You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openoffice.apache.org by Kay Schenk <ka...@gmail.com> on 2012/05/14 23:18:15 UTC
non-ASF distribution...Re: CD-ROMs for consumers
OK, I changed the subject on this since I think what we need to discuss
applies to more than just CD-ROMs...I hope that's OK, see my reply below...
On 05/14/2012 01:06 PM, Rob Weir wrote:
> On Mon, May 14, 2012 at 3:53 PM, Louis Suárez-Potts<lu...@gmail.com> wrote:
>> Hi
>> On 2012-05-14, at 12:47 , Kay Schenk wrote:
>>
>>> On Fri, May 11, 2012 at 10:51 AM, Rob Weir<ro...@apache.org> wrote:
>>>
>>>> On Thu, May 10, 2012 at 8:08 PM,<in...@softwaredistributor.info> wrote:
>>>>> Hello,
>>>>>
>>>>> I found so many invalid links(Dead links)or not open office software
>>>> related.
>>>>> Because this page not update for years
>>>>> http://www.openoffice.org/distribution/cdrom/
>>>>>
>>>>
>>>> This page has repeatedly been the source of confusion and concern.
>>>>
>>>
>>> FWIW -- I de-linked the CDROM info from the current download page before we
>>> went live. The old distribution info, of course, continued to live on...so
>>> this was needed.
>>>
>>> I started, rather feebly, a new page yesterday that I thought might be a
>>> catch all for all manners of third party distributions --CDROM, other
>>> builds not by Apache. That would tie in or actually be replaced by this new
>>> page you started. yeah, we need to work on this, hopefully soon, to get
>>> more options out there.
>>>
>>> This new page is good until we determine HOW we even want to "verify"
>>> what's being distributed by these methods.
>>
>> What would "verify" mean? When I set up the CDROM project and distribution category,
the verification was simple: the binaries and source (if that was what
they wanted to deliver, too;
a link would have worked, and did, usually) had to come from one of
OOo's mirrors, and we (Alex, at that point) pointed them to those. (That
was the mirrors list I set up but which was then later maintained by
several, including Florian E.)
>>
>> Why not do the same? It must come from an AOO distribution mirror.
We simply trust those who claim that that is how they obtained the
binaries.
As to what is distributed on CDROM (or DVD): what they want, in addition
to a legitimate binary.
And it need not be, of course, in English.
I think I used "verify" instead of "vetting"...not the same thing.
So, a few areas to discuss-- folks that contact us about a more formal
inclusion (let's call them partners for this discussion), those that
don't, and finally, places we find on our own.
== non-formal distributions ==
Right now, as we've discovered, there are already folks distributing 3.4
that we don't know anything about. We don't know who they are, we don't
even know WHAT they've got in their distributions. They haven't asked
for permission from us, we don't even know where they're obtaining what
they've got.
We should, by some means, address this immediately in some way --
message on the home page etc. We don't know who they are, we don't even
know WHAT they've got in their distributions.
This doesn't require any process by us.
== partners, more formal requests ==
I would put the former CD-ROM folks in this category. We provided a list
for our customers to obtain OOo in this way.
Your ideas about obtaining software from one of the mirrors is good here.
Rob's replacement page for distribution talks about our establishing a
process--
http://ooo-site.staging.apache.org/distribution/index.html
so let's talk about that. What should this process be? What are we
requiring from them. What information do we need from third party folks,
like CD-ROM providers or other builds/methods of distribution, that come
to us?
== and finally, helping ourselves ==
Do we know of any sites with AOO 3.4 that we want to include for users
with potentially helpful distributions? This is a case where no one has
contacted us but we found something that might be useful, and tested it
out to our satisfaction.
A case in point would be (me) putting that UpUbuntu link in the install
guide. These folks didn't even come to us, and there have been concerns
by other ooo-dev folks about it. At the time, many were excited about
it, but, well...maybe not so fast... Does adding something like this to
a page on our site somehow make us responsible for it?
Further thoughts?
>>
>
> The prior discussion on this was last week, in a thread called "Who is
> Page Maintainer Now? http://www.openoffice.org/distribution/cdrom/"
>
> -Rob
--
------------------------------------------------------------------------
MzK
"Well, life has a funny way of sneaking up on you
And life has a funny way of helping you out
Helping you out."
-- "Ironic", Alanis Morissette
Re: non-ASF distribution...Re: CD-ROMs for consumers
Posted by Kay Schenk <ka...@gmail.com>.
On Tue, May 15, 2012 at 11:21 AM, Rob Weir <ro...@apache.org> wrote:
> On Tue, May 15, 2012 at 12:38 PM, Kay Schenk <ka...@gmail.com> wrote:
> > On Mon, May 14, 2012 at 3:07 PM, Rob Weir <ro...@apache.org> wrote:
> >
> >> On Mon, May 14, 2012 at 5:18 PM, Kay Schenk <ka...@gmail.com>
> wrote:
> >> > OK, I changed the subject on this since I think what we need to
> discuss
> >> > applies to more than just CD-ROMs...I hope that's OK, see my reply
> >> below...
> >> >
> >>
> >> <snip>
> >>
> >> So the current state of affairs is:
> >>
> >> 1) Anyone is free to distribute OOo or AOO on CD, on their website, on
> >> USB keys, etc. We're open source, and the license fully permits this.
> >>
> >> 2) Although use of the ASF-owned trademarks is restricted, any one is
> >> free to send an email to the project and request the use of the logos
> >> for use on their CD distribution. We have received and approved
> >> requests like this in the past. For example, CD's for distribution at
> >> conferences.
> >>
> >> If we want we can just continue with those two principles and do
> >> nothing more. But IMHO there are some subset of redistribution of
> >> AOO that we might permit the use of the logo without any explicit
> >> permission. If we decide to do this, we could specify the conditions
> >> under which such redistribution might take place. Note that this is
> >> not a restriction on what distributors may do. They always have the
> >> options given per #1 and #2 above. The point is merely to provide a
> >> lighter weight process for doing #2, in a subset of cases that we
> >> believe are for the public good.
