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>> Jsecurity name
>>>>>>>>>>> (with all the infos we have already found about it), and  
>>>>>>>>>>> also ask
>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>> here : add
>>>>>>>>>>> some
>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>> geographical
>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>
>>>>>>>>>> Legal is not a clearing house for project names.  They can  
>>>>>>>>>> only
>>>>>>>>>> give
>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So  
>>>>>>>>>> far as
>>>>>>>>>> I
>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>
>>>>>>>>>> What I'm worried about is that the vetting effort for the  
>>>>>>>>>> JSecurity
>>>>>>>>>> name will have the same track record as the v0.9 release.   
>>>>>>>>>> If we
>>>>>>>>>> start
>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>> incubation
>>>>>>>>>> process.
>>>>>>>>>
>>>>>>>>> Let's start with Alcratraz then, and we have quit some time  
>>>>>>>>> to do
>>>>>>>>> some
>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>> incubator).
>>>>>>>>>
>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> --
>>>>>>>>> cordialement, regards,
>>>>>>>>> Emmanuel Lécharny
>>>>>>>>> www.iktek.com
>>>>>>>>> directory.apache.org
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> View this message in context:
>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>> Nabble.com.
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>> educational
>>>>> only.  Statements made on this list are not privileged, do not
>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>> opinions
>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/>  
>>>>> for
>>>>> official ASF policies and documents.
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>
>>>>
>>>> Craig L Russell
>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>> P.S. A good JDO? O, Gasp!
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>
>> Craig L Russell
>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>> 408 276-5638 mailto:Craig.Russell@sun.com
>> P.S. A good JDO? O, Gasp!
>>
>>

Re: [VOTE] Change JSecurity's Name

["Geir Magnusson Jr." <ge...@pobox.com>]

Agreed.

I don't really understand what problem is being solved here.

geir

On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:

> -1 to changing the name at this time.
>
> I know my vote isn't binding, but I just want a record of it. At the
> moment, I think any potential causes of conflict, given that there are
> NO trademark or patent conflicts, are dubious at best.
>
> Cheers,
>
> Les
>
> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell  
> <Cr...@sun.com> wrote:
>> any more...
>>
>> ok, former board member. ;-)
>>
>> Craig
>>
>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>
>>> I'm not a board member. :)
>>>
>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
>>> >
>>> wrote:
>>>>
>>>> -1 Do not change JSecurity's name
>>>>
>>>> We had the discussion in early December on the legal mailing list  
>>>> and no
>>>> issues were raised contrary to Henri's comments. Henri is the  
>>>> only board
>>>> member who commented on the JSecurity name during the discussion.
>>>>
>>>> We will have at least three more votes where additional issues  
>>>> regarding
>>>> the
>>>> name can be brought up:
>>>>
>>>> 1. The first release of JSecurity code from the incubator.
>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>> 3. The acceptance of JSecurity by the Apache board after the  
>>>> incubator
>>>> votes.
>>>>
>>>> Craig
>>>>
>>>>
>>>> Dear JSecurity Team,
>>>>
>>>> There has been lengthy debate without consensus as to whether or
>>>> JSecurity's
>>>> name should be changed to something else.  So, there is need for  
>>>> a vote.
>>>>
>>>> Please vote on changing JSecurity's name to something else.  This  
>>>> is ONLY
>>>> a
>>>> vote of if we should change the name, NOT what any alternate name  
>>>> might
>>>> be.
>>>> I'd like to leave this vote open for 7 days instead of the usual  
>>>> 3 to
>>>> account for time that people may not be able to respond due to the
>>>> holidays.  Of course we can close the vote early if all binding  
>>>> votes are
>>>> accounted for prior to the 7 day limit.
>>>>
>>>> The vote is open for the next 7 days and only votes from the  
>>>> JSecurity
>>>> development team are binding.
>>>>
>>>> [ ] +1 Change JSecurity's name
>>>> [ ] -1 Do not change JSecurity's name
>>>>
>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>
>>>>> Given that it's a name you've been using for 4 years, and it's  
>>>>> very
>>>>> generic [jXxx being a common pattern in our space and Security  
>>>>> being
>>>>> very generic]; I'm inclined to keep the current name; though by  
>>>>> the
>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't  
>>>>> very good
>>>>> branding.
>>>>>
>>>>> My tuppence of opinion.
>>>>>
>>>>> Hen
>>>>>
>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>> >
>>>>> wrote:
>>>>>>
>>>>>> Hi ASF legal team,
>>>>>>
>>>>>> I'm writing this email in hopes of getting your feedback  
>>>>>> concerning a
>>>>>> discussion we've been having on the JSecurity email list (an  
>>>>>> Incubator
>>>>>> project).
>>>>>>
>>>>>> A few of our mentors have expressed concern that there might be a
>>>>>> possible naming conflict with our project name (JSecurity) and  
>>>>>> some
>>>>>> other references found through google and other search  
>>>>>> mechanisms.
>>>>>>
>>>>>> I'd like to point out that the JSecurity name, as an open source
>>>>>> project identity has been around for almost 4 years now, with  
>>>>>> zero
>>>>>> contact from any external entity claiming conflict with a  
>>>>>> proprietary
>>>>>> name or product.  I know this isn't legal criteria for  
>>>>>> determining if
>>>>>> there is a name conflict, but I surface it only to put some  
>>>>>> context of
>>>>>> why the original JSecurity developers (and our well-established
>>>>>> communities) think we should keep the JSecurity name.  There  
>>>>>> might be
>>>>>> older references to this name, unrelated to our project, but we  
>>>>>> don't
>>>>>> know for certain if they would constitute a risk in the name  
>>>>>> overlap.
>>>>>>
>>>>>> We'd like some feedback as to if the project name should be  
>>>>>> changed or
>>>>>> not.
>>>>>>
>>>>>> Here is what one of our mentors summarized after doing some  
>>>>>> research:
>>>>>>
>>>>>> <snip>
>>>>>> Now, looking a bit forward on google, here are some other  
>>>>>> references
>>>>>> to JSecurity :
>>>>>>
>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>>> conduct a full information security risk assessment focusing on:"
>>>>>>
>>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/ 
>>>>>> >
>>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>>> Juniper has a legal service who might perfectly well send some  
>>>>>> nicely
>>>>>> written "cease and desist" letter to the ASF about this name.  
>>>>>> Not sure
>>>>>> that our legals want to deal with that ...
>>>>>>
>>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>>>> >
>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at  
>>>>>> least)
>>>>>>
>>>>>>
>>>>>>
>>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>>
>>>>>>
>>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>>>> >
>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>
>>>>>> As much as I like the JSecurity name, I also think that we are un
>>>>>> potential jeopardy if we don't change its name. That's the main  
>>>>>> issue
>>>>>> we have : we can't afford any kind of legal action when we  
>>>>>> already
>>>>>> know that there are company out there which already use this  
>>>>>> name.
>>>>>>
>>>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>>>> information
>>>>>> as possible. When you guys think you have set your mind about  
>>>>>> this
>>>>>> name, you will have to go to legal@apache.org
>>>>>> <ma...@apache.org> with the selected name (be it  
>>>>>> JSecurity or
>>>>>> any other) to double check that it's ok or not (IFAIK). That is  
>>>>>> one of
>>>>>> the condition to exit from the incubator :
>>>>>> "Check of project name for trademark issues "
>>>>>>
>>>>>>
>>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>>
>>>>>>
>>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>>>> >).
>>>>>>
>>>>>> </snip>
>>>>>>
>>>>>> Thanks for your review and feedback!
>>>>>>
>>>>>> Best,
>>>>>>
>>>>>> Les
>>>>>>
>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>>>> >
>>>>>> wrote:
>>>>>>>
>>>>>>> Adam,
>>>>>>>
>>>>>>> Thanks _very_ much for such a detailed and thoughtful  
>>>>>>> opinion.  I love
>>>>>>> to see people who aren't necessarily code contributors  
>>>>>>> contribute to
>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>
>>>>>>> I am in total agreement with your sentiments thus far.  It is my
>>>>>>> opinion that the name we have is great as it is and I'd only  
>>>>>>> like to
>>>>>>> change the name if someone from legal puts pressure on us to  
>>>>>>> do so.
>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post  
>>>>>>> this to
>>>>>>> legal in just a few minutes asking their feedback.  I'd like  
>>>>>>> to hear
>>>>>>> what they say regardless of what we end up doing - I'm genuinely
>>>>>>> curious :)
>>>>>>>
>>>>>>> Thanks again very much for chiming in.  Its nice to see that  
>>>>>>> you (and
>>>>>>> others) are taking continued interest in the project.
>>>>>>>
>>>>>>> Best regards,
>>>>>>>
>>>>>>> Les
>>>>>>>
>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com>  
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>>>> (though I
>>>>>>>> hope to
>>>>>>>> be in the future).  However, this thread has caught my  
>>>>>>>> attention, and
>>>>>>>> so I
>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>
>>>>>>>> I have an interest, call it a hobby, in name related issues for
>>>>>>>> software
>>>>>>>> projects, open source included.  So, though I don't speak  
>>>>>>>> from any
>>>>>>>> official
>>>>>>>> background (I guess beyond a little professional), I would  
>>>>>>>> like to
>>>>>>>> point out
>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>
>>>>>>>> First, as I believe has been mentioned, the term Alcatraz has  
>>>>>>>> been
>>>>>>>> associated with other software products already.  So, this is  
>>>>>>>> bad
>>>>>>>> news
>>>>>>>> with
>>>>>>>> regards to trademark related issues.  Just because its a  
>>>>>>>> geographic
>>>>>>>> location
>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely  
>>>>>>>> these other
>>>>>>>> software products are going to have problems with any related  
>>>>>>>> use of
>>>>>>>> the
>>>>>>>> term Alcatraz.
>>>>>>>>
>>>>>>>> Second, the connotation for JSecurity implies that the  
>>>>>>>> product is
>>>>>>>> used
>>>>>>>> to
>>>>>>>> keep people out of the protected system.  This is what the term
>>>>>>>> "security"
>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to  
>>>>>>>> keep
>>>>>>>> people
>>>>>>>> out,
>>>>>>>> it was meant to keep people in.  The use is only quasi- 
>>>>>>>> related, and
>>>>>>>> even
>>>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>>>> software
>>>>>>>> would be
>>>>>>>> a better name for a product which keeps workstation/network  
>>>>>>>> users
>>>>>>>> constrained in their internet use, like a firewall, or a web  
>>>>>>>> proxy,
>>>>>>>> for
>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>
>>>>>>>> Don't underestimate the importance of this point.  The name  
>>>>>>>> of a
>>>>>>>> software
>>>>>>>> should ideally be somewhat self describing, especially when  
>>>>>>>> starting
>>>>>>>> out.
>>>>>>>> Until the name becomes a core brand, having a self describing  
>>>>>>>> name
>>>>>>>> can
>>>>>>>> make
>>>>>>>> a big difference.
>>>>>>>>
>>>>>>>> Third, I don't think you can underestimate how important it  
>>>>>>>> is that
>>>>>>>> people
>>>>>>>> can search the name of your product and find it through  
>>>>>>>> Google (and
>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>>>> unrelated
>>>>>>>> hits,
>>>>>>>> and you would clearly be lost any search engine placement  
>>>>>>>> with the
>>>>>>>> name.
>>>>>>>> Much better to have a name for your software that is the only  
>>>>>>>> known
>>>>>>>> reference so that people can easily find you after having  
>>>>>>>> hear the
>>>>>>>> name.
>>>>>>>> This is why so many companies go crazy and conjure completely  
>>>>>>>> strange
>>>>>>>> and
>>>>>>>> nonsensical product names.
>>>>>>>>
>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell,  
>>>>>>>> which again
>>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>>> Alkitraz?
>>>>>>>> Some people simply won't know how to spell it immediately  
>>>>>>>> (though
>>>>>>>> this
>>>>>>>> is a
>>>>>>>> minor point, admittedly).
>>>>>>>>
>>>>>>>> Fifth, it seems like you're making preparations for something  
>>>>>>>> that
>>>>>>>> you
>>>>>>>> don't
>>>>>>>> even know to be a problem.  Yes, the Apache legal team should  
>>>>>>>> be
>>>>>>>> consulted.
>>>>>>>> However, it seems like jumping the gun to just start changing  
>>>>>>>> package
>>>>>>>> names
>>>>>>>> with anticipation of a name change.  You would be crazy to  
>>>>>>>> start
>>>>>>>> renaming
>>>>>>>> packages based on some unknown possibility that it has to  
>>>>>>>> happen in
>>>>>>>> the
>>>>>>>> future.  What value does this add to the software?
>>>>>>>>
>>>>>>>> Following the sigma-six and/or extreme programming world  
>>>>>>>> view, you
>>>>>>>> shouldn't
>>>>>>>> be making any change to your software until the change is  
>>>>>>>> actually
>>>>>>>> required
>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has the  
>>>>>>>> Apache
>>>>>>>> council
>>>>>>>> suggested the change?  Are you being blocked by the incubation
>>>>>>>> process?
>>>>>>>> Why
>>>>>>>> even consider a change until it needs to be done.  Energy  
>>>>>>>> could be
>>>>>>>> better
>>>>>>>> spent on other matters.
>>>>>>>>
>>>>>>>> Yes, it's a trivial thing to refactor a project from  
>>>>>>>> Eclipse.  But,
>>>>>>>> that's
>>>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>>>> confusion,
>>>>>>>> support,
>>>>>>>> search engine optimization, etc. are what needs to be thought  
>>>>>>>> about
>>>>>>>> when
>>>>>>>> changing the name.
>>>>>>>>
>>>>>>>> Further, what if you decide to change the name to Alcatraz,  
>>>>>>>> and then
>>>>>>>> get
>>>>>>>> pressure from another software group?  Ouch, time to rename the
>>>>>>>> project
>>>>>>>> yet
>>>>>>>> again.
>>>>>>>>
>>>>>>>> I think you all are better just letting this thing ride until
>>>>>>>> something
>>>>>>>> real
>>>>>>>> convicting suggests you need a change.  JSecurity is a great  
>>>>>>>> product
>>>>>>>> name
>>>>>>>> which you should stick with until otherwise needed.  And, if  
>>>>>>>> that day
>>>>>>>> comes,
>>>>>>>> Alcatraz is just simply the wrong name, in my humble opinion,  
>>>>>>>> for all
>>>>>>>> the
>>>>>>>> reasons mentioned above.
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>>
>>>>>>>> Adam
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>
>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>
>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>
>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the  
>>>>>>>>>>>>>> names we
>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with  
>>>>>>>>>>>>> the
>>>>>>>>>>>>> googled
>>>>>>>>>>>>> names.  Could you please forward them on so I can post  
>>>>>>>>>>>>> them to
>>>>>>>>>>>>> the
>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>
>>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz  
>>>>>>>>>>>> is the
>>>>>>>>>>>> clear
>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
>>>>>>>>>>>> packages
>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal  
>>>>>>>>>>>> and the
>>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>>
>>>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>>>> (because
>>>>>>>>>>> it's
>>>>>>>>>>> already the name we use), ask to Legal, and move to  
>>>>>>>>>>> alcatraz if
>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>
>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the  
>>>>>>>>>>> Jsecurity name
>>>>>>>>>>> (with all the infos we have already found about it), and  
>>>>>>>>>>> also ask
>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same  
>>>>>>>>>>> here : add
>>>>>>>>>>> some
>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>> geographical
>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>
>>>>>>>>>> Legal is not a clearing house for project names.  They can  
>>>>>>>>>> only
>>>>>>>>>> give
>>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So  
>>>>>>>>>> far as
>>>>>>>>>> I
>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>
>>>>>>>>>> What I'm worried about is that the vetting effort for the  
>>>>>>>>>> JSecurity
>>>>>>>>>> name will have the same track record as the v0.9 release.   
>>>>>>>>>> If we
>>>>>>>>>> start
>>>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>>>> incubation
>>>>>>>>>> process.
>>>>>>>>>
>>>>>>>>> Let's start with Alcratraz then, and we have quit some time  
>>>>>>>>> to do
>>>>>>>>> some
>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>> incubator).
>>>>>>>>>
>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> --
>>>>>>>>> cordialement, regards,
>>>>>>>>> Emmanuel Lécharny
>>>>>>>>> www.iktek.com
>>>>>>>>> directory.apache.org
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> View this message in context:
>>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>>>> Nabble.com.
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> DISCLAIMER: Discussions on this list are informational and  
>>>>> educational
>>>>> only.  Statements made on this list are not privileged, do not
>>>>> constitute legal advice, and do not necessarily reflect the  
>>>>> opinions
>>>>> and policies of the ASF.  See <http://www.apache.org/licenses/>  
>>>>> for
>>>>> official ASF policies and documents.
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>
>>>>
>>>> Craig L Russell
>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>> P.S. A good JDO? O, Gasp!
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>
>> Craig L Russell
>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>> 408 276-5638 mailto:Craig.Russell@sun.com
>> P.S. A good JDO? O, Gasp!
>>
>>


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

-1 to changing the name at this time.

