Mailing-List: contact legal-discuss-help@apache.org; run by ezmlm
Precedence: bulk
Reply-To: legal-discuss@apache.org
Received-SPF: pass (athena.apache.org: domain of tjveil@gmail.com designates
 209.85.132.250 as permitted sender)
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=cc:message-id:from:to:in-reply-to:content-type:mime-version:subject
         :date:references:x-mailer;
        b=UvlFLJRXotjf3jEmI2NK/O20e4soSjpIpp0KqWB6W2kuUyoFeMd6RCdKAPEO3wbzfX
         JddF6qFuLdIEqFP/hJ2IsEAaxxoPgmN3b7TtGJyFfz6lSJ4NL+9cle7Rhk/SIB/RuyVr
         ec5SjrDgZ9jRUdxxZWUHn4BtURTb4Iys3W9Ys=
Cc: legal-discuss@apache.org
Message-Id: <DAAD3D59-1C41-4693-84ED-1487EC73FF6D@gmail.com>
From: Tim Veil <tjveil@gmail.com>
To: jsecurity-dev@incubator.apache.org
In-Reply-To: <B2601F48-C986-466E-971F-2C006DF65195@toolazydogs.com>
Content-Type: multipart/signed; boundary=Apple-Mail-7-8270105; micalg=sha1;
 protocol="application/pkcs7-signature"
Mime-Version: 1.0 (Apple Message framework v930.3)
Subject: Re: [VOTE] Change JSecurity's Name
Date: Sun, 11 Jan 2009 19:02:20 -0500
References: <BF4134FD-E310-4767-AF50-69910B01B575@toolazydogs.com>
 <2968BC3B-2092-480A-A97E-888E08E70B08@toolazydogs.com>
 <49338E7D.3030704@nextury.com> <1228174116217-1601248.post@n2.nabble.com>
 <44b57a610812011918n305a8ed5tcd5665f238550a92@mail.gmail.com>
 <44b57a610812011955v5d697834oc8e92cc038cd97a6@mail.gmail.com>
 <2d12b2f00812021306l2e3e7aa8jf446c11a91748f4d@mail.gmail.com>
 <4B5E628F-E714-4C58-B442-5D7386DD27D1@SUN.com>
 <2d12b2f00901021441o381e3288sdb7027561435f6aa@mail.gmail.com>
 <F2A801FB-4FE5-4CD2-942D-805E7BA143AC@SUN.com>
 <44b57a610901101700h655e5f0di76eeb1d56c26377f@mail.gmail.com>
 <46A10641-800C-4C8E-94D2-45C6A822CF55@pobox.com>
 <9D3151A0-4F2E-43DD-987C-F74EEE0D224C@toolazydogs.com>
 <E81B7E41-0087-4AC1-A922-AE12D149E56A@gmail.com>
 <B2601F48-C986-466E-971F-2C006DF65195@toolazydogs.com>

--Apple-Mail-7-8270105
Content-Type: text/plain;
	charset=ISO-8859-1;
	format=flowed;
	delsp=yes
Content-Transfer-Encoding: quoted-printable


On Jan 11, 2009, at 5:53 PM, Alan D. Cabrera wrote:

>
> On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:
>
>> I guess my take is that
>> JSecurity has been in the name of this project for nearly 4 years =20
>> without compliant
>
> Sorry, I'm not following.  Unless Juniper has held the name for =20
> three years or less, how is that relevant?

I guess I'm suggesting that JSecurity has been out in the wild for 4 =20
years.  At no time during this period has Juniper been concerned about =20=

name collision enough to contact anyone on the project.  That suggests =20=

to me they will be unlikely to do so in the future. I have no idea how =20=

long they have been using their name.

>
>
>> JSecurity has name recognition and a following
>
> Sorry, I don't understand if this is pertinent other than it being =20
> motivation for keeping the name.  I also am motivated to keep the =20
> name but I don't see how we can get past the issues below.
>
>> The project of concern, "J-Security" is not a product at all but =20
>> rather a " resource for security information and analysis."
>> J-Security's parent company Juniper is in the network hardware =20
>> business not the Java application business
>> JSecurity is an open-source software project not a "product" we are =20=

>> looking to sell (not a competitor in any way to Juniper)
>
> It doesn't matter if we sell a product or not.  It's a name =20
> collision, albeit a potential collision.  If they chose to push out =20=

> a product under that name we would be in trouble; if I am wrong here =20=

> someone please tell me.