> >>
> >> It is an additional question whether we want to maintain a registry or
> >> directory of such distributors.
> >>
> >> I'd be especially interested in what users think of this. What would
> >> be their expectations if we maintained such a list?
> >>
> >
> > I can't answer this one and I appreciate your perspective #1.
> >
> > The immediate thing(s) I'm concerned about is packages that we have
> > highlighted on the website -- all the "porting" section
> >
> > http://www.openoffice.org/porting/
> >
> > Should this continue. There is no disclaimer here.
> >
> > Additionally, since we have no link to this from the main download page,
> > how do folks even find out about it.
> >
> > Advice needed.
> >
>
> I think we need to make it clear what the 'porting project" is, if we
> keep that name.
>
> A) A way to enable 3rd parties to create ports and distribute them on
> their own
>
> or
>
> B) A way to enable new project volunteers to create and release new
> platform support within the project
>
> There is some overlap here, since someone who does A) will likely be
> contributing patches as well.
>
> This is parallel to enhancements of AOO as well, whether we speak of
> enhancement translations, extensions, features, etc.
>
> A) Doing the work in our SVN and releasing as part of an official release
>
> B) Doing the work externally, and releasing externally.
>
> I think both are fine, and we should help and encourage both, as part
> of the broader ecosystem. But we'll want to distinguish, in branding,
> and in how we link to these products, what is really an official
> release of the project and what is a 3rd party derivation.
>
> So I think the concept is broader than just "ports". One idea is to
> create a new page and link to it from
> http://www.openoffice.org/download/, as a new "block" on that page.
>
Well I think it would be a great idea to link the "ports" to the download
page.
For now, I'll post a separate thread to find out more. I don't know
anything about the "porting" project.
> It could be called "3rd party Ports, Enhancements and Extensions".
> And on that page we could put the disclaimer and then link to other
> products that are based upon AOO. And maybe from the OOo 3.3.0
> download page we could link to the legacy ports page?
>
> -Rob
>
> > (I will pull the UpUbuntu link from the install instructions later
> > today...should I add it to "porting"?).
> >
> >
> >> Alternatively, we could rely on distributors to advertise themselves.
> >> A search engine query, for example, for "OpenOffice CD Schweitz"
> >> should match a customer with a vendor, if such a vendor in Switzerland
> >> exists. The customer would still need to establish trust, risk their
> >> payment and the vendor would similarly need to watch out for their
> >> reputation. And the vendor would have motivation to keep his listings
> >> current. None of this would involve Apache.
> >>
> >> This is the way consumers match themselves up with goods everywhere
> >> else. We seem to get every other variety of CD in the world without
> >> involving Apache. Why should this be different?
> >>
> >> In other words, isn't this a problem that solves itself? We give
> >> permission to use a special logo on CD's that follow our rules. We
> >> then educate users to look for that special logo. We then leave it to
> >> the distributors to advertise themselves.
> >>
> >> Note: I'm not opposed to maintaining a registry at Apache I just
> >> think that we have little motivation to keep it up to date, and so it
> >> will not be maintained.
> >>
> >> > == non-formal distributions ==
> >> > Right now, as we've discovered, there are already folks distributing
> 3.4
> >> > that we don't know anything about. We don't know who they are, we
> don't
> >> even
> >> > know WHAT they've got in their distributions. They haven't asked for
> >> > permission from us, we don't even know where they're obtaining what
> >> they've
> >> > got.
> >>
> >> This is permitted by the license. AOO can be redistributed and
> >> modified and the modifications can be redistributed. Even if the
> >> modifications suck, there is nothing we can do.
> >>
> >> Trademark is another issue. The right to redistribute does not
> >> include permission to use the logo in promoted the modified version.
> >>
> >> Malware is another issue. Users might have local options, depending
> >> on local laws. For example California has an anti-spyware law. But
> >> that is something that a user would need to pursue, not Apache,
> >>
> >> > We should, by some means, address this immediately in some way --
> >> message on
> >> > the home page etc. We don't know who they are, we don't even know WHAT
> >> > they've got in their distributions.
> >> >
> >>
> >> User education is also part of the solution, I think.
> >>
> >> > This doesn't require any process by us.
> >> >
> >> >
> >> > == partners, more formal requests ==
> >> > I would put the former CD-ROM folks in this category. We provided a
> list
> >> for
> >> > our customers to obtain OOo in this way.
> >> >
> >> > Your ideas about obtaining software from one of the mirrors is good
> here.
> >> >
> >> > Rob's replacement page for distribution talks about our establishing a
> >> > process--
> >> >
> >> > http://ooo-site.staging.apache.org/distribution/index.html
> >> >
> >> > so let's talk about that. What should this process be? What are we
> >> requiring
> >> > from them. What information do we need from third party folks, like
> >> CD-ROM
> >> > providers or other builds/methods of distribution, that come to us?
> >> >
> >> >
> >> > == and finally, helping ourselves ==
> >> >
> >> > Do we know of any sites with AOO 3.4 that we want to include for users
> >> with
> >> > potentially helpful distributions? This is a case where no one has
> >> > contacted us but we found something that might be useful, and tested
> it
> >> out
> >> > to our satisfaction.
> >> >
> >> > A case in point would be (me) putting that UpUbuntu link in the
> install
> >> > guide. These folks didn't even come to us, and there have been
> concerns
> >> by
> >> > other ooo-dev folks about it. At the time, many were excited about it,
> >> but,
> >> > well...maybe not so fast... Does adding something like this to a page
> on
> >> our
> >> > site somehow make us responsible for it?
> >> >
> >> > Further thoughts?