I know my vote isn't binding, but I just want a record of it. At the
moment, I think any potential causes of conflict, given that there are
NO trademark or patent conflicts, are dubious at best.

Cheers,

Les

On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Cr...@sun.com> wrote:
> any more...
>
> ok, former board member. ;-)
>
> Craig
>
> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>
>> I'm not a board member. :)
>>
>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Cr...@sun.com>
>> wrote:
>>>
>>> -1 Do not change JSecurity's name
>>>
>>> We had the discussion in early December on the legal mailing list and no
>>> issues were raised contrary to Henri's comments. Henri is the only board
>>> member who commented on the JSecurity name during the discussion.
>>>
>>> We will have at least three more votes where additional issues regarding
>>> the
>>> name can be brought up:
>>>
>>> 1. The first release of JSecurity code from the incubator.
>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>> 3. The acceptance of JSecurity by the Apache board after the incubator
>>> votes.
>>>
>>> Craig
>>>
>>>
>>> Dear JSecurity Team,
>>>
>>> There has been lengthy debate without consensus as to whether or
>>> JSecurity's
>>> name should be changed to something else.  So, there is need for a vote.
>>>
>>> Please vote on changing JSecurity's name to something else.  This is ONLY
>>> a
>>> vote of if we should change the name, NOT what any alternate name might
>>> be.
>>> I'd like to leave this vote open for 7 days instead of the usual 3 to
>>> account for time that people may not be able to respond due to the
>>> holidays.  Of course we can close the vote early if all binding votes are
>>> accounted for prior to the 7 day limit.
>>>
>>> The vote is open for the next 7 days and only votes from the JSecurity
>>> development team are binding.
>>>
>>> [ ] +1 Change JSecurity's name
>>> [ ] -1 Do not change JSecurity's name
>>>
>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>
>>>> Given that it's a name you've been using for 4 years, and it's very
>>>> generic [jXxx being a common pattern in our space and Security being
>>>> very generic]; I'm inclined to keep the current name; though by the
>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't very good
>>>> branding.
>>>>
>>>> My tuppence of opinion.
>>>>
>>>> Hen
>>>>
>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org>
>>>> wrote:
>>>>>
>>>>> Hi ASF legal team,
>>>>>
>>>>> I'm writing this email in hopes of getting your feedback concerning a
>>>>> discussion we've been having on the JSecurity email list (an Incubator
>>>>> project).
>>>>>
>>>>> A few of our mentors have expressed concern that there might be a
>>>>> possible naming conflict with our project name (JSecurity) and some
>>>>> other references found through google and other search mechanisms.
>>>>>
>>>>> I'd like to point out that the JSecurity name, as an open source
>>>>> project identity has been around for almost 4 years now, with zero
>>>>> contact from any external entity claiming conflict with a proprietary
>>>>> name or product.  I know this isn't legal criteria for determining if
>>>>> there is a name conflict, but I surface it only to put some context of
>>>>> why the original JSecurity developers (and our well-established
>>>>> communities) think we should keep the JSecurity name.  There might be
>>>>> older references to this name, unrelated to our project, but we don't
>>>>> know for certain if they would constitute a risk in the name overlap.
>>>>>
>>>>> We'd like some feedback as to if the project name should be changed or
>>>>> not.
>>>>>
>>>>> Here is what one of our mentors summarized after doing some research:
>>>>>
>>>>> <snip>
>>>>> Now, looking a bit forward on google, here are some other references
>>>>> to JSecurity :
>>>>>
>>>>> http://jwicglobal.com/Knowledge.htm
>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>> conduct a full information security risk assessment focusing on:"
>>>>>
>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>> Juniper has a legal service who might perfectly well send some nicely
>>>>> written "cease and desist" letter to the ASF about this name. Not sure
>>>>> that our legals want to deal with that ...
>>>>>
>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>>>>
>>>>>
>>>>>
>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>
>>>>>
>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
>>>>> This company has a product named JSecurity. Since when ?
>>>>>
>>>>> As much as I like the JSecurity name, I also think that we are un
>>>>> potential jeopardy if we don't change its name. That's the main issue
>>>>> we have : we can't afford any kind of legal action when we already
>>>>> know that there are company out there which already use this name.
>>>>>
>>>>> Anyway, I can be wrong, I'm just trying to gather as much information
>>>>> as possible. When you guys think you have set your mind about this
>>>>> name, you will have to go to legal@apache.org
>>>>> <ma...@apache.org> with the selected name (be it JSecurity or
>>>>> any other) to double check that it's ok or not (IFAIK). That is one of
>>>>> the condition to exit from the incubator :
>>>>> "Check of project name for trademark issues "
>>>>>
>>>>>
>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>
>>>>>
>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>>>>>
>>>>> </snip>
>>>>>
>>>>> Thanks for your review and feedback!
>>>>>
>>>>> Best,
>>>>>
>>>>> Les
>>>>>
>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lh...@apache.org>
>>>>> wrote:
>>>>>>
>>>>>> Adam,
>>>>>>
>>>>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I love
>>>>>> to see people who aren't necessarily code contributors contribute to
>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>
>>>>>> I am in total agreement with your sentiments thus far.  It is my
>>>>>> opinion that the name we have is great as it is and I'd only like to
>>>>>> change the name if someone from legal puts pressure on us to do so.
>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post this to
>>>>>> legal in just a few minutes asking their feedback.  I'd like to hear
>>>>>> what they say regardless of what we end up doing - I'm genuinely
>>>>>> curious :)
>>>>>>
>>>>>> Thanks again very much for chiming in.  Its nice to see that you (and
>>>>>> others) are taking continued interest in the project.
>>>>>>
>>>>>> Best regards,
>>>>>>
>>>>>> Les
>>>>>>
>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I'm not really a contributor to the JSecurity project yet (though I
>>>>>>> hope to
>>>>>>> be in the future).  However, this thread has caught my attention, and
>>>>>>> so I
>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>
>>>>>>> I have an interest, call it a hobby, in name related issues for
>>>>>>> software
>>>>>>> projects, open source included.  So, though I don't speak from any
>>>>>>> official
>>>>>>> background (I guess beyond a little professional), I would like to
>>>>>>> point out
>>>>>>> a few things about the name Alcatraz.
>>>>>>>
>>>>>>> First, as I believe has been mentioned, the term Alcatraz has been
>>>>>>> associated with other software products already.  So, this is bad
>>>>>>> news
>>>>>>> with
>>>>>>> regards to trademark related issues.  Just because its a geographic
>>>>>>> location
>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely these other
>>>>>>> software products are going to have problems with any related use of
>>>>>>> the
>>>>>>> term Alcatraz.
>>>>>>>
>>>>>>> Second, the connotation for JSecurity implies that the product is
>>>>>>> used
>>>>>>> to
>>>>>>> keep people out of the protected system.  This is what the term
>>>>>>> "security"
>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep
>>>>>>> people
>>>>>>> out,
>>>>>>> it was meant to keep people in.  The use is only quasi-related, and
>>>>>>> even
>>>>>>> confusing, for a product with your feature set.  Alcatraz software
>>>>>>> would be
>>>>>>> a better name for a product which keeps workstation/network users
>>>>>>> constrained in their internet use, like a firewall, or a web proxy,
>>>>>>> for
>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>
>>>>>>> Don't underestimate the importance of this point.  The name of a
>>>>>>> software
>>>>>>> should ideally be somewhat self describing, especially when starting
>>>>>>> out.
>>>>>>> Until the name becomes a core brand, having a self describing name
>>>>>>> can
>>>>>>> make
>>>>>>> a big difference.
>>>>>>>
>>>>>>> Third, I don't think you can underestimate how important it is that
>>>>>>> people
>>>>>>> can search the name of your product and find it through Google (and
>>>>>>> friends).  Clearly the term Alcatraz has a huge number of unrelated
>>>>>>> hits,
>>>>>>> and you would clearly be lost any search engine placement with the
>>>>>>> name.
>>>>>>> Much better to have a name for your software that is the only known
>>>>>>> reference so that people can easily find you after having hear the
>>>>>>> name.
>>>>>>> This is why so many companies go crazy and conjure completely strange
>>>>>>> and
>>>>>>> nonsensical product names.
>>>>>>>
>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which again
>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>> Alkitraz?
>>>>>>> Some people simply won't know how to spell it immediately (though
>>>>>>> this
>>>>>>> is a
>>>>>>> minor point, admittedly).
>>>>>>>
>>>>>>> Fifth, it seems like you're making preparations for something that
>>>>>>> you
>>>>>>> don't
>>>>>>> even know to be a problem.  Yes, the Apache legal team should be
>>>>>>> consulted.
>>>>>>> However, it seems like jumping the gun to just start changing package
>>>>>>> names
>>>>>>> with anticipation of a name change.  You would be crazy to start
>>>>>>> renaming
>>>>>>> packages based on some unknown possibility that it has to happen in
>>>>>>> the
>>>>>>> future.  What value does this add to the software?
>>>>>>>
>>>>>>> Following the sigma-six and/or extreme programming world view, you
>>>>>>> shouldn't
>>>>>>> be making any change to your software until the change is actually
>>>>>>> required
>>>>>>> and value is added.  Do you have a pending lawsuit?  Has the Apache
>>>>>>> council
>>>>>>> suggested the change?  Are you being blocked by the incubation
>>>>>>> process?
>>>>>>> Why
>>>>>>> even consider a change until it needs to be done.  Energy could be
>>>>>>> better
>>>>>>> spent on other matters.
>>>>>>>
>>>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But,
>>>>>>> that's
>>>>>>> only a very small part of the bigger issue.  Disruption, confusion,
>>>>>>> support,
>>>>>>> search engine optimization, etc. are what needs to be thought about
>>>>>>> when
>>>>>>> changing the name.
>>>>>>>
>>>>>>> Further, what if you decide to change the name to Alcatraz, and then
>>>>>>> get
>>>>>>> pressure from another software group?  Ouch, time to rename the
>>>>>>> project
>>>>>>> yet
>>>>>>> again.
>>>>>>>
>>>>>>> I think you all are better just letting this thing ride until
>>>>>>> something
>>>>>>> real
>>>>>>> convicting suggests you need a change.  JSecurity is a great product
>>>>>>> name
>>>>>>> which you should stick with until otherwise needed.  And, if that day
>>>>>>> comes,
>>>>>>> Alcatraz is just simply the wrong name, in my humble opinion, for all
>>>>>>> the
>>>>>>> reasons mentioned above.
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>>> Adam
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>
>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>
>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>
>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>
>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>
>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names we
>>>>>>>>>>>>> have googled
>>>>>>>>>>>>> too.
>>>>>>>>>>>>
>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
>>>>>>>>>>>> googled
>>>>>>>>>>>> names.  Could you please forward them on so I can post them to
>>>>>>>>>>>> the
>>>>>>>>>>>> legal team?
>>>>>>>>>>>
>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the
>>>>>>>>>>> clear
>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
>>>>>>>>>>> packages
>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the
>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>
>>>>>>>>>> Well, I think then it's better to stick with JSecurity (because
>>>>>>>>>> it's
>>>>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>>>>>> needed (or any other name).
>>>>>>>>>>
>>>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name
>>>>>>>>>> (with all the infos we have already found about it), and also ask
>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add
>>>>>>>>>> some
>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>> geographical
>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>
>>>>>>>>> Legal is not a clearing house for project names.  They can only
>>>>>>>>> give
>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far as
>>>>>>>>> I
>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>
>>>>>>>>> What I'm worried about is that the vetting effort for the JSecurity
>>>>>>>>> name will have the same track record as the v0.9 release.  If we
>>>>>>>>> start
>>>>>>>>> with alcatraz then we have one less thing impeding our incubation
>>>>>>>>> process.
>>>>>>>>
>>>>>>>> Let's start with Alcratraz then, and we have quit some time to do
>>>>>>>> some
>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>> incubator).
>>>>>>>>
>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> --
>>>>>>>> cordialement, regards,
>>>>>>>> Emmanuel Lécharny
>>>>>>>> www.iktek.com
>>>>>>>> directory.apache.org
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> View this message in context:
>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>> Sent from the JSecurity Developer mailing list archive at Nabble.com.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> DISCLAIMER: Discussions on this list are informational and educational
>>>> only.  Statements made on this list are not privileged, do not
>>>> constitute legal advice, and do not necessarily reflect the opinions
>>>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
>>>> official ASF policies and documents.
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>
>>> Craig L Russell
>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>> P.S. A good JDO? O, Gasp!
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>
> Craig L Russell
> Architect, Sun Java Enterprise System http://db.apache.org/jdo
> 408 276-5638 mailto:Craig.Russell@sun.com
> P.S. A good JDO? O, Gasp!
>
>

Re: [VOTE] Change JSecurity's Name

[Les Hazlewood <lh...@apache.org>]

-1 to changing the name at this time.

I know my vote isn't binding, but I just want a record of it. At the
moment, I think any potential causes of conflict, given that there are
NO trademark or patent conflicts, are dubious at best.