I don't think you are wrong it just seems like such a remote =20
possibility.  In order for them to do this they would have to stray =20
pretty far from their existing business. Even if they were to enter =20
the fray and offer a similar product it seems unlikely they would =20
choose to do so under the J-Security banner.  I would imagine they =20
would they would create a new brand for this service since they =20
already have an unrelated presence under the name J-Security.  =20
Repackaging their J-Security center into something unrelated wouldn't =20=

make much sense.

>
>
> Now, if you told me that we held our name longer than Juniper held =20
> theirs then it would be a different story.
>
> So to put it more succinctly, here are the criteria where I am happy =20=

> to change my vote.  Any single one would work for me.


Would you change your vote if I use the magic word?  Please?


>
>
> 1) We held the name longer than Juniper - I'll take anyone's word on =20=

> this
> 2) If Juniper came out with a product under their service offering =20
> we would have nothing to worry about - I will only take an informed =20=

> opinion
>
> I'm guessing that the others would change their vote as well.
>
>
> Regards,
> Alan
>
>>
>> On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:
>>
>>> Here's my take and I'm not intransigent on this.  I'll use a bit =20
>>> of hyperbole to make my point.
>>>
>>> If some company who makes hand made woven baskets has had the name =20=

>>> JSecurity there would be no problem.  If that company decides to  =20=

>>> market a program that trains people in basket weaving written in =20
>>> java there would be no problem.
>>>
>>> However, other computer security companies have an earlier claim =20
>>> to JSecurity.  If they decide the release a suite of java programs =20=

>>> that performs security analysis then there's overlap.
>>>
>>> Why would we want to live in the grey area anyway?  Am I =20
>>> misunderstanding something?
>>>
>>> Regards,
>>> Alan
>>>
>>>
>>> On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
>>>
>>>> Agreed.
>>>>
>>>> I don't really understand what problem is being solved here.
>>>>
>>>> geir
>>>>
>>>> On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
>>>>
>>>>> -1 to changing the name at this time.
>>>>>
>>>>> I know my vote isn't binding, but I just want a record of it. At =20=

>>>>> the
>>>>> moment, I think any potential causes of conflict, given that =20
>>>>> there are
>>>>> NO trademark or patent conflicts, are dubious at best.
>>>>>
>>>>> Cheers,
>>>>>
>>>>> Les
>>>>>
>>>>> On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell =
<Craig.Russell@sun.com=20
>>>>> > wrote:
>>>>>> any more...
>>>>>>
>>>>>> ok, former board member. ;-)
>>>>>>
>>>>>> Craig
>>>>>>
>>>>>> On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
>>>>>>
>>>>>>> I'm not a board member. :)
>>>>>>>
>>>>>>> On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell =
<Craig.Russell@sun.com=20
>>>>>>> >
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> -1 Do not change JSecurity's name
>>>>>>>>
>>>>>>>> We had the discussion in early December on the legal mailing =20=

>>>>>>>> list and no
>>>>>>>> issues were raised contrary to Henri's comments. Henri is the =20=

>>>>>>>> only board
>>>>>>>> member who commented on the JSecurity name during the =20
>>>>>>>> discussion.
>>>>>>>>
>>>>>>>> We will have at least three more votes where additional =20
>>>>>>>> issues regarding
>>>>>>>> the
>>>>>>>> name can be brought up:
>>>>>>>>
>>>>>>>> 1. The first release of JSecurity code from the incubator.
>>>>>>>> 2. The graduation vote of JSecurity taken by the incubator PMC.
>>>>>>>> 3. The acceptance of JSecurity by the Apache board after the =20=

>>>>>>>> incubator
>>>>>>>> votes.
>>>>>>>>
>>>>>>>> Craig
>>>>>>>>
>>>>>>>>
>>>>>>>> Dear JSecurity Team,
>>>>>>>>
>>>>>>>> There has been lengthy debate without consensus as to whether =20=