> >> >
> >> >
> >>
> >
> >
> >
> > --
> >
> ----------------------------------------------------------------------------------------
> > MzK
> >
> > "Well, life has a funny way of sneaking up on you
> > And life has a funny way of helping you out
> > Helping you out."
> > -- "Ironic", Alanis Morissette
>
--
----------------------------------------------------------------------------------------
MzK
"Well, life has a funny way of sneaking up on you
And life has a funny way of helping you out
Helping you out."
-- "Ironic", Alanis Morissette
Re: non-ASF distribution...Re: CD-ROMs for consumers
Posted by Kay Schenk <ka...@gmail.com>.
On Tue, May 15, 2012 at 11:56 AM, Dave Fisher <da...@comcast.net> wrote:
>
> On May 15, 2012, at 11:21 AM, Rob Weir wrote:
>
> > On Tue, May 15, 2012 at 12:38 PM, Kay Schenk <ka...@gmail.com>
> wrote:
> >> On Mon, May 14, 2012 at 3:07 PM, Rob Weir <ro...@apache.org> wrote:
> >>
> >>> On Mon, May 14, 2012 at 5:18 PM, Kay Schenk <ka...@gmail.com>
> wrote:
> >>>> OK, I changed the subject on this since I think what we need to
> discuss
> >>>> applies to more than just CD-ROMs...I hope that's OK, see my reply
> >>> below...
> >>>>
> >>>
> >>> <snip>
> >>>
> >>> So the current state of affairs is:
> >>>
> >>> 1) Anyone is free to distribute OOo or AOO on CD, on their website, on
> >>> USB keys, etc. We're open source, and the license fully permits this.
> >>>
> >>> 2) Although use of the ASF-owned trademarks is restricted, any one is
> >>> free to send an email to the project and request the use of the logos
> >>> for use on their CD distribution. We have received and approved
> >>> requests like this in the past. For example, CD's for distribution at
> >>> conferences.
> >>>
> >>> If we want we can just continue with those two principles and do
> >>> nothing more. But IMHO there are some subset of redistribution of
> >>> AOO that we might permit the use of the logo without any explicit
> >>> permission. If we decide to do this, we could specify the conditions
> >>> under which such redistribution might take place. Note that this is
> >>> not a restriction on what distributors may do. They always have the
> >>> options given per #1 and #2 above. The point is merely to provide a
> >>> lighter weight process for doing #2, in a subset of cases that we
> >>> believe are for the public good.
> >>>
> >>> It is an additional question whether we want to maintain a registry or
> >>> directory of such distributors.
> >>>
> >>> I'd be especially interested in what users think of this. What would
> >>> be their expectations if we maintained such a list?
> >>>
> >>
> >> I can't answer this one and I appreciate your perspective #1.
> >>
> >> The immediate thing(s) I'm concerned about is packages that we have
> >> highlighted on the website -- all the "porting" section
> >>
> >> http://www.openoffice.org/porting/
> >>
> >> Should this continue. There is no disclaimer here.
> >>
> >> Additionally, since we have no link to this from the main download page,
> >> how do folks even find out about it.
> >>
> >> Advice needed.
> >>
> >
> > I think we need to make it clear what the 'porting project" is, if we
> > keep that name.
> >
> > A) A way to enable 3rd parties to create ports and distribute them on
> their own
> >
> > or
> >
> > B) A way to enable new project volunteers to create and release new
> > platform support within the project
> >
> > There is some overlap here, since someone who does A) will likely be
> > contributing patches as well.
> >
> > This is parallel to enhancements of AOO as well, whether we speak of
> > enhancement translations, extensions, features, etc.
> >
> > A) Doing the work in our SVN and releasing as part of an official release
> >
> > B) Doing the work externally, and releasing externally.
> >
> > I think both are fine, and we should help and encourage both, as part
> > of the broader ecosystem. But we'll want to distinguish, in branding,
> > and in how we link to these products, what is really an official
> > release of the project and what is a 3rd party derivation.
> >
> > So I think the concept is broader than just "ports". One idea is to
> > create a new page and link to it from
> > http://www.openoffice.org/download/, as a new "block" on that page.
> >
> > It could be called "3rd party Ports, Enhancements and Extensions".
> > And on that page we could put the disclaimer and then link to other
> > products that are based upon AOO. And maybe from the OOo 3.3.0
> > download page we could link to the legacy ports page?
>
> There are two former OOo projects to consider. There is porting and there
> is distribution. It might be easiest and most consistent to fold these
> together into one policy.
>
> (1) Official distributions that are on openoffice.org/downloads/. These
> are binaries that can be verified. They may come from a CD-ROM or
> alternative source, but they are unaltered. These are redistributions.
>
OK...this is an interesting approach.
>
> (2) New ports and packages. In order for these to have the logo then they
> need to become official. The project has to be able to understand how that
> is built. We need clear instructions about how the project branding that is
> in the source must be modified in order to indicate that the package is a
> derivative of AOO.
>
I just spent a little time looking at the "official" porting project page
-- it seems these "ports" were formerly built be committers I think. Though
why they didn't end up in the official download structure, I can't say.
Possibly the actual platforms to which they apply, like FreeBSD, may have
been difficult to identify in the DL scripting mechanism.
> Ports and repackagers are encouraged to contribute their builds to the
> project, but the project will need to decide if the port or package should
> become officially part of the release process. Just like any contribution,
> no guarantee.
>
Right...this makes sense to me.
>
> We need the clear branding instructions regardless of the porting policy,
> we need it for those people who build their own version from source.
> Ideally the source release would be the "Built with Branding". The official
> would happen via a build flag.
>
> For the 3rd party page we can just indicate those who claim to
> distributors with instructions on how to verify the binary while for the
> packages and ports the disclaimer is important. The page should also
> indicate that the distributors are likely to charge a nominal fee for the
> media and other handling, what free support is already offered.