Cheers,

Les

On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <Cr...@sun.com> wrote:
> any more...
>
> ok, former board member. ;-)
>
> Craig
>
> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>
>> I'm not a board member. :)
>>
>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Cr...@sun.com>
>> wrote:
>>>
>>> -1 Do not change JSecurity's name
>>>
>>> We had the discussion in early December on the legal mailing list and no
>>> issues were raised contrary to Henri's comments. Henri is the only board
>>> member who commented on the JSecurity name during the discussion.
>>>
>>> We will have at least three more votes where additional issues regarding
>>> the
>>> name can be brought up:
>>>
>>> 1. The first release of JSecurity code from the incubator.
>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>> 3. The acceptance of JSecurity by the Apache board after the incubator
>>> votes.
>>>
>>> Craig
>>>
>>>
>>> Dear JSecurity Team,
>>>
>>> There has been lengthy debate without consensus as to whether or
>>> JSecurity's
>>> name should be changed to something else.  So, there is need for a vote.
>>>
>>> Please vote on changing JSecurity's name to something else.  This is ONLY
>>> a
>>> vote of if we should change the name, NOT what any alternate name might
>>> be.
>>> I'd like to leave this vote open for 7 days instead of the usual 3 to
>>> account for time that people may not be able to respond due to the
>>> holidays.  Of course we can close the vote early if all binding votes are
>>> accounted for prior to the 7 day limit.
>>>
>>> The vote is open for the next 7 days and only votes from the JSecurity
>>> development team are binding.
>>>
>>> [ ] +1 Change JSecurity's name
>>> [ ] -1 Do not change JSecurity's name
>>>
>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>
>>>> Given that it's a name you've been using for 4 years, and it's very
>>>> generic [jXxx being a common pattern in our space and Security being
>>>> very generic]; I'm inclined to keep the current name; though by the
>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't very good
>>>> branding.
>>>>
>>>> My tuppence of opinion.
>>>>
>>>> Hen
>>>>
>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org>
>>>> wrote:
>>>>>
>>>>> Hi ASF legal team,
>>>>>
>>>>> I'm writing this email in hopes of getting your feedback concerning a
>>>>> discussion we've been having on the JSecurity email list (an Incubator
>>>>> project).
>>>>>
>>>>> A few of our mentors have expressed concern that there might be a
>>>>> possible naming conflict with our project name (JSecurity) and some
>>>>> other references found through google and other search mechanisms.
>>>>>
>>>>> I'd like to point out that the JSecurity name, as an open source
>>>>> project identity has been around for almost 4 years now, with zero
>>>>> contact from any external entity claiming conflict with a proprietary
>>>>> name or product.  I know this isn't legal criteria for determining if
>>>>> there is a name conflict, but I surface it only to put some context of
>>>>> why the original JSecurity developers (and our well-established
>>>>> communities) think we should keep the JSecurity name.  There might be
>>>>> older references to this name, unrelated to our project, but we don't
>>>>> know for certain if they would constitute a risk in the name overlap.
>>>>>
>>>>> We'd like some feedback as to if the project name should be changed or
>>>>> not.
>>>>>
>>>>> Here is what one of our mentors summarized after doing some research:
>>>>>
>>>>> <snip>
>>>>> Now, looking a bit forward on google, here are some other references
>>>>> to JSecurity :
>>>>>
>>>>> http://jwicglobal.com/Knowledge.htm
>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>>> conduct a full information security risk assessment focusing on:"
>>>>>
>>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>>>>> Seems like they have a service called  J-Security. Be sure that
>>>>> Juniper has a legal service who might perfectly well send some nicely
>>>>> written "cease and desist" letter to the ASF about this name. Not sure
>>>>> that our legals want to deal with that ...
>>>>>
>>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>>>>
>>>>>
>>>>>
>>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>>
>>>>>
>>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
>>>>> This company has a product named JSecurity. Since when ?
>>>>>
>>>>> As much as I like the JSecurity name, I also think that we are un
>>>>> potential jeopardy if we don't change its name. That's the main issue
>>>>> we have : we can't afford any kind of legal action when we already
>>>>> know that there are company out there which already use this name.
>>>>>
>>>>> Anyway, I can be wrong, I'm just trying to gather as much information
>>>>> as possible. When you guys think you have set your mind about this
>>>>> name, you will have to go to legal@apache.org
>>>>> <ma...@apache.org> with the selected name (be it JSecurity or
>>>>> any other) to double check that it's ok or not (IFAIK). That is one of
>>>>> the condition to exit from the incubator :
>>>>> "Check of project name for trademark issues "
>>>>>
>>>>>
>>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>>
>>>>>
>>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>>>>>
>>>>> </snip>
>>>>>
>>>>> Thanks for your review and feedback!
>>>>>
>>>>> Best,
>>>>>
>>>>> Les
>>>>>
>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lh...@apache.org>
>>>>> wrote:
>>>>>>
>>>>>> Adam,
>>>>>>
>>>>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I love
>>>>>> to see people who aren't necessarily code contributors contribute to
>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>
>>>>>> I am in total agreement with your sentiments thus far.  It is my
>>>>>> opinion that the name we have is great as it is and I'd only like to
>>>>>> change the name if someone from legal puts pressure on us to do so.
>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post this to
>>>>>> legal in just a few minutes asking their feedback.  I'd like to hear
>>>>>> what they say regardless of what we end up doing - I'm genuinely
>>>>>> curious :)
>>>>>>
>>>>>> Thanks again very much for chiming in.  Its nice to see that you (and
>>>>>> others) are taking continued interest in the project.
>>>>>>
>>>>>> Best regards,
>>>>>>
>>>>>> Les
>>>>>>
>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I'm not really a contributor to the JSecurity project yet (though I
>>>>>>> hope to
>>>>>>> be in the future).  However, this thread has caught my attention, and
>>>>>>> so I
>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>
>>>>>>> I have an interest, call it a hobby, in name related issues for
>>>>>>> software
>>>>>>> projects, open source included.  So, though I don't speak from any
>>>>>>> official
>>>>>>> background (I guess beyond a little professional), I would like to
>>>>>>> point out
>>>>>>> a few things about the name Alcatraz.
>>>>>>>
>>>>>>> First, as I believe has been mentioned, the term Alcatraz has been
>>>>>>> associated with other software products already.  So, this is bad
>>>>>>> news
>>>>>>> with
>>>>>>> regards to trademark related issues.  Just because its a geographic
>>>>>>> location
>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely these other
>>>>>>> software products are going to have problems with any related use of
>>>>>>> the
>>>>>>> term Alcatraz.
>>>>>>>
>>>>>>> Second, the connotation for JSecurity implies that the product is
>>>>>>> used
>>>>>>> to
>>>>>>> keep people out of the protected system.  This is what the term
>>>>>>> "security"
>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep
>>>>>>> people
>>>>>>> out,
>>>>>>> it was meant to keep people in.  The use is only quasi-related, and
>>>>>>> even
>>>>>>> confusing, for a product with your feature set.  Alcatraz software
>>>>>>> would be
>>>>>>> a better name for a product which keeps workstation/network users
>>>>>>> constrained in their internet use, like a firewall, or a web proxy,
>>>>>>> for
>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>
>>>>>>> Don't underestimate the importance of this point.  The name of a
>>>>>>> software
>>>>>>> should ideally be somewhat self describing, especially when starting
>>>>>>> out.
>>>>>>> Until the name becomes a core brand, having a self describing name
>>>>>>> can
>>>>>>> make
>>>>>>> a big difference.
>>>>>>>
>>>>>>> Third, I don't think you can underestimate how important it is that
>>>>>>> people
>>>>>>> can search the name of your product and find it through Google (and
>>>>>>> friends).  Clearly the term Alcatraz has a huge number of unrelated
>>>>>>> hits,
>>>>>>> and you would clearly be lost any search engine placement with the
>>>>>>> name.
>>>>>>> Much better to have a name for your software that is the only known
>>>>>>> reference so that people can easily find you after having hear the
>>>>>>> name.
>>>>>>> This is why so many companies go crazy and conjure completely strange
>>>>>>> and
>>>>>>> nonsensical product names.
>>>>>>>
>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which again
>>>>>>> becomes problematic for the above search recognition reasons.
>>>>>>> Alkitraz?
>>>>>>> Some people simply won't know how to spell it immediately (though
>>>>>>> this
>>>>>>> is a
>>>>>>> minor point, admittedly).
>>>>>>>
>>>>>>> Fifth, it seems like you're making preparations for something that
>>>>>>> you
>>>>>>> don't
>>>>>>> even know to be a problem.  Yes, the Apache legal team should be
>>>>>>> consulted.
>>>>>>> However, it seems like jumping the gun to just start changing package
>>>>>>> names
>>>>>>> with anticipation of a name change.  You would be crazy to start
>>>>>>> renaming
>>>>>>> packages based on some unknown possibility that it has to happen in
>>>>>>> the
>>>>>>> future.  What value does this add to the software?
>>>>>>>
>>>>>>> Following the sigma-six and/or extreme programming world view, you
>>>>>>> shouldn't
>>>>>>> be making any change to your software until the change is actually
>>>>>>> required
>>>>>>> and value is added.  Do you have a pending lawsuit?  Has the Apache
>>>>>>> council
>>>>>>> suggested the change?  Are you being blocked by the incubation
>>>>>>> process?
>>>>>>> Why
>>>>>>> even consider a change until it needs to be done.  Energy could be
>>>>>>> better
>>>>>>> spent on other matters.
>>>>>>>
>>>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But,
>>>>>>> that's
>>>>>>> only a very small part of the bigger issue.  Disruption, confusion,
>>>>>>> support,
>>>>>>> search engine optimization, etc. are what needs to be thought about
>>>>>>> when
>>>>>>> changing the name.
>>>>>>>
>>>>>>> Further, what if you decide to change the name to Alcatraz, and then
>>>>>>> get
>>>>>>> pressure from another software group?  Ouch, time to rename the
>>>>>>> project
>>>>>>> yet
>>>>>>> again.
>>>>>>>
>>>>>>> I think you all are better just letting this thing ride until
>>>>>>> something
>>>>>>> real
>>>>>>> convicting suggests you need a change.  JSecurity is a great product
>>>>>>> name
>>>>>>> which you should stick with until otherwise needed.  And, if that day
>>>>>>> comes,
>>>>>>> Alcatraz is just simply the wrong name, in my humble opinion, for all
>>>>>>> the
>>>>>>> reasons mentioned above.
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>>> Adam
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>
>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>
>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>
>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>
>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>
>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names we
>>>>>>>>>>>>> have googled
>>>>>>>>>>>>> too.
>>>>>>>>>>>>
>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
>>>>>>>>>>>> googled
>>>>>>>>>>>> names.  Could you please forward them on so I can post them to
>>>>>>>>>>>> the
>>>>>>>>>>>> legal team?
>>>>>>>>>>>
>>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the
>>>>>>>>>>> clear
>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0
>>>>>>>>>>> packages
>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the
>>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>>
>>>>>>>>>> Well, I think then it's better to stick with JSecurity (because
>>>>>>>>>> it's
>>>>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>>>>>> needed (or any other name).
>>>>>>>>>>
>>>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name
>>>>>>>>>> (with all the infos we have already found about it), and also ask
>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add
>>>>>>>>>> some
>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>> geographical
>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>
>>>>>>>>> Legal is not a clearing house for project names.  They can only
>>>>>>>>> give
>>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far as
>>>>>>>>> I
>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>
>>>>>>>>> What I'm worried about is that the vetting effort for the JSecurity
>>>>>>>>> name will have the same track record as the v0.9 release.  If we
>>>>>>>>> start
>>>>>>>>> with alcatraz then we have one less thing impeding our incubation
>>>>>>>>> process.
>>>>>>>>
>>>>>>>> Let's start with Alcratraz then, and we have quit some time to do
>>>>>>>> some
>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>> incubator).
>>>>>>>>
>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> --
>>>>>>>> cordialement, regards,
>>>>>>>> Emmanuel Lécharny
>>>>>>>> www.iktek.com
>>>>>>>> directory.apache.org
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> View this message in context:
>>>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>> Sent from the JSecurity Developer mailing list archive at Nabble.com.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> DISCLAIMER: Discussions on this list are informational and educational
>>>> only.  Statements made on this list are not privileged, do not
>>>> constitute legal advice, and do not necessarily reflect the opinions
>>>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
>>>> official ASF policies and documents.
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>
>>> Craig L Russell
>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>> P.S. A good JDO? O, Gasp!
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>
> Craig L Russell
> Architect, Sun Java Enterprise System http://db.apache.org/jdo
> 408 276-5638 mailto:Craig.Russell@sun.com
> P.S. A good JDO? O, Gasp!
>
>

Re: [VOTE] Change JSecurity's Name

[Craig L Russell <Cr...@Sun.COM>]

any more...

ok, former board member. ;-)

Craig

On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:

> I'm not a board member. :)
>
> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
> > wrote:
>> -1 Do not change JSecurity's name
>>
>> We had the discussion in early December on the legal mailing list  
>> and no
>> issues were raised contrary to Henri's comments. Henri is the only  
>> board
>> member who commented on the JSecurity name during the discussion.
>>
>> We will have at least three more votes where additional issues  
>> regarding the
>> name can be brought up:
>>
>> 1. The first release of JSecurity code from the incubator.
>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>> 3. The acceptance of JSecurity by the Apache board after the  
>> incubator
>> votes.
>>
>> Craig
>>
>>
>> Dear JSecurity Team,
>>
>> There has been lengthy debate without consensus as to whether or  
>> JSecurity's
>> name should be changed to something else.  So, there is need for a  
>> vote.
>>
>> Please vote on changing JSecurity's name to something else.  This  
>> is ONLY a
>> vote of if we should change the name, NOT what any alternate name  
>> might be.
>> I'd like to leave this vote open for 7 days instead of the usual 3 to
>> account for time that people may not be able to respond due to the
>> holidays.  Of course we can close the vote early if all binding  
>> votes are
>> accounted for prior to the 7 day limit.
>>
>> The vote is open for the next 7 days and only votes from the  
>> JSecurity
>> development team are binding.
>>
>> [ ] +1 Change JSecurity's name
>> [ ] -1 Do not change JSecurity's name
>>
>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>
>>> Given that it's a name you've been using for 4 years, and it's very
>>> generic [jXxx being a common pattern in our space and Security being
>>> very generic]; I'm inclined to keep the current name; though by the
>>> same reasoning, it's a weak name as "Apache JSecurity" isn't very  
>>> good
>>> branding.
>>>
>>> My tuppence of opinion.
>>>
>>> Hen
>>>
>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood  
>>> <lh...@apache.org>
>>> wrote:
>>>>
>>>> Hi ASF legal team,
>>>>
>>>> I'm writing this email in hopes of getting your feedback  
>>>> concerning a
>>>> discussion we've been having on the JSecurity email list (an  
>>>> Incubator
>>>> project).
>>>>
>>>> A few of our mentors have expressed concern that there might be a
>>>> possible naming conflict with our project name (JSecurity) and some
>>>> other references found through google and other search mechanisms.
>>>>
>>>> I'd like to point out that the JSecurity name, as an open source
>>>> project identity has been around for almost 4 years now, with zero
>>>> contact from any external entity claiming conflict with a  
>>>> proprietary
>>>> name or product.  I know this isn't legal criteria for  
>>>> determining if
>>>> there is a name conflict, but I surface it only to put some  
>>>> context of
>>>> why the original JSecurity developers (and our well-established
>>>> communities) think we should keep the JSecurity name.  There  
>>>> might be
>>>> older references to this name, unrelated to our project, but we  
>>>> don't
>>>> know for certain if they would constitute a risk in the name  
>>>> overlap.
>>>>
>>>> We'd like some feedback as to if the project name should be  
>>>> changed or
>>>> not.
>>>>
>>>> Here is what one of our mentors summarized after doing some  
>>>> research:
>>>>
>>>> <snip>
>>>> Now, looking a bit forward on google, here are some other  
>>>> references
>>>> to JSecurity :
>>>>
>>>> http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm 
>>>> >
>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>> conduct a full information security risk assessment focusing on:"
>>>>
>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>>>> Seems like they have a service called  J-Security. Be sure that
>>>> Juniper has a legal service who might perfectly well send some  
>>>> nicely
>>>> written "cease and desist" letter to the ASF about this name. Not  
>>>> sure
>>>> that our legals want to deal with that ...
>>>>
>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>> >
>>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>>>
>>>>
>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>
>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>> >
>>>> This company has a product named JSecurity. Since when ?
>>>>
>>>> As much as I like the JSecurity name, I also think that we are un
>>>> potential jeopardy if we don't change its name. That's the main  
>>>> issue
>>>> we have : we can't afford any kind of legal action when we already
>>>> know that there are company out there which already use this name.
>>>>
>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>> information
>>>> as possible. When you guys think you have set your mind about this
>>>> name, you will have to go to legal@apache.org
>>>> <ma...@apache.org> with the selected name (be it JSecurity  
>>>> or
>>>> any other) to double check that it's ok or not (IFAIK). That is  
>>>> one of
>>>> the condition to exit from the incubator :
>>>> "Check of project name for trademark issues "
>>>>
>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>
>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>> >).
>>>>
>>>> </snip>
>>>>
>>>> Thanks for your review and feedback!
>>>>
>>>> Best,
>>>>
>>>> Les
>>>>
>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>> >
>>>> wrote:
>>>>>
>>>>> Adam,
>>>>>
>>>>> Thanks _very_ much for such a detailed and thoughtful opinion.   
>>>>> I love
>>>>> to see people who aren't necessarily code contributors  
>>>>> contribute to
>>>>> the project in other ways.  This is very valuable to us.
>>>>>
>>>>> I am in total agreement with your sentiments thus far.  It is my
>>>>> opinion that the name we have is great as it is and I'd only  
>>>>> like to
>>>>> change the name if someone from legal puts pressure on us to do  
>>>>> so.
>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post  
>>>>> this to
>>>>> legal in just a few minutes asking their feedback.  I'd like to  
>>>>> hear
>>>>> what they say regardless of what we end up doing - I'm genuinely
>>>>> curious :)
>>>>>
>>>>> Thanks again very much for chiming in.  Its nice to see that you  
>>>>> (and
>>>>> others) are taking continued interest in the project.
>>>>>
>>>>> Best regards,
>>>>>
>>>>> Les
>>>>>
>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com>  
>>>>> wrote:
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>> (though I
>>>>>> hope to
>>>>>> be in the future).  However, this thread has caught my  
>>>>>> attention, and
>>>>>> so I
>>>>>> thought I'd give a couple of thoughts.
>>>>>>
>>>>>> I have an interest, call it a hobby, in name related issues for
>>>>>> software
>>>>>> projects, open source included.  So, though I don't speak from  
>>>>>> any
>>>>>> official
>>>>>> background (I guess beyond a little professional), I would like  
>>>>>> to
>>>>>> point out
>>>>>> a few things about the name Alcatraz.
>>>>>>
>>>>>> First, as I believe has been mentioned, the term Alcatraz has  
>>>>>> been
>>>>>> associated with other software products already.  So, this is  
>>>>>> bad news
>>>>>> with
>>>>>> regards to trademark related issues.  Just because its a  
>>>>>> geographic
>>>>>> location
>>>>>> doesn't mean that it can't be trademarked.  Thus, likely these  
>>>>>> other
>>>>>> software products are going to have problems with any related  
>>>>>> use of
>>>>>> the
>>>>>> term Alcatraz.
>>>>>>
>>>>>> Second, the connotation for JSecurity implies that the product  
>>>>>> is used
>>>>>> to
>>>>>> keep people out of the protected system.  This is what the term
>>>>>> "security"
>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to  
>>>>>> keep people
>>>>>> out,
>>>>>> it was meant to keep people in.  The use is only quasi-related,  
>>>>>> and
>>>>>> even
>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>> software
>>>>>> would be
>>>>>> a better name for a product which keeps workstation/network users
>>>>>> constrained in their internet use, like a firewall, or a web  
>>>>>> proxy, for
>>>>>> example.  Or a child internet monitoring product.
>>>>>>
>>>>>> Don't underestimate the importance of this point.  The name of a
>>>>>> software
>>>>>> should ideally be somewhat self describing, especially when  
>>>>>> starting
>>>>>> out.
>>>>>> Until the name becomes a core brand, having a self describing  
>>>>>> name can
>>>>>> make
>>>>>> a big difference.
>>>>>>
>>>>>> Third, I don't think you can underestimate how important it is  
>>>>>> that
>>>>>> people
>>>>>> can search the name of your product and find it through Google  
>>>>>> (and
>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>> unrelated
>>>>>> hits,
>>>>>> and you would clearly be lost any search engine placement with  
>>>>>> the
>>>>>> name.
>>>>>> Much better to have a name for your software that is the only  
>>>>>> known
>>>>>> reference so that people can easily find you after having hear  
>>>>>> the
>>>>>> name.
>>>>>> This is why so many companies go crazy and conjure completely  
>>>>>> strange
>>>>>> and
>>>>>> nonsensical product names.
>>>>>>
>>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which  
>>>>>> again
>>>>>> becomes problematic for the above search recognition reasons.
>>>>>> Alkitraz?
>>>>>> Some people simply won't know how to spell it immediately  
>>>>>> (though this
>>>>>> is a
>>>>>> minor point, admittedly).
>>>>>>
>>>>>> Fifth, it seems like you're making preparations for something  
>>>>>> that you
>>>>>> don't
>>>>>> even know to be a problem.  Yes, the Apache legal team should be
>>>>>> consulted.
>>>>>> However, it seems like jumping the gun to just start changing  
>>>>>> package
>>>>>> names
>>>>>> with anticipation of a name change.  You would be crazy to start
>>>>>> renaming
>>>>>> packages based on some unknown possibility that it has to  
>>>>>> happen in the
>>>>>> future.  What value does this add to the software?
>>>>>>
>>>>>> Following the sigma-six and/or extreme programming world view,  
>>>>>> you
>>>>>> shouldn't
>>>>>> be making any change to your software until the change is  
>>>>>> actually
>>>>>> required
>>>>>> and value is added.  Do you have a pending lawsuit?  Has the  
>>>>>> Apache
>>>>>> council
>>>>>> suggested the change?  Are you being blocked by the incubation  
>>>>>> process?
>>>>>> Why
>>>>>> even consider a change until it needs to be done.  Energy could  
>>>>>> be
>>>>>> better
>>>>>> spent on other matters.
>>>>>>
>>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.   
>>>>>> But,
>>>>>> that's
>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>> confusion,
>>>>>> support,
>>>>>> search engine optimization, etc. are what needs to be thought  
>>>>>> about
>>>>>> when
>>>>>> changing the name.
>>>>>>
>>>>>> Further, what if you decide to change the name to Alcatraz, and  
>>>>>> then
>>>>>> get
>>>>>> pressure from another software group?  Ouch, time to rename the  
>>>>>> project
>>>>>> yet
>>>>>> again.
>>>>>>
>>>>>> I think you all are better just letting this thing ride until  
>>>>>> something
>>>>>> real
>>>>>> convicting suggests you need a change.  JSecurity is a great  
>>>>>> product
>>>>>> name
>>>>>> which you should stick with until otherwise needed.  And, if  
>>>>>> that day
>>>>>> comes,
>>>>>> Alcatraz is just simply the wrong name, in my humble opinion,  
>>>>>> for all
>>>>>> the
>>>>>> reasons mentioned above.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Adam
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Emmanuel Lecharny wrote:
>>>>>>>
>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>
>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>
>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>
>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>
>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the  
>>>>>>>>>>>> names we
>>>>>>>>>>>> have googled
>>>>>>>>>>>> too.
>>>>>>>>>>>
>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
>>>>>>>>>>> googled
>>>>>>>>>>> names.  Could you please forward them on so I can post  
>>>>>>>>>>> them to the
>>>>>>>>>>> legal team?
>>>>>>>>>>
>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is  
>>>>>>>>>> the
>>>>>>>>>> clear
>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0  
>>>>>>>>>> packages
>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal  
>>>>>>>>>> and the
>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>
>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>> (because it's
>>>>>>>>> already the name we use), ask to Legal, and move to alcatraz  
>>>>>>>>> if
>>>>>>>>> needed (or any other name).
>>>>>>>>>
>>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity  
>>>>>>>>> name
>>>>>>>>> (with all the infos we have already found about it), and  
>>>>>>>>> also ask
>>>>>>>>> them in the same mail if Alcatraz is ok or not (same here :  
>>>>>>>>> add some
>>>>>>>>> more infos related to this name, assuming that being a  
>>>>>>>>> geographical
>>>>>>>>> location, it should not be such a problem).
>>>>>>>>
>>>>>>>> Legal is not a clearing house for project names.  They can  
>>>>>>>> only give
>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So  
>>>>>>>> far as I
>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>
>>>>>>>> What I'm worried about is that the vetting effort for the  
>>>>>>>> JSecurity
>>>>>>>> name will have the same track record as the v0.9 release.  If  
>>>>>>>> we
>>>>>>>> start
>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>> incubation
>>>>>>>> process.
>>>>>>>
>>>>>>> Let's start with Alcratraz then, and we have quit some time to  
>>>>>>> do some
>>>>>>> vetting before 1.0 (hopefully when the project exits from  
>>>>>>> incubator).
>>>>>>>
>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> --
>>>>>>> cordialement, regards,
>>>>>>> Emmanuel Lécharny
>>>>>>> www.iktek.com
>>>>>>> directory.apache.org
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> View this message in context:
>>>>>> http://n2.nabble.com/JSecurity%27s-new-name- 
>>>>>> tp1569003p1601248.html
>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>> Nabble.com.
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> DISCLAIMER: Discussions on this list are informational and  
>>> educational
>>> only.  Statements made on this list are not privileged, do not
>>> constitute legal advice, and do not necessarily reflect the opinions
>>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
>>> official ASF policies and documents.
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>
>> Craig L Russell
>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>> 408 276-5638 mailto:Craig.Russell@sun.com
>> P.S. A good JDO? O, Gasp!
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>