>>>>>>>> or
>>>>>>>> JSecurity's
>>>>>>>> name should be changed to something else.  So, there is need =20=

>>>>>>>> for a vote.
>>>>>>>>
>>>>>>>> Please vote on changing JSecurity's name to something else.  =20=

>>>>>>>> This is ONLY
>>>>>>>> a
>>>>>>>> vote of if we should change the name, NOT what any alternate =20=

>>>>>>>> name might
>>>>>>>> be.
>>>>>>>> I'd like to leave this vote open for 7 days instead of the =20
>>>>>>>> usual 3 to
>>>>>>>> account for time that people may not be able to respond due =20
>>>>>>>> to the
>>>>>>>> holidays.  Of course we can close the vote early if all =20
>>>>>>>> binding votes are
>>>>>>>> accounted for prior to the 7 day limit.
>>>>>>>>
>>>>>>>> The vote is open for the next 7 days and only votes from the =20=

>>>>>>>> JSecurity
>>>>>>>> development team are binding.
>>>>>>>>
>>>>>>>> [ ] +1 Change JSecurity's name
>>>>>>>> [ ] -1 Do not change JSecurity's name
>>>>>>>>
>>>>>>>> On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
>>>>>>>>
>>>>>>>>> Given that it's a name you've been using for 4 years, and =20
>>>>>>>>> it's very
>>>>>>>>> generic [jXxx being a common pattern in our space and =20
>>>>>>>>> Security being
>>>>>>>>> very generic]; I'm inclined to keep the current name; though =20=

>>>>>>>>> by the
>>>>>>>>> same reasoning, it's a weak name as "Apache JSecurity" isn't =20=

>>>>>>>>> very good
>>>>>>>>> branding.
>>>>>>>>>
>>>>>>>>> My tuppence of opinion.
>>>>>>>>>
>>>>>>>>> Hen
>>>>>>>>>
>>>>>>>>> On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood =
<lhazlewood@apache.org=20
>>>>>>>>> >
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi ASF legal team,
>>>>>>>>>>
>>>>>>>>>> I'm writing this email in hopes of getting your feedback =20
>>>>>>>>>> concerning a
>>>>>>>>>> discussion we've been having on the JSecurity email list =20
>>>>>>>>>> (an Incubator
>>>>>>>>>> project).
>>>>>>>>>>
>>>>>>>>>> A few of our mentors have expressed concern that there =20
>>>>>>>>>> might be a
>>>>>>>>>> possible naming conflict with our project name (JSecurity) =20=

>>>>>>>>>> and some
>>>>>>>>>> other references found through google and other search =20
>>>>>>>>>> mechanisms.
>>>>>>>>>>
>>>>>>>>>> I'd like to point out that the JSecurity name, as an open =20
>>>>>>>>>> source
>>>>>>>>>> project identity has been around for almost 4 years now, =20
>>>>>>>>>> with zero
>>>>>>>>>> contact from any external entity claiming conflict with a =20
>>>>>>>>>> proprietary
>>>>>>>>>> name or product.  I know this isn't legal criteria for =20
>>>>>>>>>> determining if
>>>>>>>>>> there is a name conflict, but I surface it only to put some =20=

>>>>>>>>>> context of
>>>>>>>>>> why the original JSecurity developers (and our well-=20
>>>>>>>>>> established
>>>>>>>>>> communities) think we should keep the JSecurity name.  =20
>>>>>>>>>> There might be
>>>>>>>>>> older references to this name, unrelated to our project, =20
>>>>>>>>>> but we don't
>>>>>>>>>> know for certain if they would constitute a risk in the =20
>>>>>>>>>> name overlap.
>>>>>>>>>>
>>>>>>>>>> We'd like some feedback as to if the project name should be =20=

>>>>>>>>>> changed or
>>>>>>>>>> not.
>>>>>>>>>>
>>>>>>>>>> Here is what one of our mentors summarized after doing some =20=