>
Yes, we need more to weigh in here on the third party business. There are
probably many. We could be polite and list them along with some kind of
verification instructions, assuming they could be provided.
Rob's new /distribution/ page is up and hopefully it will catch folks
searching for "CDROM" for the time being.
> Regards,
> Dave
>
> >
> > -Rob
> >
> >> (I will pull the UpUbuntu link from the install instructions later
> >> today...should I add it to "porting"?).
> >>
> >>
> >>> Alternatively, we could rely on distributors to advertise themselves.
> >>> A search engine query, for example, for "OpenOffice CD Schweitz"
> >>> should match a customer with a vendor, if such a vendor in Switzerland
> >>> exists. The customer would still need to establish trust, risk their
> >>> payment and the vendor would similarly need to watch out for their
> >>> reputation. And the vendor would have motivation to keep his listings
> >>> current. None of this would involve Apache.
> >>>
> >>> This is the way consumers match themselves up with goods everywhere
> >>> else. We seem to get every other variety of CD in the world without
> >>> involving Apache. Why should this be different?
> >>>
> >>> In other words, isn't this a problem that solves itself? We give
> >>> permission to use a special logo on CD's that follow our rules. We
> >>> then educate users to look for that special logo. We then leave it to
> >>> the distributors to advertise themselves.
> >>>
> >>> Note: I'm not opposed to maintaining a registry at Apache I just
> >>> think that we have little motivation to keep it up to date, and so it
> >>> will not be maintained.
> >>>
> >>>> == non-formal distributions ==
> >>>> Right now, as we've discovered, there are already folks distributing
> 3.4
> >>>> that we don't know anything about. We don't know who they are, we
> don't
> >>> even
> >>>> know WHAT they've got in their distributions. They haven't asked for
> >>>> permission from us, we don't even know where they're obtaining what
> >>> they've
> >>>> got.
> >>>
> >>> This is permitted by the license. AOO can be redistributed and
> >>> modified and the modifications can be redistributed. Even if the
> >>> modifications suck, there is nothing we can do.
> >>>
> >>> Trademark is another issue. The right to redistribute does not
> >>> include permission to use the logo in promoted the modified version.
> >>>
> >>> Malware is another issue. Users might have local options, depending
> >>> on local laws. For example California has an anti-spyware law. But
> >>> that is something that a user would need to pursue, not Apache,
> >>>
> >>>> We should, by some means, address this immediately in some way --
> >>> message on
> >>>> the home page etc. We don't know who they are, we don't even know WHAT
> >>>> they've got in their distributions.
> >>>>
> >>>
> >>> User education is also part of the solution, I think.
> >>>
> >>>> This doesn't require any process by us.
> >>>>
> >>>>
> >>>> == partners, more formal requests ==
> >>>> I would put the former CD-ROM folks in this category. We provided a
> list
> >>> for
> >>>> our customers to obtain OOo in this way.
> >>>>
> >>>> Your ideas about obtaining software from one of the mirrors is good
> here.
> >>>>
> >>>> Rob's replacement page for distribution talks about our establishing a
> >>>> process--
> >>>>
> >>>> http://ooo-site.staging.apache.org/distribution/index.html
> >>>>
> >>>> so let's talk about that. What should this process be? What are we
> >>> requiring
> >>>> from them. What information do we need from third party folks, like
> >>> CD-ROM
> >>>> providers or other builds/methods of distribution, that come to us?
> >>>>
> >>>>
> >>>> == and finally, helping ourselves ==
> >>>>
> >>>> Do we know of any sites with AOO 3.4 that we want to include for users
> >>> with
> >>>> potentially helpful distributions? This is a case where no one has
> >>>> contacted us but we found something that might be useful, and tested
> it
> >>> out
> >>>> to our satisfaction.
> >>>>
> >>>> A case in point would be (me) putting that UpUbuntu link in the
> install
> >>>> guide. These folks didn't even come to us, and there have been
> concerns
> >>> by
> >>>> other ooo-dev folks about it. At the time, many were excited about it,
> >>> but,
> >>>> well...maybe not so fast... Does adding something like this to a page
> on
> >>> our
> >>>> site somehow make us responsible for it?
> >>>>
> >>>> Further thoughts?
> >>>>
> >>>>
> >>>
> >>
> >>
> >>
> >> --
> >>
> ----------------------------------------------------------------------------------------
> >> MzK
> >>
> >> "Well, life has a funny way of sneaking up on you
> >> And life has a funny way of helping you out
> >> Helping you out."
> >> -- "Ironic", Alanis Morissette
>
>
--
----------------------------------------------------------------------------------------
MzK
"Well, life has a funny way of sneaking up on you
And life has a funny way of helping you out
Helping you out."
-- "Ironic", Alanis Morissette
Re: non-ASF distribution...Re: CD-ROMs for consumers
Posted by Dave Fisher <da...@comcast.net>.
On May 15, 2012, at 11:21 AM, Rob Weir wrote:
> On Tue, May 15, 2012 at 12:38 PM, Kay Schenk <ka...@gmail.com> wrote:
>> On Mon, May 14, 2012 at 3:07 PM, Rob Weir <ro...@apache.org> wrote:
>>
>>> On Mon, May 14, 2012 at 5:18 PM, Kay Schenk <ka...@gmail.com> wrote:
>>>> OK, I changed the subject on this since I think what we need to discuss
>>>> applies to more than just CD-ROMs...I hope that's OK, see my reply
>>> below...
>>>>
>>>
>>> <snip>
>>>
>>> So the current state of affairs is:
>>>
>>> 1) Anyone is free to distribute OOo or AOO on CD, on their website, on
>>> USB keys, etc. We're open source, and the license fully permits this.
>>>
>>> 2) Although use of the ASF-owned trademarks is restricted, any one is
>>> free to send an email to the project and request the use of the logos
>>> for use on their CD distribution. We have received and approved
>>> requests like this in the past. For example, CD's for distribution at
>>> conferences.