Craig L Russell
Architect, Sun Java Enterprise System http://db.apache.org/jdo
408 276-5638 mailto:Craig.Russell@sun.com
P.S. A good JDO? O, Gasp!

Re: [VOTE] Change JSecurity's Name

[Craig L Russell <Cr...@Sun.COM>]

any more...

ok, former board member. ;-)

Craig

On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:

> I'm not a board member. :)
>
> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Craig.Russell@sun.com 
> > wrote:
>> -1 Do not change JSecurity's name
>>
>> We had the discussion in early December on the legal mailing list  
>> and no
>> issues were raised contrary to Henri's comments. Henri is the only  
>> board
>> member who commented on the JSecurity name during the discussion.
>>
>> We will have at least three more votes where additional issues  
>> regarding the
>> name can be brought up:
>>
>> 1. The first release of JSecurity code from the incubator.
>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>> 3. The acceptance of JSecurity by the Apache board after the  
>> incubator
>> votes.
>>
>> Craig
>>
>>
>> Dear JSecurity Team,
>>
>> There has been lengthy debate without consensus as to whether or  
>> JSecurity's
>> name should be changed to something else.  So, there is need for a  
>> vote.
>>
>> Please vote on changing JSecurity's name to something else.  This  
>> is ONLY a
>> vote of if we should change the name, NOT what any alternate name  
>> might be.
>> I'd like to leave this vote open for 7 days instead of the usual 3 to
>> account for time that people may not be able to respond due to the
>> holidays.  Of course we can close the vote early if all binding  
>> votes are
>> accounted for prior to the 7 day limit.
>>
>> The vote is open for the next 7 days and only votes from the  
>> JSecurity
>> development team are binding.
>>
>> [ ] +1 Change JSecurity's name
>> [ ] -1 Do not change JSecurity's name
>>
>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>
>>> Given that it's a name you've been using for 4 years, and it's very
>>> generic [jXxx being a common pattern in our space and Security being
>>> very generic]; I'm inclined to keep the current name; though by the
>>> same reasoning, it's a weak name as "Apache JSecurity" isn't very  
>>> good
>>> branding.
>>>
>>> My tuppence of opinion.
>>>
>>> Hen
>>>
>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood  
>>> <lh...@apache.org>
>>> wrote:
>>>>
>>>> Hi ASF legal team,
>>>>
>>>> I'm writing this email in hopes of getting your feedback  
>>>> concerning a
>>>> discussion we've been having on the JSecurity email list (an  
>>>> Incubator
>>>> project).
>>>>
>>>> A few of our mentors have expressed concern that there might be a
>>>> possible naming conflict with our project name (JSecurity) and some
>>>> other references found through google and other search mechanisms.
>>>>
>>>> I'd like to point out that the JSecurity name, as an open source
>>>> project identity has been around for almost 4 years now, with zero
>>>> contact from any external entity claiming conflict with a  
>>>> proprietary
>>>> name or product.  I know this isn't legal criteria for  
>>>> determining if
>>>> there is a name conflict, but I surface it only to put some  
>>>> context of
>>>> why the original JSecurity developers (and our well-established
>>>> communities) think we should keep the JSecurity name.  There  
>>>> might be
>>>> older references to this name, unrelated to our project, but we  
>>>> don't
>>>> know for certain if they would constitute a risk in the name  
>>>> overlap.
>>>>
>>>> We'd like some feedback as to if the project name should be  
>>>> changed or
>>>> not.
>>>>
>>>> Here is what one of our mentors summarized after doing some  
>>>> research:
>>>>
>>>> <snip>
>>>> Now, looking a bit forward on google, here are some other  
>>>> references
>>>> to JSecurity :
>>>>
>>>> http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm 
>>>> >
>>>> "WIC GLOBAL has developed a comprehensive Information Security
>>>> Assessment service called JSecurity. Our JSecurity experts will
>>>> conduct a full information security risk assessment focusing on:"
>>>>
>>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>>>> Seems like they have a service called  J-Security. Be sure that
>>>> Juniper has a legal service who might perfectly well send some  
>>>> nicely
>>>> written "cease and desist" letter to the ASF about this name. Not  
>>>> sure
>>>> that our legals want to deal with that ...
>>>>
>>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx 
>>>> >
>>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>>>
>>>>
>>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>>
>>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>>>> >
>>>> This company has a product named JSecurity. Since when ?
>>>>
>>>> As much as I like the JSecurity name, I also think that we are un
>>>> potential jeopardy if we don't change its name. That's the main  
>>>> issue
>>>> we have : we can't afford any kind of legal action when we already
>>>> know that there are company out there which already use this name.
>>>>
>>>> Anyway, I can be wrong, I'm just trying to gather as much  
>>>> information
>>>> as possible. When you guys think you have set your mind about this
>>>> name, you will have to go to legal@apache.org
>>>> <ma...@apache.org> with the selected name (be it JSecurity  
>>>> or
>>>> any other) to double check that it's ok or not (IFAIK). That is  
>>>> one of
>>>> the condition to exit from the incubator :
>>>> "Check of project name for trademark issues "
>>>>
>>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>>
>>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>>>> >).
>>>>
>>>> </snip>
>>>>
>>>> Thanks for your review and feedback!
>>>>
>>>> Best,
>>>>
>>>> Les
>>>>
>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlewood@apache.org 
>>>> >
>>>> wrote:
>>>>>
>>>>> Adam,
>>>>>
>>>>> Thanks _very_ much for such a detailed and thoughtful opinion.   
>>>>> I love
>>>>> to see people who aren't necessarily code contributors  
>>>>> contribute to
>>>>> the project in other ways.  This is very valuable to us.
>>>>>
>>>>> I am in total agreement with your sentiments thus far.  It is my
>>>>> opinion that the name we have is great as it is and I'd only  
>>>>> like to
>>>>> change the name if someone from legal puts pressure on us to do  
>>>>> so.
>>>>> IANAL, so I'd have to trust their judgment.  I'm going to post  
>>>>> this to
>>>>> legal in just a few minutes asking their feedback.  I'd like to  
>>>>> hear
>>>>> what they say regardless of what we end up doing - I'm genuinely
>>>>> curious :)
>>>>>
>>>>> Thanks again very much for chiming in.  Its nice to see that you  
>>>>> (and
>>>>> others) are taking continued interest in the project.
>>>>>
>>>>> Best regards,
>>>>>
>>>>> Les
>>>>>
>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com>  
>>>>> wrote:
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I'm not really a contributor to the JSecurity project yet  
>>>>>> (though I
>>>>>> hope to
>>>>>> be in the future).  However, this thread has caught my  
>>>>>> attention, and
>>>>>> so I
>>>>>> thought I'd give a couple of thoughts.
>>>>>>
>>>>>> I have an interest, call it a hobby, in name related issues for
>>>>>> software
>>>>>> projects, open source included.  So, though I don't speak from  
>>>>>> any
>>>>>> official
>>>>>> background (I guess beyond a little professional), I would like  
>>>>>> to
>>>>>> point out
>>>>>> a few things about the name Alcatraz.
>>>>>>
>>>>>> First, as I believe has been mentioned, the term Alcatraz has  
>>>>>> been
>>>>>> associated with other software products already.  So, this is  
>>>>>> bad news
>>>>>> with
>>>>>> regards to trademark related issues.  Just because its a  
>>>>>> geographic
>>>>>> location
>>>>>> doesn't mean that it can't be trademarked.  Thus, likely these  
>>>>>> other
>>>>>> software products are going to have problems with any related  
>>>>>> use of
>>>>>> the
>>>>>> term Alcatraz.
>>>>>>
>>>>>> Second, the connotation for JSecurity implies that the product  
>>>>>> is used
>>>>>> to
>>>>>> keep people out of the protected system.  This is what the term
>>>>>> "security"
>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to  
>>>>>> keep people
>>>>>> out,
>>>>>> it was meant to keep people in.  The use is only quasi-related,  
>>>>>> and
>>>>>> even
>>>>>> confusing, for a product with your feature set.  Alcatraz  
>>>>>> software
>>>>>> would be
>>>>>> a better name for a product which keeps workstation/network users
>>>>>> constrained in their internet use, like a firewall, or a web  
>>>>>> proxy, for
>>>>>> example.  Or a child internet monitoring product.
>>>>>>
>>>>>> Don't underestimate the importance of this point.  The name of a
>>>>>> software
>>>>>> should ideally be somewhat self describing, especially when  
>>>>>> starting
>>>>>> out.
>>>>>> Until the name becomes a core brand, having a self describing  
>>>>>> name can
>>>>>> make
>>>>>> a big difference.
>>>>>>
>>>>>> Third, I don't think you can underestimate how important it is  
>>>>>> that
>>>>>> people
>>>>>> can search the name of your product and find it through Google  
>>>>>> (and
>>>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>>>> unrelated
>>>>>> hits,
>>>>>> and you would clearly be lost any search engine placement with  
>>>>>> the
>>>>>> name.
>>>>>> Much better to have a name for your software that is the only  
>>>>>> known
>>>>>> reference so that people can easily find you after having hear  
>>>>>> the
>>>>>> name.
>>>>>> This is why so many companies go crazy and conjure completely  
>>>>>> strange
>>>>>> and
>>>>>> nonsensical product names.
>>>>>>
>>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which  
>>>>>> again
>>>>>> becomes problematic for the above search recognition reasons.
>>>>>> Alkitraz?
>>>>>> Some people simply won't know how to spell it immediately  
>>>>>> (though this
>>>>>> is a
>>>>>> minor point, admittedly).
>>>>>>
>>>>>> Fifth, it seems like you're making preparations for something  
>>>>>> that you
>>>>>> don't
>>>>>> even know to be a problem.  Yes, the Apache legal team should be
>>>>>> consulted.
>>>>>> However, it seems like jumping the gun to just start changing  
>>>>>> package
>>>>>> names
>>>>>> with anticipation of a name change.  You would be crazy to start
>>>>>> renaming
>>>>>> packages based on some unknown possibility that it has to  
>>>>>> happen in the
>>>>>> future.  What value does this add to the software?
>>>>>>
>>>>>> Following the sigma-six and/or extreme programming world view,  
>>>>>> you
>>>>>> shouldn't
>>>>>> be making any change to your software until the change is  
>>>>>> actually
>>>>>> required
>>>>>> and value is added.  Do you have a pending lawsuit?  Has the  
>>>>>> Apache
>>>>>> council
>>>>>> suggested the change?  Are you being blocked by the incubation  
>>>>>> process?
>>>>>> Why
>>>>>> even consider a change until it needs to be done.  Energy could  
>>>>>> be
>>>>>> better
>>>>>> spent on other matters.
>>>>>>
>>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.   
>>>>>> But,
>>>>>> that's
>>>>>> only a very small part of the bigger issue.  Disruption,  
>>>>>> confusion,
>>>>>> support,
>>>>>> search engine optimization, etc. are what needs to be thought  
>>>>>> about
>>>>>> when
>>>>>> changing the name.
>>>>>>
>>>>>> Further, what if you decide to change the name to Alcatraz, and  
>>>>>> then
>>>>>> get
>>>>>> pressure from another software group?  Ouch, time to rename the  
>>>>>> project
>>>>>> yet
>>>>>> again.
>>>>>>
>>>>>> I think you all are better just letting this thing ride until  
>>>>>> something
>>>>>> real
>>>>>> convicting suggests you need a change.  JSecurity is a great  
>>>>>> product
>>>>>> name
>>>>>> which you should stick with until otherwise needed.  And, if  
>>>>>> that day
>>>>>> comes,
>>>>>> Alcatraz is just simply the wrong name, in my humble opinion,  
>>>>>> for all
>>>>>> the
>>>>>> reasons mentioned above.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Adam
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Emmanuel Lecharny wrote:
>>>>>>>
>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>
>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>
>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>
>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>
>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the  
>>>>>>>>>>>> names we
>>>>>>>>>>>> have googled
>>>>>>>>>>>> too.
>>>>>>>>>>>
>>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
>>>>>>>>>>> googled
>>>>>>>>>>> names.  Could you please forward them on so I can post  
>>>>>>>>>>> them to the
>>>>>>>>>>> legal team?
>>>>>>>>>>
>>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is  
>>>>>>>>>> the
>>>>>>>>>> clear
>>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0  
>>>>>>>>>> packages
>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal  
>>>>>>>>>> and the
>>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>>
>>>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>>>> (because it's
>>>>>>>>> already the name we use), ask to Legal, and move to alcatraz  
>>>>>>>>> if
>>>>>>>>> needed (or any other name).
>>>>>>>>>
>>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity  
>>>>>>>>> name
>>>>>>>>> (with all the infos we have already found about it), and  
>>>>>>>>> also ask
>>>>>>>>> them in the same mail if Alcatraz is ok or not (same here :  
>>>>>>>>> add some
>>>>>>>>> more infos related to this name, assuming that being a  
>>>>>>>>> geographical
>>>>>>>>> location, it should not be such a problem).
>>>>>>>>
>>>>>>>> Legal is not a clearing house for project names.  They can  
>>>>>>>> only give
>>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So  
>>>>>>>> far as I
>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>
>>>>>>>> What I'm worried about is that the vetting effort for the  
>>>>>>>> JSecurity
>>>>>>>> name will have the same track record as the v0.9 release.  If  
>>>>>>>> we
>>>>>>>> start
>>>>>>>> with alcatraz then we have one less thing impeding our  
>>>>>>>> incubation
>>>>>>>> process.
>>>>>>>
>>>>>>> Let's start with Alcratraz then, and we have quit some time to  
>>>>>>> do some
>>>>>>> vetting before 1.0 (hopefully when the project exits from  
>>>>>>> incubator).
>>>>>>>
>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> --
>>>>>>> cordialement, regards,
>>>>>>> Emmanuel Lécharny
>>>>>>> www.iktek.com
>>>>>>> directory.apache.org
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> View this message in context:
>>>>>> http://n2.nabble.com/JSecurity%27s-new-name- 
>>>>>> tp1569003p1601248.html
>>>>>> Sent from the JSecurity Developer mailing list archive at  
>>>>>> Nabble.com.
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> DISCLAIMER: Discussions on this list are informational and  
>>> educational
>>> only.  Statements made on this list are not privileged, do not
>>> constitute legal advice, and do not necessarily reflect the opinions
>>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
>>> official ASF policies and documents.
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>
>>
>> Craig L Russell
>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>> 408 276-5638 mailto:Craig.Russell@sun.com
>> P.S. A good JDO? O, Gasp!
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>

