You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jcp-open@apache.org by "William A. Rowe, Jr." <wr...@rowe-clan.net> on 2007/07/03 05:46:31 UTC
No NDAs? Or open TCKs?
I think something got lost in the noise...
When we say "No NDA" we are asking as a matter of convenience to
not make individual open source project participants to be bound
to an NDA?
But - are we OK with a specific TCK license which is closed, e.g.
would state "Licensed to developers of ASF software, irrespective
of their other affiliations, provided the use is limited strictly
to validation of development and implementations published through
the ASF"?
I think we are fine with the later. We need no license to ship
a TCK outside of an ASF community, and no need to use it beyond
the community. I believe we are only asking, as a matter of
principal, not to burden individual committers and PMC members
by filing NDA's.
Re: No NDAs? Or open TCKs?
Posted by "Geir Magnusson Jr." <ge...@pobox.com>.
On Jul 3, 2007, at 2:42 PM, William A. Rowe, Jr. wrote:
> Geir Magnusson Jr. wrote:
>>
>> On Jul 3, 2007, at 4:17 AM, Bill Barker wrote:
>>
>>> However, I understand Justin's concerns, and I
>>> agree (non-binding) that the ASF should not vote in favor of any JCP
>>> proposal that includes a FOU.
>>
>> LOL. That wasn't the reason why we didn't vote yes yesterday :) The
>> spec lead stated that there would be no FOU. Whether or not we
>> believe
>> him is another story, but that was the statement.
>
> Let's be clear, we didn't know of an FOU limitation until J2SE 5.0 was
> already complete, correct? We hear that Sun won't add an FOU to
> JSR 315.
> But we haven't heard there will be no other new restrictions, did we?
They did say they wouldn't be adding any other restrictions. (IIRC)
But suppose they did in the TCK submitted at final vote... we'd vote
"no".
Also, they can always change the TCK license at any time.
The real solution, which we were working on in the latest process
JSR, was to have the spec lead be required to provide a TCK license
that they always must offer...
>
> As long as "additional terms and conditions" are added at will, and
> they
> can and will subvert the principals of clause 5 F of the JSPA, we
> won't
> know what we are voting on until we've seen the TCK license, one
> Sun JSR
> at a time. Right?
Don't forget they can change them at any time. See above for solution.
>
> So a vote of Abstain on each new proposal that doesn't include the
> terms
> under which the TCK is licensed by Sun still remains problematic.
> That's
> irrespective of any assurance about FOU, NDA, etc etc.
>
> I want to clarify what I said yesterday; if the Spec Lead said no
> FOU, then
> I believe that statement. What I didn't believe was that there
> would be no
> new problematic terms and conditions.
I don't think this is a rational way of working with them. React to
real problem, not imaginary ones.
In the N years we've been doing this, we've had two problems. The
first was the J2EE license, which we peacefully and successfully
resolved with Sun, showing that we were able to deal with a
corporation on its terms, as well as showing that an open source
organizaiton like the ASF could act in a responsible way. Also, we
showed that the sky didn't fall on the J2EE ecosystem, and we didn't
threaten compatbility.
The second is the current FOU struggle over the JCK. Sun is clearly
on the wrong side of history here, and for that reason, I'm sure
we'll win. (It also helps that the industry is behind us, dilettante
blogs to the contrary notwithstanding...)
geir
Re: No NDAs? Or open TCKs?
Posted by "William A. Rowe, Jr." <wr...@rowe-clan.net>.
Geir Magnusson Jr. wrote:
>
> On Jul 3, 2007, at 4:17 AM, Bill Barker wrote:
>
>> However, I understand Justin's concerns, and I
>> agree (non-binding) that the ASF should not vote in favor of any JCP
>> proposal that includes a FOU.
>
> LOL. That wasn't the reason why we didn't vote yes yesterday :) The
> spec lead stated that there would be no FOU. Whether or not we believe
> him is another story, but that was the statement.
Let's be clear, we didn't know of an FOU limitation until J2SE 5.0 was
already complete, correct? We hear that Sun won't add an FOU to JSR 315.
But we haven't heard there will be no other new restrictions, did we?
As long as "additional terms and conditions" are added at will, and they
can and will subvert the principals of clause 5 F of the JSPA, we won't
know what we are voting on until we've seen the TCK license, one Sun JSR
at a time. Right?
So a vote of Abstain on each new proposal that doesn't include the terms
under which the TCK is licensed by Sun still remains problematic. That's
irrespective of any assurance about FOU, NDA, etc etc.
I want to clarify what I said yesterday; if the Spec Lead said no FOU, then
I believe that statement. What I didn't believe was that there would be no
new problematic terms and conditions.
Bill
Re: No NDAs? Or open TCKs?
Posted by "Geir Magnusson Jr." <ge...@pobox.com>.
On Jul 3, 2007, at 4:17 AM, Bill Barker wrote:
>
> "Mladen Turk" <mt...@apache.org> wrote in
> message news:4689F02C.1050604@apache.org...
>> Bill Barker wrote:
>>
>>> teams at Tomcat and Geronimo have done really great things with
>>> their
>>> implementations of their respective specs, so I don't think that
>>> it is
>>> really fair to penalize them with an asterisk on their sites that
>>> they
>>> aren't officially certified just because of the dust up with
>>> Harmony.
>>>
>>
>> I don't agree with you (at least for the reason).
>> Apache projects are not the islands.
>>
>> IMHO clarifying the NDA/TCK issues would help all ASF projects
>> so they can call them self spec compliant instead using pseudo-TCKs.
>>
>> Not sure if the same TCK issues are of concerns for Geronimo or
>> Tomcat as they are for Harmony, but FOU can be a real problem
>> even for a simplest product that needs to pass the TCK.