>>>
>>> If we want we can just continue with those two principles and do
>>> nothing more. But IMHO there are some subset of redistribution of
>>> AOO that we might permit the use of the logo without any explicit
>>> permission. If we decide to do this, we could specify the conditions
>>> under which such redistribution might take place. Note that this is
>>> not a restriction on what distributors may do. They always have the
>>> options given per #1 and #2 above. The point is merely to provide a
>>> lighter weight process for doing #2, in a subset of cases that we
>>> believe are for the public good.
>>>
>>> It is an additional question whether we want to maintain a registry or
>>> directory of such distributors.
>>>
>>> I'd be especially interested in what users think of this. What would
>>> be their expectations if we maintained such a list?
>>>
>>
>> I can't answer this one and I appreciate your perspective #1.
>>
>> The immediate thing(s) I'm concerned about is packages that we have
>> highlighted on the website -- all the "porting" section
>>
>> http://www.openoffice.org/porting/
>>
>> Should this continue. There is no disclaimer here.
>>
>> Additionally, since we have no link to this from the main download page,
>> how do folks even find out about it.
>>
>> Advice needed.
>>
>
> I think we need to make it clear what the 'porting project" is, if we
> keep that name.
>
> A) A way to enable 3rd parties to create ports and distribute them on their own
>
> or
>
> B) A way to enable new project volunteers to create and release new
> platform support within the project
>
> There is some overlap here, since someone who does A) will likely be
> contributing patches as well.
>
> This is parallel to enhancements of AOO as well, whether we speak of
> enhancement translations, extensions, features, etc.
>
> A) Doing the work in our SVN and releasing as part of an official release
>
> B) Doing the work externally, and releasing externally.
>
> I think both are fine, and we should help and encourage both, as part
> of the broader ecosystem. But we'll want to distinguish, in branding,
> and in how we link to these products, what is really an official
> release of the project and what is a 3rd party derivation.
>
> So I think the concept is broader than just "ports". One idea is to
> create a new page and link to it from
> http://www.openoffice.org/download/, as a new "block" on that page.
>
> It could be called "3rd party Ports, Enhancements and Extensions".
> And on that page we could put the disclaimer and then link to other
> products that are based upon AOO. And maybe from the OOo 3.3.0
> download page we could link to the legacy ports page?
There are two former OOo projects to consider. There is porting and there is distribution. It might be easiest and most consistent to fold these together into one policy.
(1) Official distributions that are on openoffice.org/downloads/. These are binaries that can be verified. They may come from a CD-ROM or alternative source, but they are unaltered. These are redistributions.
(2) New ports and packages. In order for these to have the logo then they need to become official. The project has to be able to understand how that is built. We need clear instructions about how the project branding that is in the source must be modified in order to indicate that the package is a derivative of AOO.
Ports and repackagers are encouraged to contribute their builds to the project, but the project will need to decide if the port or package should become officially part of the release process. Just like any contribution, no guarantee.
We need the clear branding instructions regardless of the porting policy, we need it for those people who build their own version from source. Ideally the source release would be the "Built with Branding". The official would happen via a build flag.
For the 3rd party page we can just indicate those who claim to distributors with instructions on how to verify the binary while for the packages and ports the disclaimer is important. The page should also indicate that the distributors are likely to charge a nominal fee for the media and other handling, what free support is already offered.
Regards,
Dave
>
> -Rob
>
>> (I will pull the UpUbuntu link from the install instructions later
>> today...should I add it to "porting"?).
>>
>>
>>> Alternatively, we could rely on distributors to advertise themselves.
>>> A search engine query, for example, for "OpenOffice CD Schweitz"
>>> should match a customer with a vendor, if such a vendor in Switzerland
>>> exists. The customer would still need to establish trust, risk their
>>> payment and the vendor would similarly need to watch out for their
>>> reputation. And the vendor would have motivation to keep his listings
>>> current. None of this would involve Apache.
>>>
>>> This is the way consumers match themselves up with goods everywhere
>>> else. We seem to get every other variety of CD in the world without
>>> involving Apache. Why should this be different?
>>>
>>> In other words, isn't this a problem that solves itself? We give
>>> permission to use a special logo on CD's that follow our rules. We
>>> then educate users to look for that special logo. We then leave it to
>>> the distributors to advertise themselves.
>>>
>>> Note: I'm not opposed to maintaining a registry at Apache I just
>>> think that we have little motivation to keep it up to date, and so it
>>> will not be maintained.
>>>
>>>> == non-formal distributions ==
>>>> Right now, as we've discovered, there are already folks distributing 3.4
>>>> that we don't know anything about. We don't know who they are, we don't
>>> even
>>>> know WHAT they've got in their distributions. They haven't asked for
>>>> permission from us, we don't even know where they're obtaining what
>>> they've
>>>> got.
>>>
>>> This is permitted by the license. AOO can be redistributed and
>>> modified and the modifications can be redistributed. Even if the
>>> modifications suck, there is nothing we can do.
>>>
>>> Trademark is another issue. The right to redistribute does not
>>> include permission to use the logo in promoted the modified version.
>>>
>>> Malware is another issue. Users might have local options, depending
>>> on local laws. For example California has an anti-spyware law. But
>>> that is something that a user would need to pursue, not Apache,
>>>
>>>> We should, by some means, address this immediately in some way --
>>> message on
>>>> the home page etc. We don't know who they are, we don't even know WHAT
>>>> they've got in their distributions.
>>>>
>>>
>>> User education is also part of the solution, I think.
>>>
>>>> This doesn't require any process by us.
>>>>
>>>>
>>>> == partners, more formal requests ==
>>>> I would put the former CD-ROM folks in this category. We provided a list
>>> for
>>>> our customers to obtain OOo in this way.
>>>>
>>>> Your ideas about obtaining software from one of the mirrors is good here.
