www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Davanum Srinivas <dava...@gmail.com>
Subject Re: IBM and WS-Security
Date Fri, 24 Jun 2005 19:13:52 GMT

Thanks. Now i understand the concept of offering license w/o
identifying patent claims...BUT i see that the IBM license has a 1
year limit (see section 6.1) and MSFT has no limits as long as the
patent is applicable to this thing that we are implementing. Is'nt it
better to remove the 1 year limit? (or am i reading this wrong)

- dims

On 6/24/05, Jeffrey Thompson <jthom@us.ibm.com> wrote:
> "William A. Rowe, Jr." <wrowe@rowe-clan.net> wrote on 06/24/2005 12:19:32
> PM:
>  > At 10:21 AM 6/24/2005, Ben Laurie wrote:
>  > >William A. Rowe, Jr. wrote:
>  > >2. Each Author commits to grant a non sub-licensable, non-transferable
>  > >>license to third parties, under royalty-free and other reasonable 
>  > and non-discriminatory terms and conditions, to certain of their 
>  > respective patent claims that such Author deems necessary to 
>  > implement required portions of the WS-Security specification, 
>  > provided a reciprocal license is granted. 
>  > >
>  > >Because it doesn't say what hoops you have to jump through to 
>  > obtain that licence (the requirement we have being, essentially, 
>  > that there should be no hoops for the end user).
>  > 
>  > Exactly.  Which is why I ask, if grant of license is offered
>  > to the author, are the users of that author's work covered by
>  > the grant?
> Most every patent grant that I've ever seen is non-transferrable and
> non-sublicensable.  As I mentioned before, the concept of patent exhaustion
> would cover distributors and users of a licensee's product.  I don't see an
> exposure on that point for Apache.  Maybe we should involve Robyn in this
> discussion to make sure that we understand all of Apache's issues. 
> > 
>  > And also why RSA's license-by-fax-in-duplicate is barely
>  > acceptable, if at all, at the ASF, if that license doesn't then
>  > cover all users.
>  > 
>  > If there are extra burdens noted in NOTICE for derivative works,
>  > making developers lives harder, I'd be hesitant to graduate such
>  > a project.  But if there are extra burdens on every user or those
>  > redistributing the ASF's work, that's unacceptable.
> Regarding the extra burden on Apache for getting a patent license, I
> understand the issue.  I would hope that patent holders in general would try
> to make it as painless as possible.  The patent non-assert that IBM did a
> few months ago was one way that we thought would reduce the burden and (as
> Geir mentioned) it has its proponents inside IBM as a general policy.  There
> are downsides to the non-assert approach which we could get into in more
> depth if people are really interested, but it certainly is a way to make
> things less cumbersome. 
> In any event, the least cumbersome is to not actually go thru the process of
> obtaining an offered license.  There are many reasons why someone might not
> want to execute the license -- the licensor might not have actually
> identified any necessary patent claims (as in the case of IBM with
> WS-Security); or the licensor might have said that there are unidentified
> "patent applications which if they issue as currently drafted . . . . ",
> which is almost the same thing; or the identified patents might be obviously
> invalid; etc.  Just because a license is offered, it doesn't mean that
> Apache needs to execute it. 
> That brings up why a company might offer a license even though they haven't
> identified any necessary patent claims.  The most likely reason is that they
> want implementors to be comfortable that if any necessary claims were to be
> discovered, that they would be available on acceptable terms.  Unless the
> company actually offers the license, it could be accused if sitting back
> waiting to pounce on any implementors.   
> > 
>  > E.g. if 'implementation' license grants don't extend to users 
>  > and redistribution, without additional effort, then every 
>  > organization offering us proxy servers for our distribution 
>  > tree could be violators of those patents.
>  > 
>  > Bill
> Something that was said in one of the other notes in this string that I
> would STRONGLY agree with.  If Apache becomes aware of an issued patent that
> apparently actually does read on Apache's code, I would hope that Apache
> would do one of 3 things:  change the code to avoid the patent, get a
> license, or cease distribution.  I'm sure that Apache's lawyers would be
> deeply involved in that decision, but I wouldn't want to see Apache just
> ignore it. 
> Jeff 
>  Staff Counsel, IBM Corporation  (914)766-1757  (tie)8-826  (fax) -8160
>  (notes) jthom@ibmus  (internet) jthom@us.ibm.com (home) jeff@beff.net
>  (web) http://www.beff.net/ 

Davanum Srinivas -http://blogs.cocoondev.org/dims/

DISCLAIMER: Discussions on this list are informational and educational
only, are not privileged and do not constitute legal advice.
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

View raw message