>>
>> However like said, not sure if a Servlet TCK has a FOU, and
>> if not we would be fine (if we were island).
>>
>
> The current NDA (to the extent that it has been explained to me,
> IMNAL) that
> applies to Geronimo and Tomcat simply prevents publishing the tests
> (including details where one or the other fails a specific test).
> At the
> moment, there is no FOU on the current Servlet/JSP TCK that I know of.
That is correct. We would never accept such a thing.
> The
> NDA is an agreement between the individual committer and Sun, as
> consenting
> adults (like I've said before, I've personally forgone access to
> the TCK for
> Tomcat because of this).
No - the NDA is an agreement between the ASF and the committer. The
ASF is the licensee for the TCKs, and we are providing them to the
committers. There is no forced relationship with Sun.
> However, I understand Justin's concerns, and I
> agree (non-binding) that the ASF should not vote in favor of any JCP
> proposal that includes a FOU.
LOL. That wasn't the reason why we didn't vote yes yesterday :) The
spec lead stated that there would be no FOU. Whether or not we
believe him is another story, but that was the statement.
People, please - lets get these facts straight. I'm here to answer
any questions.
geir
>
>>
>> Regards,
>> Mladen.
>>
>
>
>
Re: No NDAs? Or open TCKs?
Posted by Bill Barker <wb...@wilshire.com>.
"Mladen Turk" <mt...@apache.org> wrote in
message news:4689F02C.1050604@apache.org...
> Bill Barker wrote:
>
>> teams at Tomcat and Geronimo have done really great things with their
>> implementations of their respective specs, so I don't think that it is
>> really fair to penalize them with an asterisk on their sites that they
>> aren't officially certified just because of the dust up with Harmony.
>>
>
> I don't agree with you (at least for the reason).
> Apache projects are not the islands.
>
> IMHO clarifying the NDA/TCK issues would help all ASF projects
> so they can call them self spec compliant instead using pseudo-TCKs.
>
> Not sure if the same TCK issues are of concerns for Geronimo or
> Tomcat as they are for Harmony, but FOU can be a real problem
> even for a simplest product that needs to pass the TCK.
>
> However like said, not sure if a Servlet TCK has a FOU, and
> if not we would be fine (if we were island).
>
The current NDA (to the extent that it has been explained to me, IMNAL) that
applies to Geronimo and Tomcat simply prevents publishing the tests
(including details where one or the other fails a specific test). At the
moment, there is no FOU on the current Servlet/JSP TCK that I know of. The
NDA is an agreement between the individual committer and Sun, as consenting
adults (like I've said before, I've personally forgone access to the TCK for
Tomcat because of this). However, I understand Justin's concerns, and I
agree (non-binding) that the ASF should not vote in favor of any JCP
proposal that includes a FOU.
>
> Regards,
> Mladen.
>
Re: No NDAs? Or open TCKs?
Posted by "Geir Magnusson Jr." <ge...@pobox.com>.
On Jul 3, 2007, at 2:43 AM, Mladen Turk wrote:
> Bill Barker wrote:
>
>> teams at Tomcat and Geronimo have done really great things with
>> their implementations of their respective specs, so I don't think
>> that it is really fair to penalize them with an asterisk on their
>> sites that they aren't officially certified just because of the
>> dust up with Harmony.
>>
>
> I don't agree with you (at least for the reason).
> Apache projects are not the islands.
>
> IMHO clarifying the NDA/TCK issues would help all ASF projects
> so they can call them self spec compliant instead using pseudo-TCKs.
>
> Not sure if the same TCK issues are of concerns for Geronimo or
> Tomcat as they are for Harmony, but FOU can be a real problem
> even for a simplest product that needs to pass the TCK.
The NDA issues have nothing to do with the FOU issues. Our other TCK
licenses have no FOU restrictions. It was first introduced by Sun in
the Java SE TCK license.
>
> However like said, not sure if a Servlet TCK has a FOU, and
> if not we would be fine (if we were island).
It doesn't - we wouldn't accept those terms.
geir
>
>
> Regards,
> Mladen.
Re: No NDAs? Or open TCKs?
Posted by Mladen Turk <mt...@apache.org>.
Bill Barker wrote:
> teams at Tomcat and Geronimo have done really great things with their
> implementations of their respective specs, so I don't think that it is
> really fair to penalize them with an asterisk on their sites that they
> aren't officially certified just because of the dust up with Harmony.
>
I don't agree with you (at least for the reason).
Apache projects are not the islands.
IMHO clarifying the NDA/TCK issues would help all ASF projects
so they can call them self spec compliant instead using pseudo-TCKs.
Not sure if the same TCK issues are of concerns for Geronimo or
Tomcat as they are for Harmony, but FOU can be a real problem
even for a simplest product that needs to pass the TCK.
However like said, not sure if a Servlet TCK has a FOU, and
if not we would be fine (if we were island).
Regards,
Mladen.
Re: No NDAs? Or open TCKs?
Posted by "Geir Magnusson Jr." <ge...@pobox.com>.
On Jul 3, 2007, at 1:44 AM, Bill Barker wrote:
> The
> teams at Tomcat and Geronimo have done really great things with their
> implementations of their respective specs, so I don't think that it is
> really fair to penalize them with an asterisk on their sites that they
> aren't officially certified just because of the dust up with Harmony.
>
This really has nothing to do with the "dust up". It's just
opportunistic.
The disagreement with Sun has nothing to do with NDAs or demanding
open process for specifications. It has to do with a failure for Sun
to uphold their side of the JSPA.
geir
Re: No NDAs? Or open TCKs?