Craig L Russell
Architect, Sun Java Enterprise System http://db.apache.org/jdo
408 276-5638 mailto:Craig.Russell@sun.com
P.S. A good JDO? O, Gasp!


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

[Henri Yandell <hy...@gmail.com>]

I'm not a board member. :)

On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Cr...@sun.com> wrote:
> -1 Do not change JSecurity's name
>
> We had the discussion in early December on the legal mailing list and no
> issues were raised contrary to Henri's comments. Henri is the only board
> member who commented on the JSecurity name during the discussion.
>
> We will have at least three more votes where additional issues regarding the
> name can be brought up:
>
> 1. The first release of JSecurity code from the incubator.
> 2. The graduation vote of JSecurity taken by the incubator PMC.
> 3. The acceptance of JSecurity by the Apache board after the incubator
> votes.
>
> Craig
>
>
> Dear JSecurity Team,
>
> There has been lengthy debate without consensus as to whether or JSecurity's
> name should be changed to something else.  So, there is need for a vote.
>
> Please vote on changing JSecurity's name to something else.  This is ONLY a
> vote of if we should change the name, NOT what any alternate name might be.
> I'd like to leave this vote open for 7 days instead of the usual 3 to
> account for time that people may not be able to respond due to the
> holidays.  Of course we can close the vote early if all binding votes are
> accounted for prior to the 7 day limit.
>
> The vote is open for the next 7 days and only votes from the JSecurity
> development team are binding.
>
> [ ] +1 Change JSecurity's name
> [ ] -1 Do not change JSecurity's name
>
> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>
>> Given that it's a name you've been using for 4 years, and it's very
>> generic [jXxx being a common pattern in our space and Security being
>> very generic]; I'm inclined to keep the current name; though by the
>> same reasoning, it's a weak name as "Apache JSecurity" isn't very good
>> branding.
>>
>> My tuppence of opinion.
>>
>> Hen
>>
>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org>
>> wrote:
>>>
>>> Hi ASF legal team,
>>>
>>> I'm writing this email in hopes of getting your feedback concerning a
>>> discussion we've been having on the JSecurity email list (an Incubator
>>> project).
>>>
>>> A few of our mentors have expressed concern that there might be a
>>> possible naming conflict with our project name (JSecurity) and some
>>> other references found through google and other search mechanisms.
>>>
>>> I'd like to point out that the JSecurity name, as an open source
>>> project identity has been around for almost 4 years now, with zero
>>> contact from any external entity claiming conflict with a proprietary
>>> name or product.  I know this isn't legal criteria for determining if
>>> there is a name conflict, but I surface it only to put some context of
>>> why the original JSecurity developers (and our well-established
>>> communities) think we should keep the JSecurity name.  There might be
>>> older references to this name, unrelated to our project, but we don't
>>> know for certain if they would constitute a risk in the name overlap.
>>>
>>> We'd like some feedback as to if the project name should be changed or
>>> not.
>>>
>>> Here is what one of our mentors summarized after doing some research:
>>>
>>> <snip>
>>> Now, looking a bit forward on google, here are some other references
>>> to JSecurity :
>>>
>>> http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm>
>>> "WIC GLOBAL has developed a comprehensive Information Security
>>> Assessment service called JSecurity. Our JSecurity experts will
>>> conduct a full information security risk assessment focusing on:"
>>>
>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>>> Seems like they have a service called  J-Security. Be sure that
>>> Juniper has a legal service who might perfectly well send some nicely
>>> written "cease and desist" letter to the ASF about this name. Not sure
>>> that our legals want to deal with that ...
>>>
>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>>
>>>
>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>
>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
>>> This company has a product named JSecurity. Since when ?
>>>
>>> As much as I like the JSecurity name, I also think that we are un
>>> potential jeopardy if we don't change its name. That's the main issue
>>> we have : we can't afford any kind of legal action when we already
>>> know that there are company out there which already use this name.
>>>
>>> Anyway, I can be wrong, I'm just trying to gather as much information
>>> as possible. When you guys think you have set your mind about this
>>> name, you will have to go to legal@apache.org
>>> <ma...@apache.org> with the selected name (be it JSecurity or
>>> any other) to double check that it's ok or not (IFAIK). That is one of
>>> the condition to exit from the incubator :
>>> "Check of project name for trademark issues "
>>>
>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>
>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>>>
>>> </snip>
>>>
>>> Thanks for your review and feedback!
>>>
>>> Best,
>>>
>>> Les
>>>
>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lh...@apache.org>
>>> wrote:
>>>>
>>>> Adam,
>>>>
>>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I love
>>>> to see people who aren't necessarily code contributors contribute to
>>>> the project in other ways.  This is very valuable to us.
>>>>
>>>> I am in total agreement with your sentiments thus far.  It is my
>>>> opinion that the name we have is great as it is and I'd only like to
>>>> change the name if someone from legal puts pressure on us to do so.
>>>> IANAL, so I'd have to trust their judgment.  I'm going to post this to
>>>> legal in just a few minutes asking their feedback.  I'd like to hear
>>>> what they say regardless of what we end up doing - I'm genuinely
>>>> curious :)
>>>>
>>>> Thanks again very much for chiming in.  Its nice to see that you (and
>>>> others) are taking continued interest in the project.
>>>>
>>>> Best regards,
>>>>
>>>> Les
>>>>
>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>>>
>>>>> Hi,
>>>>>
>>>>> I'm not really a contributor to the JSecurity project yet (though I
>>>>> hope to
>>>>> be in the future).  However, this thread has caught my attention, and
>>>>> so I
>>>>> thought I'd give a couple of thoughts.
>>>>>
>>>>> I have an interest, call it a hobby, in name related issues for
>>>>> software
>>>>> projects, open source included.  So, though I don't speak from any
>>>>> official
>>>>> background (I guess beyond a little professional), I would like to
>>>>> point out
>>>>> a few things about the name Alcatraz.
>>>>>
>>>>> First, as I believe has been mentioned, the term Alcatraz has been
>>>>> associated with other software products already.  So, this is bad news
>>>>> with
>>>>> regards to trademark related issues.  Just because its a geographic
>>>>> location
>>>>> doesn't mean that it can't be trademarked.  Thus, likely these other
>>>>> software products are going to have problems with any related use of
>>>>> the
>>>>> term Alcatraz.
>>>>>
>>>>> Second, the connotation for JSecurity implies that the product is used
>>>>> to
>>>>> keep people out of the protected system.  This is what the term
>>>>> "security"
>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep people
>>>>> out,
>>>>> it was meant to keep people in.  The use is only quasi-related, and
>>>>> even
>>>>> confusing, for a product with your feature set.  Alcatraz software
>>>>> would be
>>>>> a better name for a product which keeps workstation/network users
>>>>> constrained in their internet use, like a firewall, or a web proxy, for
>>>>> example.  Or a child internet monitoring product.
>>>>>
>>>>> Don't underestimate the importance of this point.  The name of a
>>>>> software
>>>>> should ideally be somewhat self describing, especially when starting
>>>>> out.
>>>>> Until the name becomes a core brand, having a self describing name can
>>>>> make
>>>>> a big difference.
>>>>>
>>>>> Third, I don't think you can underestimate how important it is that
>>>>> people
>>>>> can search the name of your product and find it through Google (and
>>>>> friends).  Clearly the term Alcatraz has a huge number of unrelated
>>>>> hits,
>>>>> and you would clearly be lost any search engine placement with the
>>>>> name.
>>>>> Much better to have a name for your software that is the only known
>>>>> reference so that people can easily find you after having hear the
>>>>> name.
>>>>> This is why so many companies go crazy and conjure completely strange
>>>>> and
>>>>> nonsensical product names.
>>>>>
>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which again
>>>>> becomes problematic for the above search recognition reasons.
>>>>>  Alkitraz?
>>>>> Some people simply won't know how to spell it immediately (though this
>>>>> is a
>>>>> minor point, admittedly).
>>>>>
>>>>> Fifth, it seems like you're making preparations for something that you
>>>>> don't
>>>>> even know to be a problem.  Yes, the Apache legal team should be
>>>>> consulted.
>>>>> However, it seems like jumping the gun to just start changing package
>>>>> names
>>>>> with anticipation of a name change.  You would be crazy to start
>>>>> renaming
>>>>> packages based on some unknown possibility that it has to happen in the
>>>>> future.  What value does this add to the software?
>>>>>
>>>>> Following the sigma-six and/or extreme programming world view, you
>>>>> shouldn't
>>>>> be making any change to your software until the change is actually
>>>>> required
>>>>> and value is added.  Do you have a pending lawsuit?  Has the Apache
>>>>> council
>>>>> suggested the change?  Are you being blocked by the incubation process?
>>>>>  Why
>>>>> even consider a change until it needs to be done.  Energy could be
>>>>> better
>>>>> spent on other matters.
>>>>>
>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But,
>>>>> that's
>>>>> only a very small part of the bigger issue.  Disruption, confusion,
>>>>> support,
>>>>> search engine optimization, etc. are what needs to be thought about
>>>>> when
>>>>> changing the name.
>>>>>
>>>>> Further, what if you decide to change the name to Alcatraz, and then
>>>>> get
>>>>> pressure from another software group?  Ouch, time to rename the project
>>>>> yet
>>>>> again.
>>>>>
>>>>> I think you all are better just letting this thing ride until something
>>>>> real
>>>>> convicting suggests you need a change.  JSecurity is a great product
>>>>> name
>>>>> which you should stick with until otherwise needed.  And, if that day
>>>>> comes,
>>>>> Alcatraz is just simply the wrong name, in my humble opinion, for all
>>>>> the
>>>>> reasons mentioned above.
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Adam
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Emmanuel Lecharny wrote:
>>>>>>
>>>>>> Alan D. Cabrera wrote:
>>>>>>>
>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>
>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>
>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>
>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names we
>>>>>>>>>>> have googled
>>>>>>>>>>> too.
>>>>>>>>>>
>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
>>>>>>>>>> googled
>>>>>>>>>> names.  Could you please forward them on so I can post them to the
>>>>>>>>>> legal team?
>>>>>>>>>
>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the
>>>>>>>>> clear
>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0 packages
>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the
>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>
>>>>>>>> Well, I think then it's better to stick with JSecurity (because it's
>>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>>>> needed (or any other name).
>>>>>>>>
>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name
>>>>>>>> (with all the infos we have already found about it), and also ask
>>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add some
>>>>>>>> more infos related to this name, assuming that being a geographical
>>>>>>>> location, it should not be such a problem).
>>>>>>>
>>>>>>> Legal is not a clearing house for project names.  They can only give
>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far as I
>>>>>>> can tell, there is none for alcatraz.
>>>>>>>
>>>>>>> What I'm worried about is that the vetting effort for the JSecurity
>>>>>>> name will have the same track record as the v0.9 release.  If we
>>>>>>> start
>>>>>>> with alcatraz then we have one less thing impeding our incubation
>>>>>>> process.
>>>>>>
>>>>>> Let's start with Alcratraz then, and we have quit some time to do some
>>>>>> vetting before 1.0 (hopefully when the project exits from incubator).
>>>>>>
>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>
>>>>>>
>>>>>> --
>>>>>> --
>>>>>> cordialement, regards,
>>>>>> Emmanuel Lécharny
>>>>>> www.iktek.com
>>>>>> directory.apache.org
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> View this message in context:
>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>> Sent from the JSecurity Developer mailing list archive at Nabble.com.
>>>>>
>>>>>
>>>>
>>>
>>
>> ---------------------------------------------------------------------
>> DISCLAIMER: Discussions on this list are informational and educational
>> only.  Statements made on this list are not privileged, do not
>> constitute legal advice, and do not necessarily reflect the opinions
>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
>> official ASF policies and documents.
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>
> Craig L Russell
> Architect, Sun Java Enterprise System http://db.apache.org/jdo
> 408 276-5638 mailto:Craig.Russell@sun.com
> P.S. A good JDO? O, Gasp!
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: [VOTE] Change JSecurity's Name

[Henri Yandell <hy...@gmail.com>]

I'm not a board member. :)