>>>>>>>>>> research:
>>>>>>>>>>
>>>>>>>>>> <snip>
>>>>>>>>>> Now, looking a bit forward on google, here are some other =20
>>>>>>>>>> references
>>>>>>>>>> to JSecurity :
>>>>>>>>>>
>>>>>>>>>> http://jwicglobal.com/Knowledge.htm
>>>>>>>>>> <http://jwicglobal.com/Knowledge.htm>
>>>>>>>>>> "WIC GLOBAL has developed a comprehensive Information =20
>>>>>>>>>> Security
>>>>>>>>>> Assessment service called JSecurity. Our JSecurity experts =20=

>>>>>>>>>> will
>>>>>>>>>> conduct a full information security risk assessment =20
>>>>>>>>>> focusing on:"
>>>>>>>>>>
>>>>>>>>>> http://www.juniper.net/security/ =
<http://www.juniper.net/security/=20
>>>>>>>>>> >
>>>>>>>>>> Seems like they have a service called  J-Security. Be sure =20=

>>>>>>>>>> that
>>>>>>>>>> Juniper has a legal service who might perfectly well send =20
>>>>>>>>>> some nicely
>>>>>>>>>> written "cease and desist" letter to the ASF about this =20
>>>>>>>>>> name. Not sure
>>>>>>>>>> that our legals want to deal with that ...
>>>>>>>>>>
>>>>>>>>>> =
http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>>>>>>>>>> =
<http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx=20
>>>>>>>>>> >
>>>>>>>>>> Another JSecurity... Seems to be around since 2/11/2005 (at =20=

>>>>>>>>>> least)
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> =
http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=3Ddownload&ur=
lArqPlc=3Dfld_jc_produc_ing_web2.pdf
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> =
<http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=3Ddownload&u=
rlArqPlc=3Dfld_jc_produc_ing_web2.pdf=20
>>>>>>>>>> >
>>>>>>>>>> This company has a product named JSecurity. Since when ?
>>>>>>>>>>
>>>>>>>>>> As much as I like the JSecurity name, I also think that we =20=

>>>>>>>>>> are un
>>>>>>>>>> potential jeopardy if we don't change its name. That's the =20=

>>>>>>>>>> main issue
>>>>>>>>>> we have : we can't afford any kind of legal action when we =20=

>>>>>>>>>> already
>>>>>>>>>> know that there are company out there which already use =20
>>>>>>>>>> this name.
>>>>>>>>>>
>>>>>>>>>> Anyway, I can be wrong, I'm just trying to gather as much =20
>>>>>>>>>> information
>>>>>>>>>> as possible. When you guys think you have set your mind =20
>>>>>>>>>> about this
>>>>>>>>>> name, you will have to go to legal@apache.org
>>>>>>>>>> <mailto:legal@apache.org> with the selected name (be it =20
>>>>>>>>>> JSecurity or
>>>>>>>>>> any other) to double check that it's ok or not (IFAIK). =20
>>>>>>>>>> That is one of
>>>>>>>>>> the condition to exit from the incubator :
>>>>>>>>>> "Check of project name for trademark issues "
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> =
(http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Gra=
duation+Requirements
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> =
<http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Gra=
duation+Requirements=20
>>>>>>>>>> >).
>>>>>>>>>>
>>>>>>>>>> </snip>
>>>>>>>>>>
>>>>>>>>>> Thanks for your review and feedback!
>>>>>>>>>>
>>>>>>>>>> Best,
>>>>>>>>>>
>>>>>>>>>> Les
>>>>>>>>>>
>>>>>>>>>> On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood =
<lhazlewood@apache.org=20
>>>>>>>>>> >
>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Adam,
>>>>>>>>>>>
>>>>>>>>>>> Thanks _very_ much for such a detailed and thoughtful =20
>>>>>>>>>>> opinion.  I love
>>>>>>>>>>> to see people who aren't necessarily code contributors =20
>>>>>>>>>>> contribute to
>>>>>>>>>>> the project in other ways.  This is very valuable to us.
>>>>>>>>>>>
>>>>>>>>>>> I am in total agreement with your sentiments thus far.  It =20=