Posted by Justin Erenkrantz <ju...@erenkrantz.com>.
On 7/2/07, Bill Barker <wb...@wilshire.com> wrote:
> implementations of their respective specs, so I don't think that it is
> really fair to penalize them with an asterisk on their sites that they
> aren't officially certified just because of the dust up with Harmony.
Well, to be fair - I personally view it more than a 'dust up'.
Sun is refusing to provide the TCK unless the ASF promises to restrict
Harmony from running on anything other than 'general purpose
computers' where Sun gets to define what that means. If Sun came and
told us that the FOU restriction (or any other FOU - perhaps that they
can only run on 'single-core computers') also applied for servlets
(i.e. Tomcat) and J2EE (Geronimo), would you be content to leave it
be?
I don't mean the question rhetorically - seriously, would you and the
Tomcat community be happy to accept such a FOU restriction for Tomcat?
What is reasonable in your opinion? So far, we've taken a rather
hard line - but is there a justification from the Java community to
accepting FOUs?
The little devil on my shoulder says to expect Sun to start placing
FOU restrictions on all of their specs where possible once they know
this strategy will succeed. Promises from spec leads simply
shouldn't be considered binding as the spec lead almost certainly
lacks the authority to make such offers on behalf of Sun. -- justin
Re: No NDAs? Or open TCKs?
Posted by Bill Barker <wb...@wilshire.com>.
"William A. Rowe, Jr." <wr...@rowe-clan.net> wrote
in message news:4689CF56.5080809@rowe-clan.net...
> Geir Magnusson Jr. wrote:
>>
>> On Jul 2, 2007, at 11:46 PM, William A. Rowe, Jr. wrote:
>>
>>> I think something got lost in the noise...
>>>
>>> When we say "No NDA" we are asking as a matter of convenience to
>>> not make individual open source project participants to be bound
>>> to an NDA?
>>
>> I don't understand the question, but I'll try anyway - right now, if
>> someone wants to use a TCK from Sun for an Apache project, we ask that
>> they sign our NDA (it's between ASF and the person).
>>
>> You can read it here :
>>
>> http://www.apache.org/jcp/ApacheNDA.pdf
>>
>>>
>>> But - are we OK with a specific TCK license which is closed, e.g.
>>> would state "Licensed to developers of ASF software, irrespective
>>> of their other affiliations, provided the use is limited strictly
>>> to validation of development and implementations published through
>>> the ASF"?
>>
>> Well, that's what we have. But we ask people sign the NDA so that they
>> can positively state they understand that the materials are not for
>> redistribution, and we don't discuss the internals of using the tests or
>> partial results on public lists.
>>
>> What I'd like to do is simply try to revert to a lighter restriction -
>> people assert that they understand that the materials are only for use
>> here, and we can talk about them on regular dev lists.
>>
>>>
>>> I think we are fine with the later. We need no license to ship
>>> a TCK outside of an ASF community, and no need to use it beyond
>>> the community. I believe we are only asking, as a matter of
>>> principal, not to burden individual committers and PMC members
>>> by filing NDA's.
>>
>> I'm fairly familiar with the issue :) How do we hold people accountable
>> if they do decide to use the TCK for their own commercial use, for
>> example? Sun may hold us accountable. The NDA is, IMO, one way that we
>> demonstrate that we're taking due care.
>
> I guess I'm confused; everyone who joins the project, we hope, becomes
> familiar with the LICENSE file and how to read one. If they violate the
> license, the ASF is at fault for their misuse?
>
No, we don't require that. The person that signs the NDA gets his/her own
copy of the TCK. It is *never* checked into the SVN repository. For
example, on Tomcat, I have never signed the NDA for Servlet/JSP, so I have
absolutely no access to the TCK (which, of course, is my choice). As a
result, there isn't anyway that I can violate the LICENSE :). Any
downstream distributer of a modified Tomcat would need to get their own copy
of the TCK to certify their release.
But neither Tomcat 3.x or Tomcat 4.x was ever certified with the TCK (only
Sun's port to their RI was). From Apache, they both depended on the now
mothballed WatchDog project to provide their own, independantly developed
psuedo-TCK. Since Sun and Apache were such good friends back then,
everybody lied and said that Tomcat was the RI, but it was never technically
true (all that was true is that the RI was based on Tomat).
I'd personally like it if we could take Geir's suggestion and nudge Sun to
allow at least some talk of specific test failures on public lists. That
would at least give the committers that have access to the TCK the ability
to veto a broken commit on the dev@ list. But for projects like Tomcat and
Geronimo (with NDAs on distributing [information about] the TCK, but little
other restrictions), I think that the current system works well enough. The
teams at Tomcat and Geronimo have done really great things with their
implementations of their respective specs, so I don't think that it is
really fair to penalize them with an asterisk on their sites that they
aren't officially certified just because of the dust up with Harmony.
> If so, that's the construction of the agreement between Sun and the ASF
> that needs to be remedied. We take violations of our license seriously,
> or of the GPL, or of a non-open license. But we can't guarantee each
> individual committer's behavior, whether they sign an NDA, or not.
>
> Bill
>
> Bill
>
Re: No NDAs? Or open TCKs?
Posted by "Andrew C. Oliver" <ac...@buni.org>.
Joe Schaefer wrote:
>> Not sure one can claim they stole anything as we give the software
>> away for free.
>>
>
> You're ignoring the fact that just participating in the EG's is making
> a technical contribution.
>
...that may or may not be freely redistributable (at Sun's whim), is not
open, and is not engaged with other members of the community.
--
Buni Meldware Communication Suite
http://buni.org
Multi-platform and extensible Email,
Calendaring (including freebusy),
Rich Webmail, Web-calendaring, ease
of installation/administration.