>>>>
>>>> Rob's replacement page for distribution talks about our establishing a
>>>> process--
>>>>
>>>> http://ooo-site.staging.apache.org/distribution/index.html
>>>>
>>>> so let's talk about that. What should this process be? What are we
>>> requiring
>>>> from them. What information do we need from third party folks, like
>>> CD-ROM
>>>> providers or other builds/methods of distribution, that come to us?
>>>>
>>>>
>>>> == and finally, helping ourselves ==
>>>>
>>>> Do we know of any sites with AOO 3.4 that we want to include for users
>>> with
>>>> potentially helpful distributions? This is a case where no one has
>>>> contacted us but we found something that might be useful, and tested it
>>> out
>>>> to our satisfaction.
>>>>
>>>> A case in point would be (me) putting that UpUbuntu link in the install
>>>> guide. These folks didn't even come to us, and there have been concerns
>>> by
>>>> other ooo-dev folks about it. At the time, many were excited about it,
>>> but,
>>>> well...maybe not so fast... Does adding something like this to a page on
>>> our
>>>> site somehow make us responsible for it?
>>>>
>>>> Further thoughts?
>>>>
>>>>
>>>
>>
>>
>>
>> --
>> ----------------------------------------------------------------------------------------
>> MzK
>>
>> "Well, life has a funny way of sneaking up on you
>> And life has a funny way of helping you out
>> Helping you out."
>> -- "Ironic", Alanis Morissette
Re: non-ASF distribution...Re: CD-ROMs for consumers
Posted by Rob Weir <ro...@apache.org>.
On Tue, May 15, 2012 at 12:38 PM, Kay Schenk <ka...@gmail.com> wrote:
> On Mon, May 14, 2012 at 3:07 PM, Rob Weir <ro...@apache.org> wrote:
>
>> On Mon, May 14, 2012 at 5:18 PM, Kay Schenk <ka...@gmail.com> wrote:
>> > OK, I changed the subject on this since I think what we need to discuss
>> > applies to more than just CD-ROMs...I hope that's OK, see my reply
>> below...
>> >
>>
>> <snip>
>>
>> So the current state of affairs is:
>>
>> 1) Anyone is free to distribute OOo or AOO on CD, on their website, on
>> USB keys, etc. We're open source, and the license fully permits this.
>>
>> 2) Although use of the ASF-owned trademarks is restricted, any one is
>> free to send an email to the project and request the use of the logos
>> for use on their CD distribution. We have received and approved
>> requests like this in the past. For example, CD's for distribution at
>> conferences.
>>
>> If we want we can just continue with those two principles and do
>> nothing more. But IMHO there are some subset of redistribution of
>> AOO that we might permit the use of the logo without any explicit
>> permission. If we decide to do this, we could specify the conditions
>> under which such redistribution might take place. Note that this is
>> not a restriction on what distributors may do. They always have the
>> options given per #1 and #2 above. The point is merely to provide a
>> lighter weight process for doing #2, in a subset of cases that we
>> believe are for the public good.
>>
>> It is an additional question whether we want to maintain a registry or
>> directory of such distributors.
>>
>> I'd be especially interested in what users think of this. What would
>> be their expectations if we maintained such a list?
>>
>
> I can't answer this one and I appreciate your perspective #1.
>
> The immediate thing(s) I'm concerned about is packages that we have
> highlighted on the website -- all the "porting" section
>
> http://www.openoffice.org/porting/
>
> Should this continue. There is no disclaimer here.
>
> Additionally, since we have no link to this from the main download page,
> how do folks even find out about it.
>
> Advice needed.
>
I think we need to make it clear what the 'porting project" is, if we
keep that name.
A) A way to enable 3rd parties to create ports and distribute them on their own
or
B) A way to enable new project volunteers to create and release new
platform support within the project
There is some overlap here, since someone who does A) will likely be
contributing patches as well.
This is parallel to enhancements of AOO as well, whether we speak of
enhancement translations, extensions, features, etc.
A) Doing the work in our SVN and releasing as part of an official release
B) Doing the work externally, and releasing externally.
I think both are fine, and we should help and encourage both, as part
of the broader ecosystem. But we'll want to distinguish, in branding,
and in how we link to these products, what is really an official
release of the project and what is a 3rd party derivation.
So I think the concept is broader than just "ports". One idea is to
create a new page and link to it from
http://www.openoffice.org/download/, as a new "block" on that page.
It could be called "3rd party Ports, Enhancements and Extensions".
And on that page we could put the disclaimer and then link to other
products that are based upon AOO. And maybe from the OOo 3.3.0
download page we could link to the legacy ports page?
-Rob
> (I will pull the UpUbuntu link from the install instructions later
> today...should I add it to "porting"?).
>
>
>> Alternatively, we could rely on distributors to advertise themselves.
>> A search engine query, for example, for "OpenOffice CD Schweitz"
>> should match a customer with a vendor, if such a vendor in Switzerland
>> exists. The customer would still need to establish trust, risk their
>> payment and the vendor would similarly need to watch out for their
>> reputation. And the vendor would have motivation to keep his listings
>> current. None of this would involve Apache.
>>
>> This is the way consumers match themselves up with goods everywhere
>> else. We seem to get every other variety of CD in the world without
>> involving Apache. Why should this be different?
>>
>> In other words, isn't this a problem that solves itself? We give
>> permission to use a special logo on CD's that follow our rules. We
>> then educate users to look for that special logo. We then leave it to
>> the distributors to advertise themselves.
>>
>> Note: I'm not opposed to maintaining a registry at Apache I just
>> think that we have little motivation to keep it up to date, and so it
>> will not be maintained.
>>
>> > == non-formal distributions ==
>> > Right now, as we've discovered, there are already folks distributing 3.4
>> > that we don't know anything about. We don't know who they are, we don't
>> even
>> > know WHAT they've got in their distributions. They haven't asked for
>> > permission from us, we don't even know where they're obtaining what
>> they've
>> > got.