On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <Cr...@sun.com> wrote:
> -1 Do not change JSecurity's name
>
> We had the discussion in early December on the legal mailing list and no
> issues were raised contrary to Henri's comments. Henri is the only board
> member who commented on the JSecurity name during the discussion.
>
> We will have at least three more votes where additional issues regarding the
> name can be brought up:
>
> 1. The first release of JSecurity code from the incubator.
> 2. The graduation vote of JSecurity taken by the incubator PMC.
> 3. The acceptance of JSecurity by the Apache board after the incubator
> votes.
>
> Craig
>
>
> Dear JSecurity Team,
>
> There has been lengthy debate without consensus as to whether or JSecurity's
> name should be changed to something else.  So, there is need for a vote.
>
> Please vote on changing JSecurity's name to something else.  This is ONLY a
> vote of if we should change the name, NOT what any alternate name might be.
> I'd like to leave this vote open for 7 days instead of the usual 3 to
> account for time that people may not be able to respond due to the
> holidays.  Of course we can close the vote early if all binding votes are
> accounted for prior to the 7 day limit.
>
> The vote is open for the next 7 days and only votes from the JSecurity
> development team are binding.
>
> [ ] +1 Change JSecurity's name
> [ ] -1 Do not change JSecurity's name
>
> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>
>> Given that it's a name you've been using for 4 years, and it's very
>> generic [jXxx being a common pattern in our space and Security being
>> very generic]; I'm inclined to keep the current name; though by the
>> same reasoning, it's a weak name as "Apache JSecurity" isn't very good
>> branding.
>>
>> My tuppence of opinion.
>>
>> Hen
>>
>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org>
>> wrote:
>>>
>>> Hi ASF legal team,
>>>
>>> I'm writing this email in hopes of getting your feedback concerning a
>>> discussion we've been having on the JSecurity email list (an Incubator
>>> project).
>>>
>>> A few of our mentors have expressed concern that there might be a
>>> possible naming conflict with our project name (JSecurity) and some
>>> other references found through google and other search mechanisms.
>>>
>>> I'd like to point out that the JSecurity name, as an open source
>>> project identity has been around for almost 4 years now, with zero
>>> contact from any external entity claiming conflict with a proprietary
>>> name or product.  I know this isn't legal criteria for determining if
>>> there is a name conflict, but I surface it only to put some context of
>>> why the original JSecurity developers (and our well-established
>>> communities) think we should keep the JSecurity name.  There might be
>>> older references to this name, unrelated to our project, but we don't
>>> know for certain if they would constitute a risk in the name overlap.
>>>
>>> We'd like some feedback as to if the project name should be changed or
>>> not.
>>>
>>> Here is what one of our mentors summarized after doing some research:
>>>
>>> <snip>
>>> Now, looking a bit forward on google, here are some other references
>>> to JSecurity :
>>>
>>> http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm>
>>> "WIC GLOBAL has developed a comprehensive Information Security
>>> Assessment service called JSecurity. Our JSecurity experts will
>>> conduct a full information security risk assessment focusing on:"
>>>
>>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>>> Seems like they have a service called  J-Security. Be sure that
>>> Juniper has a legal service who might perfectly well send some nicely
>>> written "cease and desist" letter to the ASF about this name. Not sure
>>> that our legals want to deal with that ...
>>>
>>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
>>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>>
>>>
>>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>>>
>>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
>>> This company has a product named JSecurity. Since when ?
>>>
>>> As much as I like the JSecurity name, I also think that we are un
>>> potential jeopardy if we don't change its name. That's the main issue
>>> we have : we can't afford any kind of legal action when we already
>>> know that there are company out there which already use this name.
>>>
>>> Anyway, I can be wrong, I'm just trying to gather as much information
>>> as possible. When you guys think you have set your mind about this
>>> name, you will have to go to legal@apache.org
>>> <ma...@apache.org> with the selected name (be it JSecurity or
>>> any other) to double check that it's ok or not (IFAIK). That is one of
>>> the condition to exit from the incubator :
>>> "Check of project name for trademark issues "
>>>
>>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>>>
>>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>>>
>>> </snip>
>>>
>>> Thanks for your review and feedback!
>>>
>>> Best,
>>>
>>> Les
>>>
>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lh...@apache.org>
>>> wrote:
>>>>
>>>> Adam,
>>>>
>>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I love
>>>> to see people who aren't necessarily code contributors contribute to
>>>> the project in other ways.  This is very valuable to us.
>>>>
>>>> I am in total agreement with your sentiments thus far.  It is my
>>>> opinion that the name we have is great as it is and I'd only like to
>>>> change the name if someone from legal puts pressure on us to do so.
>>>> IANAL, so I'd have to trust their judgment.  I'm going to post this to
>>>> legal in just a few minutes asking their feedback.  I'd like to hear
>>>> what they say regardless of what we end up doing - I'm genuinely
>>>> curious :)
>>>>
>>>> Thanks again very much for chiming in.  Its nice to see that you (and
>>>> others) are taking continued interest in the project.
>>>>
>>>> Best regards,
>>>>
>>>> Les
>>>>
>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>>>
>>>>> Hi,
>>>>>
>>>>> I'm not really a contributor to the JSecurity project yet (though I
>>>>> hope to
>>>>> be in the future).  However, this thread has caught my attention, and
>>>>> so I
>>>>> thought I'd give a couple of thoughts.
>>>>>
>>>>> I have an interest, call it a hobby, in name related issues for
>>>>> software
>>>>> projects, open source included.  So, though I don't speak from any
>>>>> official
>>>>> background (I guess beyond a little professional), I would like to
>>>>> point out
>>>>> a few things about the name Alcatraz.
>>>>>
>>>>> First, as I believe has been mentioned, the term Alcatraz has been
>>>>> associated with other software products already.  So, this is bad news
>>>>> with
>>>>> regards to trademark related issues.  Just because its a geographic
>>>>> location
>>>>> doesn't mean that it can't be trademarked.  Thus, likely these other
>>>>> software products are going to have problems with any related use of
>>>>> the
>>>>> term Alcatraz.
>>>>>
>>>>> Second, the connotation for JSecurity implies that the product is used
>>>>> to
>>>>> keep people out of the protected system.  This is what the term
>>>>> "security"
>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep people
>>>>> out,
>>>>> it was meant to keep people in.  The use is only quasi-related, and
>>>>> even
>>>>> confusing, for a product with your feature set.  Alcatraz software
>>>>> would be
>>>>> a better name for a product which keeps workstation/network users
>>>>> constrained in their internet use, like a firewall, or a web proxy, for
>>>>> example.  Or a child internet monitoring product.
>>>>>
>>>>> Don't underestimate the importance of this point.  The name of a
>>>>> software
>>>>> should ideally be somewhat self describing, especially when starting
>>>>> out.
>>>>> Until the name becomes a core brand, having a self describing name can
>>>>> make
>>>>> a big difference.
>>>>>
>>>>> Third, I don't think you can underestimate how important it is that
>>>>> people
>>>>> can search the name of your product and find it through Google (and
>>>>> friends).  Clearly the term Alcatraz has a huge number of unrelated
>>>>> hits,
>>>>> and you would clearly be lost any search engine placement with the
>>>>> name.
>>>>> Much better to have a name for your software that is the only known
>>>>> reference so that people can easily find you after having hear the
>>>>> name.
>>>>> This is why so many companies go crazy and conjure completely strange
>>>>> and
>>>>> nonsensical product names.
>>>>>
>>>>> Fourth, Alcatraz is a relatively difficult name to spell, which again
>>>>> becomes problematic for the above search recognition reasons.
>>>>>  Alkitraz?
>>>>> Some people simply won't know how to spell it immediately (though this
>>>>> is a
>>>>> minor point, admittedly).
>>>>>
>>>>> Fifth, it seems like you're making preparations for something that you
>>>>> don't
>>>>> even know to be a problem.  Yes, the Apache legal team should be
>>>>> consulted.
>>>>> However, it seems like jumping the gun to just start changing package
>>>>> names
>>>>> with anticipation of a name change.  You would be crazy to start
>>>>> renaming
>>>>> packages based on some unknown possibility that it has to happen in the
>>>>> future.  What value does this add to the software?
>>>>>
>>>>> Following the sigma-six and/or extreme programming world view, you
>>>>> shouldn't
>>>>> be making any change to your software until the change is actually
>>>>> required
>>>>> and value is added.  Do you have a pending lawsuit?  Has the Apache
>>>>> council
>>>>> suggested the change?  Are you being blocked by the incubation process?
>>>>>  Why
>>>>> even consider a change until it needs to be done.  Energy could be
>>>>> better
>>>>> spent on other matters.
>>>>>
>>>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But,
>>>>> that's
>>>>> only a very small part of the bigger issue.  Disruption, confusion,
>>>>> support,
>>>>> search engine optimization, etc. are what needs to be thought about
>>>>> when
>>>>> changing the name.
>>>>>
>>>>> Further, what if you decide to change the name to Alcatraz, and then
>>>>> get
>>>>> pressure from another software group?  Ouch, time to rename the project
>>>>> yet
>>>>> again.
>>>>>
>>>>> I think you all are better just letting this thing ride until something
>>>>> real
>>>>> convicting suggests you need a change.  JSecurity is a great product
>>>>> name
>>>>> which you should stick with until otherwise needed.  And, if that day
>>>>> comes,
>>>>> Alcatraz is just simply the wrong name, in my humble opinion, for all
>>>>> the
>>>>> reasons mentioned above.
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Adam
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Emmanuel Lecharny wrote:
>>>>>>
>>>>>> Alan D. Cabrera wrote:
>>>>>>>
>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>
>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>
>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>
>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names we
>>>>>>>>>>> have googled
>>>>>>>>>>> too.
>>>>>>>>>>
>>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the
>>>>>>>>>> googled
>>>>>>>>>> names.  Could you please forward them on so I can post them to the
>>>>>>>>>> legal team?
>>>>>>>>>
>>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the
>>>>>>>>> clear
>>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0 packages
>>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the
>>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>>>
>>>>>>>> Well, I think then it's better to stick with JSecurity (because it's
>>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>>>> needed (or any other name).
>>>>>>>>
>>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name
>>>>>>>> (with all the infos we have already found about it), and also ask
>>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add some
>>>>>>>> more infos related to this name, assuming that being a geographical
>>>>>>>> location, it should not be such a problem).
>>>>>>>
>>>>>>> Legal is not a clearing house for project names.  They can only give
>>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far as I
>>>>>>> can tell, there is none for alcatraz.
>>>>>>>
>>>>>>> What I'm worried about is that the vetting effort for the JSecurity
>>>>>>> name will have the same track record as the v0.9 release.  If we
>>>>>>> start
>>>>>>> with alcatraz then we have one less thing impeding our incubation
>>>>>>> process.
>>>>>>
>>>>>> Let's start with Alcratraz then, and we have quit some time to do some
>>>>>> vetting before 1.0 (hopefully when the project exits from incubator).
>>>>>>
>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>
>>>>>>
>>>>>> --
>>>>>> --
>>>>>> cordialement, regards,
>>>>>> Emmanuel Lécharny
>>>>>> www.iktek.com
>>>>>> directory.apache.org
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> View this message in context:
>>>>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>> Sent from the JSecurity Developer mailing list archive at Nabble.com.
>>>>>
>>>>>
>>>>
>>>
>>
>> ---------------------------------------------------------------------
>> DISCLAIMER: Discussions on this list are informational and educational
>> only.  Statements made on this list are not privileged, do not
>> constitute legal advice, and do not necessarily reflect the opinions
>> and policies of the ASF.  See <http://www.apache.org/licenses/> for
>> official ASF policies and documents.
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>> For additional commands, e-mail: legal-discuss-help@apache.org
>>
>
> Craig L Russell
> Architect, Sun Java Enterprise System http://db.apache.org/jdo
> 408 276-5638 mailto:Craig.Russell@sun.com
> P.S. A good JDO? O, Gasp!
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

Re: [VOTE] Change JSecurity's Name

[Craig L Russell <Cr...@Sun.COM>]

-1 Do not change JSecurity's name

We had the discussion in early December on the legal mailing list and  
no issues were raised contrary to Henri's comments. Henri is the only  
board member who commented on the JSecurity name during the discussion.

We will have at least three more votes where additional issues  
regarding the name can be brought up:

1. The first release of JSecurity code from the incubator.
2. The graduation vote of JSecurity taken by the incubator PMC.
3. The acceptance of JSecurity by the Apache board after the incubator  
votes.

Craig


Dear JSecurity Team,

There has been lengthy debate without consensus as to whether or  
JSecurity's
name should be changed to something else.  So, there is need for a vote.

Please vote on changing JSecurity's name to something else.  This is  
ONLY a
vote of if we should change the name, NOT what any alternate name  
might be.
I'd like to leave this vote open for 7 days instead of the usual 3 to
account for time that people may not be able to respond due to the
holidays.  Of course we can close the vote early if all binding votes  
are
accounted for prior to the 7 day limit.

The vote is open for the next 7 days and only votes from the JSecurity
development team are binding.

[ ] +1 Change JSecurity's name
[ ] -1 Do not change JSecurity's name

On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:

> Given that it's a name you've been using for 4 years, and it's very
> generic [jXxx being a common pattern in our space and Security being
> very generic]; I'm inclined to keep the current name; though by the
> same reasoning, it's a weak name as "Apache JSecurity" isn't very good
> branding.
>
> My tuppence of opinion.
>
> Hen
>
> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood  
> <lh...@apache.org> wrote:
>> Hi ASF legal team,
>>
>> I'm writing this email in hopes of getting your feedback concerning a
>> discussion we've been having on the JSecurity email list (an  
>> Incubator
>> project).
>>
>> A few of our mentors have expressed concern that there might be a
>> possible naming conflict with our project name (JSecurity) and some
>> other references found through google and other search mechanisms.
>>
>> I'd like to point out that the JSecurity name, as an open source
>> project identity has been around for almost 4 years now, with zero
>> contact from any external entity claiming conflict with a proprietary
>> name or product.  I know this isn't legal criteria for determining if
>> there is a name conflict, but I surface it only to put some context  
>> of
>> why the original JSecurity developers (and our well-established
>> communities) think we should keep the JSecurity name.  There might be
>> older references to this name, unrelated to our project, but we don't
>> know for certain if they would constitute a risk in the name overlap.
>>
>> We'd like some feedback as to if the project name should be changed  
>> or not.
>>
>> Here is what one of our mentors summarized after doing some research:
>>
>> <snip>
>> Now, looking a bit forward on google, here are some other references
>> to JSecurity :
>>
>> http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm 
>> >
>> "WIC GLOBAL has developed a comprehensive Information Security
>> Assessment service called JSecurity. Our JSecurity experts will
>> conduct a full information security risk assessment focusing on:"
>>
>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>> Seems like they have a service called  J-Security. Be sure that
>> Juniper has a legal service who might perfectly well send some nicely
>> written "cease and desist" letter to the ASF about this name. Not  
>> sure
>> that our legals want to deal with that ...
>>
>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>
>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf 
>> >
>> This company has a product named JSecurity. Since when ?
>>
>> As much as I like the JSecurity name, I also think that we are un
>> potential jeopardy if we don't change its name. That's the main issue
>> we have : we can't afford any kind of legal action when we already
>> know that there are company out there which already use this name.
>>
>> Anyway, I can be wrong, I'm just trying to gather as much information
>> as possible. When you guys think you have set your mind about this
>> name, you will have to go to legal@apache.org
>> <ma...@apache.org> with the selected name (be it JSecurity or
>> any other) to double check that it's ok or not (IFAIK). That is one  
>> of
>> the condition to exit from the incubator :
>> "Check of project name for trademark issues "
>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements 
>> >).
>>
>> </snip>
>>
>> Thanks for your review and feedback!
>>
>> Best,
>>
>> Les
>>
>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood  
>> <lh...@apache.org> wrote:
>>> Adam,
>>>
>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I  
>>> love
>>> to see people who aren't necessarily code contributors contribute to
>>> the project in other ways.  This is very valuable to us.
>>>
>>> I am in total agreement with your sentiments thus far.  It is my
>>> opinion that the name we have is great as it is and I'd only like to
>>> change the name if someone from legal puts pressure on us to do so.
>>> IANAL, so I'd have to trust their judgment.  I'm going to post  
>>> this to
>>> legal in just a few minutes asking their feedback.  I'd like to hear
>>> what they say regardless of what we end up doing - I'm genuinely
>>> curious :)
>>>
>>> Thanks again very much for chiming in.  Its nice to see that you  
>>> (and
>>> others) are taking continued interest in the project.
>>>
>>> Best regards,
>>>
>>> Les
>>>
>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>>
>>>> Hi,
>>>>
>>>> I'm not really a contributor to the JSecurity project yet (though  
>>>> I hope to
>>>> be in the future).  However, this thread has caught my attention,  
>>>> and so I
>>>> thought I'd give a couple of thoughts.
>>>>
>>>> I have an interest, call it a hobby, in name related issues for  
>>>> software
>>>> projects, open source included.  So, though I don't speak from  
>>>> any official
>>>> background (I guess beyond a little professional), I would like  
>>>> to point out
>>>> a few things about the name Alcatraz.
>>>>
>>>> First, as I believe has been mentioned, the term Alcatraz has been
>>>> associated with other software products already.  So, this is bad  
>>>> news with
>>>> regards to trademark related issues.  Just because its a  
>>>> geographic location
>>>> doesn't mean that it can't be trademarked.  Thus, likely these  
>>>> other
>>>> software products are going to have problems with any related use  
>>>> of the
>>>> term Alcatraz.
>>>>
>>>> Second, the connotation for JSecurity implies that the product is  
>>>> used to
>>>> keep people out of the protected system.  This is what the term  
>>>> "security"
>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep  
>>>> people out,
>>>> it was meant to keep people in.  The use is only quasi-related,  
>>>> and even
>>>> confusing, for a product with your feature set.  Alcatraz  
>>>> software would be
>>>> a better name for a product which keeps workstation/network users
>>>> constrained in their internet use, like a firewall, or a web  
>>>> proxy, for
>>>> example.  Or a child internet monitoring product.
>>>>
>>>> Don't underestimate the importance of this point.  The name of a  
>>>> software
>>>> should ideally be somewhat self describing, especially when  
>>>> starting out.
>>>> Until the name becomes a core brand, having a self describing  
>>>> name can make
>>>> a big difference.
>>>>
>>>> Third, I don't think you can underestimate how important it is  
>>>> that people
>>>> can search the name of your product and find it through Google (and
>>>> friends).  Clearly the term Alcatraz has a huge number of  
>>>> unrelated hits,
>>>> and you would clearly be lost any search engine placement with  
>>>> the name.
>>>> Much better to have a name for your software that is the only known
>>>> reference so that people can easily find you after having hear  
>>>> the name.
>>>> This is why so many companies go crazy and conjure completely  
>>>> strange and
>>>> nonsensical product names.
>>>>
>>>> Fourth, Alcatraz is a relatively difficult name to spell, which  
>>>> again
>>>> becomes problematic for the above search recognition reasons.   
>>>> Alkitraz?
>>>> Some people simply won't know how to spell it immediately (though  
>>>> this is a
>>>> minor point, admittedly).
>>>>
>>>> Fifth, it seems like you're making preparations for something  
>>>> that you don't
>>>> even know to be a problem.  Yes, the Apache legal team should be  
>>>> consulted.
>>>> However, it seems like jumping the gun to just start changing  
>>>> package names
>>>> with anticipation of a name change.  You would be crazy to start  
>>>> renaming
>>>> packages based on some unknown possibility that it has to happen  
>>>> in the
>>>> future.  What value does this add to the software?
>>>>
>>>> Following the sigma-six and/or extreme programming world view,  
>>>> you shouldn't
>>>> be making any change to your software until the change is  
>>>> actually required
>>>> and value is added.  Do you have a pending lawsuit?  Has the  
>>>> Apache council
>>>> suggested the change?  Are you being blocked by the incubation  
>>>> process?  Why
>>>> even consider a change until it needs to be done.  Energy could  
>>>> be better
>>>> spent on other matters.
>>>>
>>>> Yes, it's a trivial thing to refactor a project from Eclipse.   
>>>> But, that's
>>>> only a very small part of the bigger issue.  Disruption,  
>>>> confusion, support,
>>>> search engine optimization, etc. are what needs to be thought  
>>>> about when
>>>> changing the name.
>>>>
>>>> Further, what if you decide to change the name to Alcatraz, and  
>>>> then get
>>>> pressure from another software group?  Ouch, time to rename the  
>>>> project yet
>>>> again.
>>>>
>>>> I think you all are better just letting this thing ride until  
>>>> something real
>>>> convicting suggests you need a change.  JSecurity is a great  
>>>> product name
>>>> which you should stick with until otherwise needed.  And, if that  
>>>> day comes,
>>>> Alcatraz is just simply the wrong name, in my humble opinion, for  
>>>> all the
>>>> reasons mentioned above.
>>>>
>>>> Thanks,
>>>>
>>>> Adam
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Emmanuel Lecharny wrote:
>>>>>
>>>>> Alan D. Cabrera wrote:
>>>>>>
>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>
>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>
>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>
>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the  
>>>>>>>>>> names we
>>>>>>>>>> have googled
>>>>>>>>>> too.
>>>>>>>>>
>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the  
>>>>>>>>> googled
>>>>>>>>> names.  Could you please forward them on so I can post them  
>>>>>>>>> to the
>>>>>>>>> legal team?
>>>>>>>>
>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is  
>>>>>>>> the clear
>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0  
>>>>>>>> packages
>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and  
>>>>>>>> the
>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>> Well, I think then it's better to stick with JSecurity  
>>>>>>> (because it's
>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>>> needed (or any other name).
>>>>>>>
>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity  
>>>>>>> name
>>>>>>> (with all the infos we have already found about it), and also  
>>>>>>> ask
>>>>>>> them in the same mail if Alcatraz is ok or not (same here :  
>>>>>>> add some
>>>>>>> more infos related to this name, assuming that being a  
>>>>>>> geographical
>>>>>>> location, it should not be such a problem).
>>>>>>
>>>>>> Legal is not a clearing house for project names.  They can only  
>>>>>> give
>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far  
>>>>>> as I
>>>>>> can tell, there is none for alcatraz.
>>>>>>
>>>>>> What I'm worried about is that the vetting effort for the  
>>>>>> JSecurity
>>>>>> name will have the same track record as the v0.9 release.  If  
>>>>>> we start
>>>>>> with alcatraz then we have one less thing impeding our incubation
>>>>>> process.
>>>>> Let's start with Alcratraz then, and we have quit some time to  
>>>>> do some
>>>>> vetting before 1.0 (hopefully when the project exits from  
>>>>> incubator).
>>>>>
>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>
>>>>>
>>>>> --
>>>>> --
>>>>> cordialement, regards,
>>>>> Emmanuel Lécharny
>>>>> www.iktek.com
>>>>> directory.apache.org
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>> View this message in context: http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>> Sent from the JSecurity Developer mailing list archive at  
>>>> Nabble.com.
>>>>
>>>>
>>>
>>
>
> ---------------------------------------------------------------------
> DISCLAIMER: Discussions on this list are informational and educational
> only.  Statements made on this list are not privileged, do not
> constitute legal advice, and do not necessarily reflect the opinions
> and policies of the ASF.  See <http://www.apache.org/licenses/> for
> official ASF policies and documents.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>

Craig L Russell
Architect, Sun Java Enterprise System http://db.apache.org/jdo
408 276-5638 mailto:Craig.Russell@sun.com
P.S. A good JDO? O, Gasp!


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: JSecurity's new name

[Moin Ayazifar <mo...@gmail.com>]

Dear Friends,

Although Jsecurity is the best name, but in the case of changing the
name it's not worthless to have look at:
http://www.bchealth.com/services/birthcenter/nativeambabynames.shtml
I found "Jacy" among native American names it means "the moon".
does anybody has idea about it?

On Tue, Dec 2, 2008 at 4:06 PM, Henri Yandell <ba...@apache.org> wrote:
> Given that it's a name you've been using for 4 years, and it's very
> generic [jXxx being a common pattern in our space and Security being
> very generic]; I'm inclined to keep the current name; though by the
> same reasoning, it's a weak name as "Apache JSecurity" isn't very good
> branding.
>
> My tuppence of opinion.
>
> Hen
>
> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org> wrote:
>> Hi ASF legal team,
>>
>> I'm writing this email in hopes of getting your feedback concerning a
>> discussion we've been having on the JSecurity email list (an Incubator
>> project).
>>
>> A few of our mentors have expressed concern that there might be a
>> possible naming conflict with our project name (JSecurity) and some
>> other references found through google and other search mechanisms.
>>
>> I'd like to point out that the JSecurity name, as an open source
>> project identity has been around for almost 4 years now, with zero
>> contact from any external entity claiming conflict with a proprietary
>> name or product.  I know this isn't legal criteria for determining if
>> there is a name conflict, but I surface it only to put some context of
>> why the original JSecurity developers (and our well-established
>> communities) think we should keep the JSecurity name.  There might be
>> older references to this name, unrelated to our project, but we don't
>> know for certain if they would constitute a risk in the name overlap.
>>
>> We'd like some feedback as to if the project name should be changed or not.
>>
>> Here is what one of our mentors summarized after doing some research:
>>
>> <snip>
>> Now, looking a bit forward on google, here are some other references
>> to JSecurity :
>>
>> http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm>
>> "WIC GLOBAL has developed a comprehensive Information Security
>> Assessment service called JSecurity. Our JSecurity experts will
>> conduct a full information security risk assessment focusing on:"
>>
>> http://www.juniper.net/security/ <http://www.juniper.net/security/>
>> Seems like they have a service called  J-Security. Be sure that
>> Juniper has a legal service who might perfectly well send some nicely
>> written "cease and desist" letter to the ASF about this name. Not sure
>> that our legals want to deal with that ...
>>
>> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
>> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>>
>> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
>> This company has a product named JSecurity. Since when ?
>>
>> As much as I like the JSecurity name, I also think that we are un
>> potential jeopardy if we don't change its name. That's the main issue
>> we have : we can't afford any kind of legal action when we already
>> know that there are company out there which already use this name.
>>
>> Anyway, I can be wrong, I'm just trying to gather as much information
>> as possible. When you guys think you have set your mind about this
>> name, you will have to go to legal@apache.org
>> <ma...@apache.org> with the selected name (be it JSecurity or
>> any other) to double check that it's ok or not (IFAIK). That is one of
>> the condition to exit from the incubator :
>> "Check of project name for trademark issues "
>> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>>
>> </snip>
>>
>> Thanks for your review and feedback!
>>
>> Best,
>>
>> Les
>>
>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lh...@apache.org> wrote:
>>> Adam,
>>>
>>> Thanks _very_ much for such a detailed and thoughtful opinion.  I love
>>> to see people who aren't necessarily code contributors contribute to
>>> the project in other ways.  This is very valuable to us.
>>>
>>> I am in total agreement with your sentiments thus far.  It is my
>>> opinion that the name we have is great as it is and I'd only like to
>>> change the name if someone from legal puts pressure on us to do so.
>>> IANAL, so I'd have to trust their judgment.  I'm going to post this to
>>> legal in just a few minutes asking their feedback.  I'd like to hear
>>> what they say regardless of what we end up doing - I'm genuinely
>>> curious :)
>>>
>>> Thanks again very much for chiming in.  Its nice to see that you (and
>>> others) are taking continued interest in the project.
>>>
>>> Best regards,
>>>
>>> Les
>>>
>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>>
>>>> Hi,
>>>>
>>>> I'm not really a contributor to the JSecurity project yet (though I hope to
>>>> be in the future).  However, this thread has caught my attention, and so I
>>>> thought I'd give a couple of thoughts.
>>>>
>>>> I have an interest, call it a hobby, in name related issues for software
>>>> projects, open source included.  So, though I don't speak from any official
>>>> background (I guess beyond a little professional), I would like to point out
>>>> a few things about the name Alcatraz.
>>>>
>>>> First, as I believe has been mentioned, the term Alcatraz has been
>>>> associated with other software products already.  So, this is bad news with
>>>> regards to trademark related issues.  Just because its a geographic location
>>>> doesn't mean that it can't be trademarked.  Thus, likely these other
>>>> software products are going to have problems with any related use of the
>>>> term Alcatraz.
>>>>
>>>> Second, the connotation for JSecurity implies that the product is used to
>>>> keep people out of the protected system.  This is what the term "security"
>>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep people out,
>>>> it was meant to keep people in.  The use is only quasi-related, and even
>>>> confusing, for a product with your feature set.  Alcatraz software would be
>>>> a better name for a product which keeps workstation/network users
>>>> constrained in their internet use, like a firewall, or a web proxy, for
>>>> example.  Or a child internet monitoring product.
>>>>
>>>> Don't underestimate the importance of this point.  The name of a software
>>>> should ideally be somewhat self describing, especially when starting out.
>>>> Until the name becomes a core brand, having a self describing name can make
>>>> a big difference.
>>>>
>>>> Third, I don't think you can underestimate how important it is that people
>>>> can search the name of your product and find it through Google (and
>>>> friends).  Clearly the term Alcatraz has a huge number of unrelated hits,
>>>> and you would clearly be lost any search engine placement with the name.
>>>> Much better to have a name for your software that is the only known
>>>> reference so that people can easily find you after having hear the name.
>>>> This is why so many companies go crazy and conjure completely strange and
>>>> nonsensical product names.
>>>>
>>>> Fourth, Alcatraz is a relatively difficult name to spell, which again
>>>> becomes problematic for the above search recognition reasons.  Alkitraz?
>>>> Some people simply won't know how to spell it immediately (though this is a
>>>> minor point, admittedly).
>>>>
>>>> Fifth, it seems like you're making preparations for something that you don't
>>>> even know to be a problem.  Yes, the Apache legal team should be consulted.
>>>> However, it seems like jumping the gun to just start changing package names
>>>> with anticipation of a name change.  You would be crazy to start renaming
>>>> packages based on some unknown possibility that it has to happen in the
>>>> future.  What value does this add to the software?
>>>>
>>>> Following the sigma-six and/or extreme programming world view, you shouldn't
>>>> be making any change to your software until the change is actually required
>>>> and value is added.  Do you have a pending lawsuit?  Has the Apache council
>>>> suggested the change?  Are you being blocked by the incubation process?  Why
>>>> even consider a change until it needs to be done.  Energy could be better
>>>> spent on other matters.
>>>>
>>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But, that's
>>>> only a very small part of the bigger issue.  Disruption, confusion, support,
>>>> search engine optimization, etc. are what needs to be thought about when
>>>> changing the name.
>>>>
>>>> Further, what if you decide to change the name to Alcatraz, and then get
>>>> pressure from another software group?  Ouch, time to rename the project yet
>>>> again.
>>>>
>>>> I think you all are better just letting this thing ride until something real
>>>> convicting suggests you need a change.  JSecurity is a great product name
>>>> which you should stick with until otherwise needed.  And, if that day comes,
>>>> Alcatraz is just simply the wrong name, in my humble opinion, for all the
>>>> reasons mentioned above.
>>>>
>>>> Thanks,
>>>>
>>>> Adam
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Emmanuel Lecharny wrote:
>>>>>
>>>>> Alan D. Cabrera wrote:
>>>>>>
>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>
>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>
>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>
>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names we
>>>>>>>>>> have googled
>>>>>>>>>> too.
>>>>>>>>>
>>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>>> legal-discuss.  But, I can't easily find the thread with the googled
>>>>>>>>> names.  Could you please forward them on so I can post them to the
>>>>>>>>> legal team?
>>>>>>>>
>>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the clear
>>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0 packages
>>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the
>>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>>> Well, I think then it's better to stick with JSecurity (because it's
>>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>>> needed (or any other name).
>>>>>>>
>>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name
>>>>>>> (with all the infos we have already found about it), and also ask
>>>>>>> them in the same mail if Alcatraz is ok or not (same here : add some
>>>>>>> more infos related to this name, assuming that being a geographical
>>>>>>> location, it should not be such a problem).
>>>>>>
>>>>>> Legal is not a clearing house for project names.  They can only give
>>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far as I
>>>>>> can tell, there is none for alcatraz.
>>>>>>
>>>>>> What I'm worried about is that the vetting effort for the JSecurity
>>>>>> name will have the same track record as the v0.9 release.  If we start
>>>>>> with alcatraz then we have one less thing impeding our incubation
>>>>>> process.
>>>>> Let's start with Alcratraz then, and we have quit some time to do some
>>>>> vetting before 1.0 (hopefully when the project exits from incubator).
>>>>>
>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>
>>>>>
>>>>> --
>>>>> --
>>>>> cordialement, regards,
>>>>> Emmanuel Lécharny
>>>>> www.iktek.com
>>>>> directory.apache.org
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>> View this message in context: http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>> Sent from the JSecurity Developer mailing list archive at Nabble.com.
>>>>
>>>>
>>>
>>
>

---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only.  Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF.  See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: JSecurity's new name

[Henri Yandell <ba...@apache.org>]

Given that it's a name you've been using for 4 years, and it's very
generic [jXxx being a common pattern in our space and Security being
very generic]; I'm inclined to keep the current name; though by the
same reasoning, it's a weak name as "Apache JSecurity" isn't very good
branding.

My tuppence of opinion.