Re: No NDAs? Or open TCKs?
Posted by "Geir Magnusson Jr." <ge...@pobox.com>.
On Jul 6, 2007, at 7:30 PM, Andrew C. Oliver wrote:
> Oh... OpenJDK is for little boys and girls. Big boys and girls use
> the "certified" proprietary software... Nice.
Nope. That wasn't the implication. The implication is that they have
a big problem - the FOU restrictions only apply to binaries but also
the patent grants only apply to tested binaries.
>
> I do want to point out as well that the previous statements that
> OpenJDK is open source or GPL are imprecise if not inaccurate.
> There is a special proprietary binary license in addition to the
> GPL that applies to portions of the JDK: http://openjdk.java.net/
> legal/binary-plugs-2007-05-08.html
>
> It contains such yummy tidbits as:
>
> "
>
> (b) You may not modify Software.
>
> (c) You may not rent, lease, lend or encumber Software.
>
> (d) You do not remove or alter any proprietary legends or notices
> contained
> in the Software,
>
> (e) Unless enforcement is prohibited by applicable law, you may not
> decompile, or reverse engineer Software.
>
> (j) If your Permitted Use in this Agreement permits the distribution
> Software or portions of the Software, you may only distribute the
> Software
> subject to a license agreement that protects Sun's interests
> consistent with
> the terms contained in this Agreement.
> "
>
> So more accurate is that parts of the JDK are open source/free
> software but OpenJDK itself
> (as a whole) is not in fact open source or free software.
>
> The most ironic part is:
>
> lib/$ARCH/libjsoundalsa.so (on all Linux platforms)
>
> ALSA being LGPL and GPL and I'm betting this lil wrapper ain' much
> more than the JNI coupling.
>
> Isn't playing in the grey areas of "open source" that isn't "open
> source" and "open standards"
> that are neither "open" nor "standards" fun?
>
> -Andy
>
> Geir Magnusson Jr. wrote:
>> There is no binary for OpenJDK.
>>
>> Work out the details yourself :)
>>
>> geir
>>
>> On Jul 4, 2007, at 1:48 AM, Dain Sundstrom wrote:
>>
>>> On Jul 3, 2007, at 9:00 PM, Joe Schaefer wrote:
>>>
>>>> Matt Hogstrom <ma...@hogstrom.org> writes:
>>>>
>>>>> On Jul 3, 2007, at 5:06 PM, Roy T. Fielding wrote:
>>>>>
>>>>> *This* disagreement with Sun is about a company that accepted our
>>>>> help and intellectual property based on an agreed set of terms and
>>>>> then broke that agreement at the last minute for pure profit
>>>>> reasons.
>>>>>
>>>>> I've heard this comment a few times. Did Sun specifically state
>>>>> that
>>>>> they would remove the FOU restrictions for the JCK when
>>>>> licensing to
>>>>> Apache? If so, is it in a form we can use publicly as that in
>>>>> and of
>>>>> itself is pretty damaging.
>>>>
>>>> Read the board minutes. The first license they offered us for
>>>> harmony
>>>> had no FOU restrictions.
>>>
>>> Also as Andy pointed out, the Sun owned OpenJDK has no FOU
>>> restrictions, so they not playing fair. This is an obvious double
>>> standard and something we should all blog about.
>>>
>>> -dain
>
>
> --
> Buni Meldware Communication Suite
> http://buni.org
> Multi-platform and extensible Email, Calendaring (including
> freebusy), Rich Webmail, Web-calendaring, ease of installation/
> administration.
>
Re: No NDAs? Or open TCKs?
Posted by "Andrew C. Oliver" <ac...@buni.org>.
Oh... OpenJDK is for little boys and girls. Big boys and girls use the
"certified" proprietary software... Nice.
I do want to point out as well that the previous statements that OpenJDK
is open source or GPL are imprecise if not inaccurate. There is a
special proprietary binary license in addition to the GPL that applies
to portions of the JDK:
http://openjdk.java.net/legal/binary-plugs-2007-05-08.html
It contains such yummy tidbits as:
"
(b) You may not modify Software.
(c) You may not rent, lease, lend or encumber Software.
(d) You do not remove or alter any proprietary legends or notices contained
in the Software,
(e) Unless enforcement is prohibited by applicable law, you may not
decompile, or reverse engineer Software.
(j) If your Permitted Use in this Agreement permits the distribution
Software or portions of the Software, you may only distribute the Software
subject to a license agreement that protects Sun's interests consistent with
the terms contained in this Agreement.
"
So more accurate is that parts of the JDK are open source/free software but OpenJDK itself
(as a whole) is not in fact open source or free software.
The most ironic part is:
lib/$ARCH/libjsoundalsa.so (on all Linux platforms)
ALSA being LGPL and GPL and I'm betting this lil wrapper ain' much more than the JNI coupling.
Isn't playing in the grey areas of "open source" that isn't "open source" and "open standards"
that are neither "open" nor "standards" fun?
-Andy
Geir Magnusson Jr. wrote:
> There is no binary for OpenJDK.
>
> Work out the details yourself :)
>
> geir
>
> On Jul 4, 2007, at 1:48 AM, Dain Sundstrom wrote:
>
>> On Jul 3, 2007, at 9:00 PM, Joe Schaefer wrote:
>>
>>> Matt Hogstrom <ma...@hogstrom.org> writes:
>>>
>>>> On Jul 3, 2007, at 5:06 PM, Roy T. Fielding wrote:
>>>>
>>>> *This* disagreement with Sun is about a company that accepted our
>>>> help and intellectual property based on an agreed set of terms and
>>>> then broke that agreement at the last minute for pure profit reasons.