>>>>>>>>>>> is my
>>>>>>>>>>> opinion that the name we have is great as it is and I'd =20
>>>>>>>>>>> only like to
>>>>>>>>>>> change the name if someone from legal puts pressure on us =20=

>>>>>>>>>>> to do so.
>>>>>>>>>>> IANAL, so I'd have to trust their judgment.  I'm going to =20=

>>>>>>>>>>> post this to
>>>>>>>>>>> legal in just a few minutes asking their feedback.  I'd =20
>>>>>>>>>>> like to hear
>>>>>>>>>>> what they say regardless of what we end up doing - I'm =20
>>>>>>>>>>> genuinely
>>>>>>>>>>> curious :)
>>>>>>>>>>>
>>>>>>>>>>> Thanks again very much for chiming in.  Its nice to see =20
>>>>>>>>>>> that you (and
>>>>>>>>>>> others) are taking continued interest in the project.
>>>>>>>>>>>
>>>>>>>>>>> Best regards,
>>>>>>>>>>>
>>>>>>>>>>> Les
>>>>>>>>>>>
>>>>>>>>>>> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft =20
>>>>>>>>>>> <adam@adamtaft.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> I'm not really a contributor to the JSecurity project yet =20=

>>>>>>>>>>>> (though I
>>>>>>>>>>>> hope to
>>>>>>>>>>>> be in the future).  However, this thread has caught my =20
>>>>>>>>>>>> attention, and
>>>>>>>>>>>> so I
>>>>>>>>>>>> thought I'd give a couple of thoughts.
>>>>>>>>>>>>
>>>>>>>>>>>> I have an interest, call it a hobby, in name related =20
>>>>>>>>>>>> issues for
>>>>>>>>>>>> software
>>>>>>>>>>>> projects, open source included.  So, though I don't speak =20=

>>>>>>>>>>>> from any
>>>>>>>>>>>> official
>>>>>>>>>>>> background (I guess beyond a little professional), I =20
>>>>>>>>>>>> would like to
>>>>>>>>>>>> point out
>>>>>>>>>>>> a few things about the name Alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> First, as I believe has been mentioned, the term Alcatraz =20=

>>>>>>>>>>>> has been
>>>>>>>>>>>> associated with other software products already.  So, =20
>>>>>>>>>>>> this is bad
>>>>>>>>>>>> news
>>>>>>>>>>>> with
>>>>>>>>>>>> regards to trademark related issues.  Just because its a =20=

>>>>>>>>>>>> geographic
>>>>>>>>>>>> location
>>>>>>>>>>>> doesn't mean that it can't be trademarked.  Thus, likely =20=

>>>>>>>>>>>> these other
>>>>>>>>>>>> software products are going to have problems with any =20
>>>>>>>>>>>> related use of
>>>>>>>>>>>> the
>>>>>>>>>>>> term Alcatraz.
>>>>>>>>>>>>
>>>>>>>>>>>> Second, the connotation for JSecurity implies that the =20
>>>>>>>>>>>> product is
>>>>>>>>>>>> used
>>>>>>>>>>>> to
>>>>>>>>>>>> keep people out of the protected system.  This is what =20
>>>>>>>>>>>> the term
>>>>>>>>>>>> "security"
>>>>>>>>>>>> implies, right?  Alcatraz is a prison.  It was NOT meant =20=

>>>>>>>>>>>> to keep
>>>>>>>>>>>> people
>>>>>>>>>>>> out,
>>>>>>>>>>>> it was meant to keep people in.  The use is only quasi-=20
>>>>>>>>>>>> related, and
>>>>>>>>>>>> even
>>>>>>>>>>>> confusing, for a product with your feature set.  Alcatraz =20=

>>>>>>>>>>>> software
>>>>>>>>>>>> would be
>>>>>>>>>>>> a better name for a product which keeps workstation/=20
>>>>>>>>>>>> network users
>>>>>>>>>>>> constrained in their internet use, like a firewall, or a =20=