Hen

On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org> wrote:
> Hi ASF legal team,
>
> I'm writing this email in hopes of getting your feedback concerning a
> discussion we've been having on the JSecurity email list (an Incubator
> project).
>
> A few of our mentors have expressed concern that there might be a
> possible naming conflict with our project name (JSecurity) and some
> other references found through google and other search mechanisms.
>
> I'd like to point out that the JSecurity name, as an open source
> project identity has been around for almost 4 years now, with zero
> contact from any external entity claiming conflict with a proprietary
> name or product.  I know this isn't legal criteria for determining if
> there is a name conflict, but I surface it only to put some context of
> why the original JSecurity developers (and our well-established
> communities) think we should keep the JSecurity name.  There might be
> older references to this name, unrelated to our project, but we don't
> know for certain if they would constitute a risk in the name overlap.
>
> We'd like some feedback as to if the project name should be changed or not.
>
> Here is what one of our mentors summarized after doing some research:
>
> <snip>
> Now, looking a bit forward on google, here are some other references
> to JSecurity :
>
> http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm>
> "WIC GLOBAL has developed a comprehensive Information Security
> Assessment service called JSecurity. Our JSecurity experts will
> conduct a full information security risk assessment focusing on:"
>
> http://www.juniper.net/security/ <http://www.juniper.net/security/>
> Seems like they have a service called  J-Security. Be sure that
> Juniper has a legal service who might perfectly well send some nicely
> written "cease and desist" letter to the ASF about this name. Not sure
> that our legals want to deal with that ...
>
> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>
> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
> This company has a product named JSecurity. Since when ?
>
> As much as I like the JSecurity name, I also think that we are un
> potential jeopardy if we don't change its name. That's the main issue
> we have : we can't afford any kind of legal action when we already
> know that there are company out there which already use this name.
>
> Anyway, I can be wrong, I'm just trying to gather as much information
> as possible. When you guys think you have set your mind about this
> name, you will have to go to legal@apache.org
> <ma...@apache.org> with the selected name (be it JSecurity or
> any other) to double check that it's ok or not (IFAIK). That is one of
> the condition to exit from the incubator :
> "Check of project name for trademark issues "
> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>
> </snip>
>
> Thanks for your review and feedback!
>
> Best,
>
> Les
>
> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lh...@apache.org> wrote:
>> Adam,
>>
>> Thanks _very_ much for such a detailed and thoughtful opinion.  I love
>> to see people who aren't necessarily code contributors contribute to
>> the project in other ways.  This is very valuable to us.
>>
>> I am in total agreement with your sentiments thus far.  It is my
>> opinion that the name we have is great as it is and I'd only like to
>> change the name if someone from legal puts pressure on us to do so.
>> IANAL, so I'd have to trust their judgment.  I'm going to post this to
>> legal in just a few minutes asking their feedback.  I'd like to hear
>> what they say regardless of what we end up doing - I'm genuinely
>> curious :)
>>
>> Thanks again very much for chiming in.  Its nice to see that you (and
>> others) are taking continued interest in the project.
>>
>> Best regards,
>>
>> Les
>>
>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>
>>> Hi,
>>>
>>> I'm not really a contributor to the JSecurity project yet (though I hope to
>>> be in the future).  However, this thread has caught my attention, and so I
>>> thought I'd give a couple of thoughts.
>>>
>>> I have an interest, call it a hobby, in name related issues for software
>>> projects, open source included.  So, though I don't speak from any official
>>> background (I guess beyond a little professional), I would like to point out
>>> a few things about the name Alcatraz.
>>>
>>> First, as I believe has been mentioned, the term Alcatraz has been
>>> associated with other software products already.  So, this is bad news with
>>> regards to trademark related issues.  Just because its a geographic location
>>> doesn't mean that it can't be trademarked.  Thus, likely these other
>>> software products are going to have problems with any related use of the
>>> term Alcatraz.
>>>
>>> Second, the connotation for JSecurity implies that the product is used to
>>> keep people out of the protected system.  This is what the term "security"
>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep people out,
>>> it was meant to keep people in.  The use is only quasi-related, and even
>>> confusing, for a product with your feature set.  Alcatraz software would be
>>> a better name for a product which keeps workstation/network users
>>> constrained in their internet use, like a firewall, or a web proxy, for
>>> example.  Or a child internet monitoring product.
>>>
>>> Don't underestimate the importance of this point.  The name of a software
>>> should ideally be somewhat self describing, especially when starting out.
>>> Until the name becomes a core brand, having a self describing name can make
>>> a big difference.
>>>
>>> Third, I don't think you can underestimate how important it is that people
>>> can search the name of your product and find it through Google (and
>>> friends).  Clearly the term Alcatraz has a huge number of unrelated hits,
>>> and you would clearly be lost any search engine placement with the name.
>>> Much better to have a name for your software that is the only known
>>> reference so that people can easily find you after having hear the name.
>>> This is why so many companies go crazy and conjure completely strange and
>>> nonsensical product names.
>>>
>>> Fourth, Alcatraz is a relatively difficult name to spell, which again
>>> becomes problematic for the above search recognition reasons.  Alkitraz?
>>> Some people simply won't know how to spell it immediately (though this is a
>>> minor point, admittedly).
>>>
>>> Fifth, it seems like you're making preparations for something that you don't
>>> even know to be a problem.  Yes, the Apache legal team should be consulted.
>>> However, it seems like jumping the gun to just start changing package names
>>> with anticipation of a name change.  You would be crazy to start renaming
>>> packages based on some unknown possibility that it has to happen in the
>>> future.  What value does this add to the software?
>>>
>>> Following the sigma-six and/or extreme programming world view, you shouldn't
>>> be making any change to your software until the change is actually required
>>> and value is added.  Do you have a pending lawsuit?  Has the Apache council
>>> suggested the change?  Are you being blocked by the incubation process?  Why
>>> even consider a change until it needs to be done.  Energy could be better
>>> spent on other matters.
>>>
>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But, that's
>>> only a very small part of the bigger issue.  Disruption, confusion, support,
>>> search engine optimization, etc. are what needs to be thought about when
>>> changing the name.
>>>
>>> Further, what if you decide to change the name to Alcatraz, and then get
>>> pressure from another software group?  Ouch, time to rename the project yet
>>> again.
>>>
>>> I think you all are better just letting this thing ride until something real
>>> convicting suggests you need a change.  JSecurity is a great product name
>>> which you should stick with until otherwise needed.  And, if that day comes,
>>> Alcatraz is just simply the wrong name, in my humble opinion, for all the
>>> reasons mentioned above.
>>>
>>> Thanks,
>>>
>>> Adam
>>>
>>>
>>>
>>>
>>>
>>> Emmanuel Lecharny wrote:
>>>>
>>>> Alan D. Cabrera wrote:
>>>>>
>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>
>>>>>> Alan D. Cabrera wrote:
>>>>>>>
>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>
>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names we
>>>>>>>>> have googled
>>>>>>>>> too.
>>>>>>>>
>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>> legal-discuss.  But, I can't easily find the thread with the googled
>>>>>>>> names.  Could you please forward them on so I can post them to the
>>>>>>>> legal team?
>>>>>>>
>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the clear
>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0 packages
>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the
>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>> Well, I think then it's better to stick with JSecurity (because it's
>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>> needed (or any other name).
>>>>>>
>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name
>>>>>> (with all the infos we have already found about it), and also ask
>>>>>> them in the same mail if Alcatraz is ok or not (same here : add some
>>>>>> more infos related to this name, assuming that being a geographical
>>>>>> location, it should not be such a problem).
>>>>>
>>>>> Legal is not a clearing house for project names.  They can only give
>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far as I
>>>>> can tell, there is none for alcatraz.
>>>>>
>>>>> What I'm worried about is that the vetting effort for the JSecurity
>>>>> name will have the same track record as the v0.9 release.  If we start
>>>>> with alcatraz then we have one less thing impeding our incubation
>>>>> process.
>>>> Let's start with Alcratraz then, and we have quit some time to do some
>>>> vetting before 1.0 (hopefully when the project exits from incubator).
>>>>
>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>
>>>>
>>>> --
>>>> --
>>>> cordialement, regards,
>>>> Emmanuel Lécharny
>>>> www.iktek.com
>>>> directory.apache.org
>>>>
>>>>
>>>>
>>>>
>>>
>>> --
>>> View this message in context: http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>> Sent from the JSecurity Developer mailing list archive at Nabble.com.
>>>
>>>
>>
>

---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only.  Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the opinions
and policies of the ASF.  See <http://www.apache.org/licenses/> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

Re: JSecurity's new name

[Henri Yandell <ba...@apache.org>]

Given that it's a name you've been using for 4 years, and it's very
generic [jXxx being a common pattern in our space and Security being
very generic]; I'm inclined to keep the current name; though by the
same reasoning, it's a weak name as "Apache JSecurity" isn't very good
branding.

My tuppence of opinion.

Hen

On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lh...@apache.org> wrote:
> Hi ASF legal team,
>
> I'm writing this email in hopes of getting your feedback concerning a
> discussion we've been having on the JSecurity email list (an Incubator
> project).
>
> A few of our mentors have expressed concern that there might be a
> possible naming conflict with our project name (JSecurity) and some
> other references found through google and other search mechanisms.
>
> I'd like to point out that the JSecurity name, as an open source
> project identity has been around for almost 4 years now, with zero
> contact from any external entity claiming conflict with a proprietary
> name or product.  I know this isn't legal criteria for determining if
> there is a name conflict, but I surface it only to put some context of
> why the original JSecurity developers (and our well-established
> communities) think we should keep the JSecurity name.  There might be
> older references to this name, unrelated to our project, but we don't
> know for certain if they would constitute a risk in the name overlap.
>
> We'd like some feedback as to if the project name should be changed or not.
>
> Here is what one of our mentors summarized after doing some research:
>
> <snip>
> Now, looking a bit forward on google, here are some other references
> to JSecurity :
>
> http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm>
> "WIC GLOBAL has developed a comprehensive Information Security
> Assessment service called JSecurity. Our JSecurity experts will
> conduct a full information security risk assessment focusing on:"
>
> http://www.juniper.net/security/ <http://www.juniper.net/security/>
> Seems like they have a service called  J-Security. Be sure that
> Juniper has a legal service who might perfectly well send some nicely
> written "cease and desist" letter to the ASF about this name. Not sure
> that our legals want to deal with that ...
>
> http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
> <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx>
> Another JSecurity... Seems to be around since 2/11/2005 (at least)
>
> http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
> <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf>
> This company has a product named JSecurity. Since when ?
>
> As much as I like the JSecurity name, I also think that we are un
> potential jeopardy if we don't change its name. That's the main issue
> we have : we can't afford any kind of legal action when we already
> know that there are company out there which already use this name.
>
> Anyway, I can be wrong, I'm just trying to gather as much information
> as possible. When you guys think you have set your mind about this
> name, you will have to go to legal@apache.org
> <ma...@apache.org> with the selected name (be it JSecurity or
> any other) to double check that it's ok or not (IFAIK). That is one of
> the condition to exit from the incubator :
> "Check of project name for trademark issues "
> (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
> <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>).
>
> </snip>
>
> Thanks for your review and feedback!
>
> Best,
>
> Les
>
> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lh...@apache.org> wrote:
>> Adam,
>>
>> Thanks _very_ much for such a detailed and thoughtful opinion.  I love
>> to see people who aren't necessarily code contributors contribute to
>> the project in other ways.  This is very valuable to us.
>>
>> I am in total agreement with your sentiments thus far.  It is my
>> opinion that the name we have is great as it is and I'd only like to
>> change the name if someone from legal puts pressure on us to do so.
>> IANAL, so I'd have to trust their judgment.  I'm going to post this to
>> legal in just a few minutes asking their feedback.  I'd like to hear
>> what they say regardless of what we end up doing - I'm genuinely
>> curious :)
>>
>> Thanks again very much for chiming in.  Its nice to see that you (and
>> others) are taking continued interest in the project.
>>
>> Best regards,
>>
>> Les
>>
>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <ad...@adamtaft.com> wrote:
>>>
>>> Hi,
>>>
>>> I'm not really a contributor to the JSecurity project yet (though I hope to
>>> be in the future).  However, this thread has caught my attention, and so I
>>> thought I'd give a couple of thoughts.
>>>
>>> I have an interest, call it a hobby, in name related issues for software
>>> projects, open source included.  So, though I don't speak from any official
>>> background (I guess beyond a little professional), I would like to point out
>>> a few things about the name Alcatraz.
>>>
>>> First, as I believe has been mentioned, the term Alcatraz has been
>>> associated with other software products already.  So, this is bad news with
>>> regards to trademark related issues.  Just because its a geographic location
>>> doesn't mean that it can't be trademarked.  Thus, likely these other
>>> software products are going to have problems with any related use of the
>>> term Alcatraz.
>>>
>>> Second, the connotation for JSecurity implies that the product is used to
>>> keep people out of the protected system.  This is what the term "security"
>>> implies, right?  Alcatraz is a prison.  It was NOT meant to keep people out,
>>> it was meant to keep people in.  The use is only quasi-related, and even
>>> confusing, for a product with your feature set.  Alcatraz software would be
>>> a better name for a product which keeps workstation/network users
>>> constrained in their internet use, like a firewall, or a web proxy, for
>>> example.  Or a child internet monitoring product.
>>>
>>> Don't underestimate the importance of this point.  The name of a software
>>> should ideally be somewhat self describing, especially when starting out.
>>> Until the name becomes a core brand, having a self describing name can make
>>> a big difference.
>>>
>>> Third, I don't think you can underestimate how important it is that people
>>> can search the name of your product and find it through Google (and
>>> friends).  Clearly the term Alcatraz has a huge number of unrelated hits,
>>> and you would clearly be lost any search engine placement with the name.
>>> Much better to have a name for your software that is the only known
>>> reference so that people can easily find you after having hear the name.
>>> This is why so many companies go crazy and conjure completely strange and
>>> nonsensical product names.
>>>
>>> Fourth, Alcatraz is a relatively difficult name to spell, which again
>>> becomes problematic for the above search recognition reasons.  Alkitraz?
>>> Some people simply won't know how to spell it immediately (though this is a
>>> minor point, admittedly).
>>>
>>> Fifth, it seems like you're making preparations for something that you don't
>>> even know to be a problem.  Yes, the Apache legal team should be consulted.
>>> However, it seems like jumping the gun to just start changing package names
>>> with anticipation of a name change.  You would be crazy to start renaming
>>> packages based on some unknown possibility that it has to happen in the
>>> future.  What value does this add to the software?
>>>
>>> Following the sigma-six and/or extreme programming world view, you shouldn't
>>> be making any change to your software until the change is actually required
>>> and value is added.  Do you have a pending lawsuit?  Has the Apache council
>>> suggested the change?  Are you being blocked by the incubation process?  Why
>>> even consider a change until it needs to be done.  Energy could be better
>>> spent on other matters.
>>>
>>> Yes, it's a trivial thing to refactor a project from Eclipse.  But, that's
>>> only a very small part of the bigger issue.  Disruption, confusion, support,
>>> search engine optimization, etc. are what needs to be thought about when
>>> changing the name.
>>>
>>> Further, what if you decide to change the name to Alcatraz, and then get
>>> pressure from another software group?  Ouch, time to rename the project yet
>>> again.
>>>
>>> I think you all are better just letting this thing ride until something real
>>> convicting suggests you need a change.  JSecurity is a great product name
>>> which you should stick with until otherwise needed.  And, if that day comes,
>>> Alcatraz is just simply the wrong name, in my humble opinion, for all the
>>> reasons mentioned above.
>>>
>>> Thanks,
>>>
>>> Adam
>>>
>>>
>>>
>>>
>>>
>>> Emmanuel Lecharny wrote:
>>>>
>>>> Alan D. Cabrera wrote:
>>>>>
>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>
>>>>>> Alan D. Cabrera wrote:
>>>>>>>
>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>
>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>> <el...@gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them the names we
>>>>>>>>> have googled
>>>>>>>>> too.
>>>>>>>>
>>>>>>>> I think this needs to be vetted, so I'm happy to post to
>>>>>>>> legal-discuss.  But, I can't easily find the thread with the googled
>>>>>>>> names.  Could you please forward them on so I can post them to the
>>>>>>>> legal team?
>>>>>>>
>>>>>>> Let me suggest this.  It seems to me that that alcatraz is the clear
>>>>>>> favorite, after jsecurity.  Let's start setting up the 1.0 packages
>>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the
>>>>>>> Incubator PMC we can change the packages to be jsecurity.
>>>>>> Well, I think then it's better to stick with JSecurity (because it's
>>>>>> already the name we use), ask to Legal, and move to alcatraz if
>>>>>> needed (or any other name).
>>>>>>
>>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name
>>>>>> (with all the infos we have already found about it), and also ask
>>>>>> them in the same mail if Alcatraz is ok or not (same here : add some
>>>>>> more infos related to this name, assuming that being a geographical
>>>>>> location, it should not be such a problem).
>>>>>
>>>>> Legal is not a clearing house for project names.  They can only give
>>>>> advice if there's a potential conflict, i.e. JSecurity.  So far as I
>>>>> can tell, there is none for alcatraz.
>>>>>
>>>>> What I'm worried about is that the vetting effort for the JSecurity
>>>>> name will have the same track record as the v0.9 release.  If we start
>>>>> with alcatraz then we have one less thing impeding our incubation
>>>>> process.
>>>> Let's start with Alcratraz then, and we have quit some time to do some
>>>> vetting before 1.0 (hopefully when the project exits from incubator).
>>>>
>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>
>>>>
>>>> --
>>>> --
>>>> cordialement, regards,
>>>> Emmanuel Lécharny
>>>> www.iktek.com
>>>> directory.apache.org
>>>>
>>>>
>>>>
>>>>
>>>
>>> --
>>> View this message in context: http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>> Sent from the JSecurity Developer mailing list archive at Nabble.com.
>>>
>>>
>>
>