>>>>
>>>> I've heard this comment a few times. Did Sun specifically state that
>>>> they would remove the FOU restrictions for the JCK when licensing to
>>>> Apache? If so, is it in a form we can use publicly as that in and of
>>>> itself is pretty damaging.
>>>
>>> Read the board minutes. The first license they offered us for harmony
>>> had no FOU restrictions.
>>
>> Also as Andy pointed out, the Sun owned OpenJDK has no FOU
>> restrictions, so they not playing fair. This is an obvious double
>> standard and something we should all blog about.
>>
>> -dain
--
Buni Meldware Communication Suite
http://buni.org
Multi-platform and extensible Email,
Calendaring (including freebusy),
Rich Webmail, Web-calendaring, ease
of installation/administration.
Re: No NDAs? Or open TCKs?
Posted by "Geir Magnusson Jr." <ge...@pobox.com>.
There is no binary for OpenJDK.
Work out the details yourself :)
geir
On Jul 4, 2007, at 1:48 AM, Dain Sundstrom wrote:
> On Jul 3, 2007, at 9:00 PM, Joe Schaefer wrote:
>
>> Matt Hogstrom <ma...@hogstrom.org> writes:
>>
>>> On Jul 3, 2007, at 5:06 PM, Roy T. Fielding wrote:
>>>
>>> *This* disagreement with Sun is about a company that accepted
>>> our
>>> help and intellectual property based on an agreed set of
>>> terms and
>>> then broke that agreement at the last minute for pure profit
>>> reasons.
>>>
>>> I've heard this comment a few times. Did Sun specifically state
>>> that
>>> they would remove the FOU restrictions for the JCK when licensing to
>>> Apache? If so, is it in a form we can use publicly as that in
>>> and of
>>> itself is pretty damaging.
>>
>> Read the board minutes. The first license they offered us for
>> harmony
>> had no FOU restrictions.
>
> Also as Andy pointed out, the Sun owned OpenJDK has no FOU
> restrictions, so they not playing fair. This is an obvious double
> standard and something we should all blog about.
>
> -dain
Re: No NDAs? Or open TCKs?
Posted by Martin van den Bemt <ml...@mvdb.net>.
>> Just a "though" experiment :
>>
>> 1) We get the JCK and release "Java" under FOU restrictions.
>
> apache is a non-profit organisation. our charter is clear: apache's
> purpose is open source and only open source. apache cannot take this
> action.
I know :) But is just an indirect way to saying "the other one also passes"..
Mvgr,
Martin
Re: No NDAs? Or open TCKs?
Posted by robert burrell donkin <ro...@gmail.com>.
On 7/4/07, Martin van den Bemt <ml...@mvdb.net> wrote:
>
> > Also as Andy pointed out, the Sun owned OpenJDK has no FOU restrictions,
> > so they not playing fair. This is an obvious double standard and
> > something we should all blog about.
>
> What has OpenJDK to do with the JCK ? OpenJDK != Java, so there are FOU restrictions on that
> (guessing here). Since Sun is the on that can release a Java version from the OpenJDK, FOU
> restrictions is not an issue for Sun themselves.
>
> Just a "though" experiment :
>
> 1) We get the JCK and release "Java" under FOU restrictions.
apache is a non-profit organisation. our charter is clear: apache's
purpose is open source and only open source. apache cannot take this
action.
- robert
Re: No NDAs? Or open TCKs?
Posted by Martin van den Bemt <ml...@mvdb.net>.
> Also as Andy pointed out, the Sun owned OpenJDK has no FOU restrictions,
> so they not playing fair. This is an obvious double standard and
> something we should all blog about.
What has OpenJDK to do with the JCK ? OpenJDK != Java, so there are FOU restrictions on that
(guessing here). Since Sun is the on that can release a Java version from the OpenJDK, FOU
restrictions is not an issue for Sun themselves.
Just a "though" experiment :
1) We get the JCK and release "Java" under FOU restrictions.
2) We release "Harmony" (same code, same version), as Harmony (as we didn't run the TCK on that
one), so without restrictions.
Don't know if we can legally do that, but logic says we can (although legal stuff is *not* based
logic these days)
Mvgr,
Martin
Re: No NDAs? Or open TCKs?
Posted by Dain Sundstrom <da...@iq80.com>.
On Jul 3, 2007, at 9:00 PM, Joe Schaefer wrote:
> Matt Hogstrom <ma...@hogstrom.org> writes:
>
>> On Jul 3, 2007, at 5:06 PM, Roy T. Fielding wrote:
>>
>> *This* disagreement with Sun is about a company that accepted our
>> help and intellectual property based on an agreed set of terms
>> and
>> then broke that agreement at the last minute for pure profit
>> reasons.
>>
>> I've heard this comment a few times. Did Sun specifically state that
>> they would remove the FOU restrictions for the JCK when licensing to
>> Apache? If so, is it in a form we can use publicly as that in and of
>> itself is pretty damaging.
>
> Read the board minutes. The first license they offered us for harmony
> had no FOU restrictions.
Also as Andy pointed out, the Sun owned OpenJDK has no FOU
restrictions, so they not playing fair. This is an obvious double
standard and something we should all blog about.
-dain
Re: No NDAs? Or open TCKs?
Posted by Joe Schaefer <jo...@sunstarsys.com>.
Matt Hogstrom <ma...@hogstrom.org> writes:
> On Jul 3, 2007, at 5:06 PM, Roy T. Fielding wrote:
>
> *This* disagreement with Sun is about a company that accepted our
> help and intellectual property based on an agreed set of terms and
> then broke that agreement at the last minute for pure profit reasons.