>>
>> This is permitted by the license. AOO can be redistributed and
>> modified and the modifications can be redistributed. Even if the
>> modifications suck, there is nothing we can do.
>>
>> Trademark is another issue. The right to redistribute does not
>> include permission to use the logo in promoted the modified version.
>>
>> Malware is another issue. Users might have local options, depending
>> on local laws. For example California has an anti-spyware law. But
>> that is something that a user would need to pursue, not Apache,
>>
>> > We should, by some means, address this immediately in some way --
>> message on
>> > the home page etc. We don't know who they are, we don't even know WHAT
>> > they've got in their distributions.
>> >
>>
>> User education is also part of the solution, I think.
>>
>> > This doesn't require any process by us.
>> >
>> >
>> > == partners, more formal requests ==
>> > I would put the former CD-ROM folks in this category. We provided a list
>> for
>> > our customers to obtain OOo in this way.
>> >
>> > Your ideas about obtaining software from one of the mirrors is good here.
>> >
>> > Rob's replacement page for distribution talks about our establishing a
>> > process--
>> >
>> > http://ooo-site.staging.apache.org/distribution/index.html
>> >
>> > so let's talk about that. What should this process be? What are we
>> requiring
>> > from them. What information do we need from third party folks, like
>> CD-ROM
>> > providers or other builds/methods of distribution, that come to us?
>> >
>> >
>> > == and finally, helping ourselves ==
>> >
>> > Do we know of any sites with AOO 3.4 that we want to include for users
>> with
>> > potentially helpful distributions? This is a case where no one has
>> > contacted us but we found something that might be useful, and tested it
>> out
>> > to our satisfaction.
>> >
>> > A case in point would be (me) putting that UpUbuntu link in the install
>> > guide. These folks didn't even come to us, and there have been concerns
>> by
>> > other ooo-dev folks about it. At the time, many were excited about it,
>> but,
>> > well...maybe not so fast... Does adding something like this to a page on
>> our
>> > site somehow make us responsible for it?
>> >
>> > Further thoughts?
>> >
>> >
>>
>
>
>
> --
> ----------------------------------------------------------------------------------------
> MzK
>
> "Well, life has a funny way of sneaking up on you
> And life has a funny way of helping you out
> Helping you out."
> -- "Ironic", Alanis Morissette
Re: non-ASF distribution...Re: CD-ROMs for consumers
Posted by Kay Schenk <ka...@gmail.com>.
On Mon, May 14, 2012 at 3:07 PM, Rob Weir <ro...@apache.org> wrote:
> On Mon, May 14, 2012 at 5:18 PM, Kay Schenk <ka...@gmail.com> wrote:
> > OK, I changed the subject on this since I think what we need to discuss
> > applies to more than just CD-ROMs...I hope that's OK, see my reply
> below...
> >
>
> <snip>
>
> So the current state of affairs is:
>
> 1) Anyone is free to distribute OOo or AOO on CD, on their website, on
> USB keys, etc. We're open source, and the license fully permits this.
>
> 2) Although use of the ASF-owned trademarks is restricted, any one is
> free to send an email to the project and request the use of the logos
> for use on their CD distribution. We have received and approved
> requests like this in the past. For example, CD's for distribution at
> conferences.
>
> If we want we can just continue with those two principles and do
> nothing more. But IMHO there are some subset of redistribution of
> AOO that we might permit the use of the logo without any explicit
> permission. If we decide to do this, we could specify the conditions
> under which such redistribution might take place. Note that this is
> not a restriction on what distributors may do. They always have the
> options given per #1 and #2 above. The point is merely to provide a
> lighter weight process for doing #2, in a subset of cases that we
> believe are for the public good.
>
> It is an additional question whether we want to maintain a registry or
> directory of such distributors.
>
> I'd be especially interested in what users think of this. What would
> be their expectations if we maintained such a list?
>
I can't answer this one and I appreciate your perspective #1.
The immediate thing(s) I'm concerned about is packages that we have
highlighted on the website -- all the "porting" section
http://www.openoffice.org/porting/
Should this continue. There is no disclaimer here.
Additionally, since we have no link to this from the main download page,
how do folks even find out about it.
Advice needed.
(I will pull the UpUbuntu link from the install instructions later
today...should I add it to "porting"?).
> Alternatively, we could rely on distributors to advertise themselves.
> A search engine query, for example, for "OpenOffice CD Schweitz"
> should match a customer with a vendor, if such a vendor in Switzerland
> exists. The customer would still need to establish trust, risk their
> payment and the vendor would similarly need to watch out for their
> reputation. And the vendor would have motivation to keep his listings
> current. None of this would involve Apache.
>
> This is the way consumers match themselves up with goods everywhere
> else. We seem to get every other variety of CD in the world without
> involving Apache. Why should this be different?
>
> In other words, isn't this a problem that solves itself? We give
> permission to use a special logo on CD's that follow our rules. We
> then educate users to look for that special logo. We then leave it to
> the distributors to advertise themselves.
>
> Note: I'm not opposed to maintaining a registry at Apache I just
> think that we have little motivation to keep it up to date, and so it
> will not be maintained.
>
> > == non-formal distributions ==
> > Right now, as we've discovered, there are already folks distributing 3.4
> > that we don't know anything about. We don't know who they are, we don't
> even
> > know WHAT they've got in their distributions. They haven't asked for
> > permission from us, we don't even know where they're obtaining what
> they've
> > got.
>
> This is permitted by the license. AOO can be redistributed and
> modified and the modifications can be redistributed. Even if the
> modifications suck, there is nothing we can do.
>
> Trademark is another issue. The right to redistribute does not
> include permission to use the logo in promoted the modified version.