>
> I've heard this comment a few times. Did Sun specifically state that
> they would remove the FOU restrictions for the JCK when licensing to
> Apache? If so, is it in a form we can use publicly as that in and of
> itself is pretty damaging.
Read the board minutes. The first license they offered us for harmony
had no FOU restrictions.
>
> They have stolen what we contributed and we have been exceedingly
>
> polite about it so far.
>
> Not sure one can claim they stole anything as we give the software
> away for free.
You're ignoring the fact that just participating in the EG's is making
a technical contribution.
--
Joe Schaefer
Re: No NDAs? Or open TCKs?
Posted by Matt Hogstrom <ma...@hogstrom.org>.
On Jul 3, 2007, at 5:06 PM, Roy T. Fielding wrote:
> *This* disagreement with Sun is about a company that accepted our
> help and intellectual property based on an agreed set of terms and
> then broke that agreement at the last minute for pure profit reasons.
I've heard this comment a few times. Did Sun specifically state that
they would remove the FOU restrictions for the JCK when licensing to
Apache? If so, is it in a form we can use publicly as that in and of
itself is pretty damaging.
> They have stolen what we contributed and we have been exceedingly
> polite about it so far.
Not sure one can claim they stole anything as we give the software
away for free. They certainly have been more than willing to consume
our software (even to the point of repackaging with a fancy com.sun
package prefix on some of the ASF's technology). I'd say they are
exercising their rights appropriately but not being a good community
member and giving back. At the end of the day, for them its about
profit as it is with most, if not all, corporations that have
stockholders.
Re: No NDAs? Or open TCKs?
Posted by "Roy T. Fielding" <fi...@gbiv.com>.
> When I first got involved with Apache, there was an incredible amount
> of innovation going on. By the time Apache started leveraging the
> fact that we could advocate for "the open source process", the people
> at Apache who were passionate about this were pretty enlightened ...
> and they made a difference. innovation occurred all over the place!
>
> We're about to piss that all away. Do we *really* want the public
> perception of the ASF to share the gutter with the perception of open
> source radicals?
I think you've been drinking too much of the kool-aid and forgetting
what got us here in the first place.
Apache was founded to ensure that no single company would be able to
control (and thereby destroy) the infrastructure of the Web. We did
that by distributing open source while contributing to open standards,
making sure that only open standards would succeed on the Web.
Although we did that "political stuff" with quite a bit more stealth
than the current mode of operation, there is a long history of Apache
applying exactly this type of pressure to avoid a situation in which
short-term commercial interests would overwhelm and destroy the
neutrality of the platform upon which we based our applications.
The public doesn't perceive the ASF as anything more than a source
of useful software. The public doesn't know what is required to
distribute as open source, or how groups of developers from competing
corporations can achieve benefit through collaborating on basic
infrastructure. The public doesn't see it when a corporation tries
to gain advantage through legal maneuvering. We do.
I am sorry that it has become inconvenient to bring personal
projects to the ASF. OTOH, that isn't why we created Apache
(less than a third of my open source projects were done at the ASF).
Apache is for collaborations, not personal fiefdoms, and it is a
fact of life that collaboration requires a lot more overhead than
other forms of open source development and distribution.
*This* disagreement with Sun is about a company that accepted our
help and intellectual property based on an agreed set of terms and
then broke that agreement at the last minute for pure profit reasons.
They have stolen what we contributed and we have been exceedingly
polite about it so far. If you can't see why that is a reason to
take a "political stand", then I honestly don't care where you
choose to develop your software. It isn't open source if we aren't
allowed to distribute our own software under an open source license,
and it isn't an open standard if the spec lead is allowed to place
arbitrary distribution restrictions on whatever is tested by the TCK.
We don't need the grief that the JCP, or at least those parts of it
that are controlled by Sun, has caused Apache over the years.
If people want to do free work for Sun, then they should join the
relevant Glassfish projects. Our influence on Java reached its
ultimate end-goal as soon as the Java platform code was released as
open source, and the fact that Sun chose to retain control over
that code through copyright assignment + GPL does not make it any
less of a success. We have nothing left to gain from continuing
work on Sun-led JSRs at Apache. We would be far better off by
focusing work on our own interfaces and allowing anyone to
contribute to their technical development under our own rules.
....Roy
Re: No NDAs? Or open TCKs?
Posted by Craig McClanahan <cr...@apache.org>.
Personal opinions *only* are expressed below ... in particular, I am
contaminated with confidential information from both parties regarding
the Harmony JCK discussion, so nothing below should be construed as
having anything to do with that issue.
On 7/2/07, William A. Rowe, Jr. <wr...@rowe-clan.net> wrote:
> Geir Magnusson Jr. wrote:
> >
> > On Jul 2, 2007, at 11:46 PM, William A. Rowe, Jr. wrote:
> >
> >> I think something got lost in the noise...
> >>
> >> When we say "No NDA" we are asking as a matter of convenience to
> >> not make individual open source project participants to be bound
> >> to an NDA?
> >
> > I don't understand the question, but I'll try anyway - right now, if
> > someone wants to use a TCK from Sun for an Apache project, we ask that
> > they sign our NDA (it's between ASF and the person).
> >
> > You can read it here :
> >
> > http://www.apache.org/jcp/ApacheNDA.pdf
> >
> >>
> >> But - are we OK with a specific TCK license which is closed, e.g.
> >> would state "Licensed to developers of ASF software, irrespective
> >> of their other affiliations, provided the use is limited strictly
> >> to validation of development and implementations published through
> >> the ASF"?
> >
> > Well, that's what we have. But we ask people sign the NDA so that they
> > can positively state they understand that the materials are not for
> > redistribution, and we don't discuss the internals of using the tests or
> > partial results on public lists.
> >
> > What I'd like to do is simply try to revert to a lighter restriction -
> > people assert that they understand that the materials are only for use
> > here, and we can talk about them on regular dev lists.
> >
> >>
> >> I think we are fine with the later. We need no license to ship
> >> a TCK outside of an ASF community, and no need to use it beyond
> >> the community. I believe we are only asking, as a matter of
> >> principal, not to burden individual committers and PMC members
> >> by filing NDA's.
> >
> > I'm fairly familiar with the issue :) How do we hold people accountable
> > if they do decide to use the TCK for their own commercial use, for
> > example? Sun may hold us accountable. The NDA is, IMO, one way that we
> > demonstrate that we're taking due care.
>
> I guess I'm confused; everyone who joins the project, we hope, becomes
> familiar with the LICENSE file and how to read one. If they violate the
> license, the ASF is at fault for their misuse?
>
> If so, that's the construction of the agreement between Sun and the ASF
> that needs to be remedied. We take violations of our license seriously,
> or of the GPL, or of a non-open license. But we can't guarantee each
> individual committer's behavior, whether they sign an NDA, or not.
>
> Bill
>
For the past several years, I have been a supporter of the basically
enlightened approach that Geir (and others) have been taking with
respect to our (Apache's) involvement in the JCP process, and in
particular our participation in the Executive Committee. Yes, we have
had to hold our noses at times. But also, yes, we have *materially*
impacted the process, for the betterment of open source development as
a whole. And yes, I have done some internal nudging and prodding in
that regard, along the way, when and where I could.
Consider where the JCP *would* have been, had Apache not taken the
principled stands it has taken. It's not a pretty picture.
Would this have occurred if Apache were perceived as "politically" as
the FSF is perceived? If you believe that, I've got a bridge to sell
you too :-).
Is the ASF drifting towards positions that will inevitably lead to it
being perceived the same way? Yep, that's my big concern.
I've taken the opportunity, over the course of these discussions, to
review my own participation in open source projects. At the end of
the day, what I care about the most is the "change the world" aspect
of open source ... I want to make the world a better place by
providing some software that might, in certain use cases, be useful in
making other folks more productive. Licenses are a secondary issue
(although I personally prefer the BSD-ish -- and therefore Apache-ish
-- flavors as being less of an impediment to using software that I
might create). The fact that there are hundreds of thousands of
applications built on technology that I had a big hand in (Struts,
Tomcat >= 4.0) is gratifying ... but, for the purposes of the current
discussion, it is important for folks to understand that I came here
initially because of the *lack* of a political bent in the
organization.
Back then, the most common reasons to use the Apache License (or any
other related thing such as BSD) was pretty pragmatic ... "I don't
care *how* you use it, but please give me credit." This was ***not***
a political manifesto ... at least, until now.
Now, I can look back at the last 2-3 years and see that Apache has had
a huge positive impact -- but I can also see that Apache is about to
squander the reputation and goodwill that has grown out of the
enlightened approach we have been taking. We are about to prove
everyone who considers us (from a political perspective) of being no
better than the FSF.
That saddens me. That saddens me a lot.
When I first got involved with Apache, there was an incredible amount
of innovation going on. By the time Apache started leveraging the
fact that we could advocate for "the open source process", the people
at Apache who were passionate about this were pretty enlightened ...
and they made a difference. innovation occurred all over the place!
We're about to piss that all away. Do we *really* want the public
perception of the ASF to share the gutter with the perception of open
source radicals?
For myself, it's too late ... as I have stated on public mailing
lists, there is no way I can conceive of ever bringing another project
that *I* care about to Apache. The costs far outweigh the benefits.
It seems that I'm not alone in that regard. Look back at the
Incubator proposals over the last few years. The vast majority of
them are fundamentally based on corporations wanting to open source
existing technology and grow a community around it (*nothing* is wrong
with that as a goal; the reason they tend to try here is very
pragmatic). A small percentage is either assimilation or mergers with
existing open source projects. But where is the "let's build some
cool new stuff" aspect?
Don't get me wrong ... there is a *bunch* of innovation going on
inside existing Apache projects (hmm ... time to review some of the
original project charters? :). But my point is this ... "new"
innovations are happening elsewhere. "Harvesting" is happening at
Apache when marketing people figure out that the brand is worth
something.
What happens to genuinely new ideas? We scoff at them, in the
incubator, for not having already built a community. Yes, the Labs
concept might help that, but IMHO it is to late. The incubator
submissions that "win" tend to be corporate sponsored initiatives
where the originating parties have something of a clue about building
communities, but where the actual projects remain primarily under the
"control" of the originating organization. It may not be overt, but
it is definitely there.
Enough rambling ... here's the bottom line. Apache has *lost* me as
an internal-to-Sun advocate for the generally enlightened approach we
have been taking, of starting where we are and trying to improve it --
that well is being poisoned (as we speak) by the discussion on this
list, as well as the semi-private :-) discussions in other places that
preceded it. Apache has *lost* me as a source of new project ideas
that might actually be "change the world" in impact.
The thing I have enjoyed the most about participation in Apache over
the years has been the relative (to the rest of the world) *lack* of
political posturing with which we have advocated our beliefs. It
makes me sad, but I cannot enjoy that position any longer -- it
clearly doesn't exist with the ~20 or so folks (out of a couple of
thousand committers, and a couple hundred members of ASF) that are
driving towards policy decisions that are radicalizing the dicussions,
instead of improving the world.
That's not where I am. That's not where I would prefer the ASF to be.
That's not where I am interested in being in the future. Feel free
to "do your own thing" ... without me.