>
> Malware is another issue. Users might have local options, depending
> on local laws. For example California has an anti-spyware law. But
> that is something that a user would need to pursue, not Apache,
>
> > We should, by some means, address this immediately in some way --
> message on
> > the home page etc. We don't know who they are, we don't even know WHAT
> > they've got in their distributions.
> >
>
> User education is also part of the solution, I think.
>
> > This doesn't require any process by us.
> >
> >
> > == partners, more formal requests ==
> > I would put the former CD-ROM folks in this category. We provided a list
> for
> > our customers to obtain OOo in this way.
> >
> > Your ideas about obtaining software from one of the mirrors is good here.
> >
> > Rob's replacement page for distribution talks about our establishing a
> > process--
> >
> > http://ooo-site.staging.apache.org/distribution/index.html
> >
> > so let's talk about that. What should this process be? What are we
> requiring
> > from them. What information do we need from third party folks, like
> CD-ROM
> > providers or other builds/methods of distribution, that come to us?
> >
> >
> > == and finally, helping ourselves ==
> >
> > Do we know of any sites with AOO 3.4 that we want to include for users
> with
> > potentially helpful distributions? This is a case where no one has
> > contacted us but we found something that might be useful, and tested it
> out
> > to our satisfaction.
> >
> > A case in point would be (me) putting that UpUbuntu link in the install
> > guide. These folks didn't even come to us, and there have been concerns
> by
> > other ooo-dev folks about it. At the time, many were excited about it,
> but,
> > well...maybe not so fast... Does adding something like this to a page on
> our
> > site somehow make us responsible for it?
> >
> > Further thoughts?
> >
> >
>
--
----------------------------------------------------------------------------------------
MzK
"Well, life has a funny way of sneaking up on you
And life has a funny way of helping you out
Helping you out."
-- "Ironic", Alanis Morissette
Re: non-ASF distribution...Re: CD-ROMs for consumers
Posted by Rob Weir <ro...@apache.org>.
On Mon, May 14, 2012 at 5:18 PM, Kay Schenk <ka...@gmail.com> wrote:
> OK, I changed the subject on this since I think what we need to discuss
> applies to more than just CD-ROMs...I hope that's OK, see my reply below...
>
<snip>
So the current state of affairs is:
1) Anyone is free to distribute OOo or AOO on CD, on their website, on
USB keys, etc. We're open source, and the license fully permits this.
2) Although use of the ASF-owned trademarks is restricted, any one is
free to send an email to the project and request the use of the logos
for use on their CD distribution. We have received and approved
requests like this in the past. For example, CD's for distribution at
conferences.
If we want we can just continue with those two principles and do
nothing more. But IMHO there are some subset of redistribution of
AOO that we might permit the use of the logo without any explicit
permission. If we decide to do this, we could specify the conditions
under which such redistribution might take place. Note that this is
not a restriction on what distributors may do. They always have the
options given per #1 and #2 above. The point is merely to provide a
lighter weight process for doing #2, in a subset of cases that we
believe are for the public good.
It is an additional question whether we want to maintain a registry or
directory of such distributors.
I'd be especially interested in what users think of this. What would
be their expectations if we maintained such a list?
Alternatively, we could rely on distributors to advertise themselves.
A search engine query, for example, for "OpenOffice CD Schweitz"
should match a customer with a vendor, if such a vendor in Switzerland
exists. The customer would still need to establish trust, risk their
payment and the vendor would similarly need to watch out for their
reputation. And the vendor would have motivation to keep his listings
current. None of this would involve Apache.
This is the way consumers match themselves up with goods everywhere
else. We seem to get every other variety of CD in the world without
involving Apache. Why should this be different?
In other words, isn't this a problem that solves itself? We give
permission to use a special logo on CD's that follow our rules. We
then educate users to look for that special logo. We then leave it to
the distributors to advertise themselves.
Note: I'm not opposed to maintaining a registry at Apache I just
think that we have little motivation to keep it up to date, and so it
will not be maintained.
> == non-formal distributions ==
> Right now, as we've discovered, there are already folks distributing 3.4
> that we don't know anything about. We don't know who they are, we don't even
> know WHAT they've got in their distributions. They haven't asked for
> permission from us, we don't even know where they're obtaining what they've
> got.
This is permitted by the license. AOO can be redistributed and
modified and the modifications can be redistributed. Even if the
modifications suck, there is nothing we can do.
Trademark is another issue. The right to redistribute does not
include permission to use the logo in promoted the modified version.
Malware is another issue. Users might have local options, depending
on local laws. For example California has an anti-spyware law. But
that is something that a user would need to pursue, not Apache,
> We should, by some means, address this immediately in some way -- message on
> the home page etc. We don't know who they are, we don't even know WHAT
> they've got in their distributions.
>
User education is also part of the solution, I think.
> This doesn't require any process by us.
>
>
> == partners, more formal requests ==
> I would put the former CD-ROM folks in this category. We provided a list for
> our customers to obtain OOo in this way.
>
> Your ideas about obtaining software from one of the mirrors is good here.
>
> Rob's replacement page for distribution talks about our establishing a
> process--
>
> http://ooo-site.staging.apache.org/distribution/index.html
>
> so let's talk about that. What should this process be? What are we requiring
> from them. What information do we need from third party folks, like CD-ROM
> providers or other builds/methods of distribution, that come to us?
>
>
> == and finally, helping ourselves ==
>
> Do we know of any sites with AOO 3.4 that we want to include for users with
> potentially helpful distributions? This is a case where no one has
> contacted us but we found something that might be useful, and tested it out
> to our satisfaction.
>
> A case in point would be (me) putting that UpUbuntu link in the install
> guide. These folks didn't even come to us, and there have been concerns by
> other ooo-dev folks about it. At the time, many were excited about it, but,
> well...maybe not so fast... Does adding something like this to a page on our
> site somehow make us responsible for it?
>
> Further thoughts?
>
>