Craig McClanahan
PS: +1 for a "yes" vote on the Servlet JSR, with the comments that
have been agreed to.
Re: No NDAs? Or open TCKs?
Posted by "William A. Rowe, Jr." <wr...@rowe-clan.net>.
Geir Magnusson Jr. wrote:
>
> On Jul 2, 2007, at 11:46 PM, William A. Rowe, Jr. wrote:
>
>> I think something got lost in the noise...
>>
>> When we say "No NDA" we are asking as a matter of convenience to
>> not make individual open source project participants to be bound
>> to an NDA?
>
> I don't understand the question, but I'll try anyway - right now, if
> someone wants to use a TCK from Sun for an Apache project, we ask that
> they sign our NDA (it's between ASF and the person).
>
> You can read it here :
>
> http://www.apache.org/jcp/ApacheNDA.pdf
>
>>
>> But - are we OK with a specific TCK license which is closed, e.g.
>> would state "Licensed to developers of ASF software, irrespective
>> of their other affiliations, provided the use is limited strictly
>> to validation of development and implementations published through
>> the ASF"?
>
> Well, that's what we have. But we ask people sign the NDA so that they
> can positively state they understand that the materials are not for
> redistribution, and we don't discuss the internals of using the tests or
> partial results on public lists.
>
> What I'd like to do is simply try to revert to a lighter restriction -
> people assert that they understand that the materials are only for use
> here, and we can talk about them on regular dev lists.
>
>>
>> I think we are fine with the later. We need no license to ship
>> a TCK outside of an ASF community, and no need to use it beyond
>> the community. I believe we are only asking, as a matter of
>> principal, not to burden individual committers and PMC members
>> by filing NDA's.
>
> I'm fairly familiar with the issue :) How do we hold people accountable
> if they do decide to use the TCK for their own commercial use, for
> example? Sun may hold us accountable. The NDA is, IMO, one way that we
> demonstrate that we're taking due care.
I guess I'm confused; everyone who joins the project, we hope, becomes
familiar with the LICENSE file and how to read one. If they violate the
license, the ASF is at fault for their misuse?
If so, that's the construction of the agreement between Sun and the ASF
that needs to be remedied. We take violations of our license seriously,
or of the GPL, or of a non-open license. But we can't guarantee each
individual committer's behavior, whether they sign an NDA, or not.
Bill
Bill
Re: No NDAs? Or open TCKs?
Posted by Matthias Wessendorf <ma...@apache.org>.
On 7/3/07, Dain Sundstrom <da...@iq80.com> wrote:
> On Jul 2, 2007, at 8:53 PM, Geir Magnusson Jr. wrote:
>
> > What I'd like to do is simply try to revert to a lighter
> > restriction - people assert that they understand that the materials
> > are only for use here, and we can talk about them on regular dev
> > lists.
>
> +1
>
> Basically, I would like to make the geronimo-tck mailing list public
> (or better merge it into dev@geronimo). On this list we mainly
> discuss current test results (exact pass/fail numbers), bugs in
> tests, and the implementation of test harness interfaces. In my
> opinion all of this should be public and can be without making the
> TCK zips available to the general public.
+1
>
> -dain
>
--
Matthias Wessendorf
further stuff:
blog: http://matthiaswessendorf.wordpress.com/
mail: matzew-at-apache-dot-org
Re: No NDAs? Or open TCKs?
Posted by Dain Sundstrom <da...@iq80.com>.
On Jul 2, 2007, at 8:53 PM, Geir Magnusson Jr. wrote:
> What I'd like to do is simply try to revert to a lighter
> restriction - people assert that they understand that the materials
> are only for use here, and we can talk about them on regular dev
> lists.
+1
Basically, I would like to make the geronimo-tck mailing list public
(or better merge it into dev@geronimo). On this list we mainly
discuss current test results (exact pass/fail numbers), bugs in
tests, and the implementation of test harness interfaces. In my
opinion all of this should be public and can be without making the
TCK zips available to the general public.
-dain
Re: No NDAs? Or open TCKs?
Posted by "Geir Magnusson Jr." <ge...@pobox.com>.
On Jul 2, 2007, at 11:46 PM, William A. Rowe, Jr. wrote:
> I think something got lost in the noise...
>
> When we say "No NDA" we are asking as a matter of convenience to
> not make individual open source project participants to be bound
> to an NDA?
I don't understand the question, but I'll try anyway - right now, if
someone wants to use a TCK from Sun for an Apache project, we ask
that they sign our NDA (it's between ASF and the person).
You can read it here :
http://www.apache.org/jcp/ApacheNDA.pdf
>
> But - are we OK with a specific TCK license which is closed, e.g.
> would state "Licensed to developers of ASF software, irrespective
> of their other affiliations, provided the use is limited strictly
> to validation of development and implementations published through
> the ASF"?
Well, that's what we have. But we ask people sign the NDA so that
they can positively state they understand that the materials are not
for redistribution, and we don't discuss the internals of using the
tests or partial results on public lists.
What I'd like to do is simply try to revert to a lighter restriction
- people assert that they understand that the materials are only for
use here, and we can talk about them on regular dev lists.
>
> I think we are fine with the later. We need no license to ship
> a TCK outside of an ASF community, and no need to use it beyond
> the community. I believe we are only asking, as a matter of
> principal, not to burden individual committers and PMC members
> by filing NDA's.
I'm fairly familiar with the issue :) How do we hold people
accountable if they do decide to use the TCK for their own commercial
use, for example? Sun may hold us accountable. The NDA is, IMO, one
way that we demonstrate that we're taking due care.
And no, we don't demand open TCKs. We ask, but don't require. But
tomorrow is another day here on the wild and wooly jcp-open@ list...
geir