>>>>>>>>>>>> web proxy,
>>>>>>>>>>>> for
>>>>>>>>>>>> example.  Or a child internet monitoring product.
>>>>>>>>>>>>
>>>>>>>>>>>> Don't underestimate the importance of this point.  The =20
>>>>>>>>>>>> name of a
>>>>>>>>>>>> software
>>>>>>>>>>>> should ideally be somewhat self describing, especially =20
>>>>>>>>>>>> when starting
>>>>>>>>>>>> out.
>>>>>>>>>>>> Until the name becomes a core brand, having a self =20
>>>>>>>>>>>> describing name
>>>>>>>>>>>> can
>>>>>>>>>>>> make
>>>>>>>>>>>> a big difference.
>>>>>>>>>>>>
>>>>>>>>>>>> Third, I don't think you can underestimate how important =20=

>>>>>>>>>>>> it is that
>>>>>>>>>>>> people
>>>>>>>>>>>> can search the name of your product and find it through =20
>>>>>>>>>>>> Google (and
>>>>>>>>>>>> friends).  Clearly the term Alcatraz has a huge number of =20=

>>>>>>>>>>>> unrelated
>>>>>>>>>>>> hits,
>>>>>>>>>>>> and you would clearly be lost any search engine placement =20=

>>>>>>>>>>>> with the
>>>>>>>>>>>> name.
>>>>>>>>>>>> Much better to have a name for your software that is the =20=

>>>>>>>>>>>> only known
>>>>>>>>>>>> reference so that people can easily find you after having =20=

>>>>>>>>>>>> hear the
>>>>>>>>>>>> name.
>>>>>>>>>>>> This is why so many companies go crazy and conjure =20
>>>>>>>>>>>> completely strange
>>>>>>>>>>>> and
>>>>>>>>>>>> nonsensical product names.
>>>>>>>>>>>>
>>>>>>>>>>>> Fourth, Alcatraz is a relatively difficult name to spell, =20=

>>>>>>>>>>>> which again
>>>>>>>>>>>> becomes problematic for the above search recognition =20
>>>>>>>>>>>> reasons.
>>>>>>>>>>>> Alkitraz?
>>>>>>>>>>>> Some people simply won't know how to spell it immediately =20=

>>>>>>>>>>>> (though
>>>>>>>>>>>> this
>>>>>>>>>>>> is a
>>>>>>>>>>>> minor point, admittedly).
>>>>>>>>>>>>
>>>>>>>>>>>> Fifth, it seems like you're making preparations for =20
>>>>>>>>>>>> something that
>>>>>>>>>>>> you
>>>>>>>>>>>> don't
>>>>>>>>>>>> even know to be a problem.  Yes, the Apache legal team =20
>>>>>>>>>>>> should be
>>>>>>>>>>>> consulted.
>>>>>>>>>>>> However, it seems like jumping the gun to just start =20
>>>>>>>>>>>> changing package
>>>>>>>>>>>> names
>>>>>>>>>>>> with anticipation of a name change.  You would be crazy =20
>>>>>>>>>>>> to start
>>>>>>>>>>>> renaming
>>>>>>>>>>>> packages based on some unknown possibility that it has to =20=

>>>>>>>>>>>> happen in
>>>>>>>>>>>> the
>>>>>>>>>>>> future.  What value does this add to the software?
>>>>>>>>>>>>
>>>>>>>>>>>> Following the sigma-six and/or extreme programming world =20=

>>>>>>>>>>>> view, you
>>>>>>>>>>>> shouldn't
>>>>>>>>>>>> be making any change to your software until the change is =20=

>>>>>>>>>>>> actually
>>>>>>>>>>>> required
>>>>>>>>>>>> and value is added.  Do you have a pending lawsuit?  Has =20=

>>>>>>>>>>>> the Apache
>>>>>>>>>>>> council
>>>>>>>>>>>> suggested the change?  Are you being blocked by the =20
>>>>>>>>>>>> incubation
>>>>>>>>>>>> process?
>>>>>>>>>>>> Why
>>>>>>>>>>>> even consider a change until it needs to be done.  Energy =20=

>>>>>>>>>>>> could be
>>>>>>>>>>>> better
>>>>>>>>>>>> spent on other matters.
>>>>>>>>>>>>
>>>>>>>>>>>> Yes, it's a trivial thing to refactor a project from =20
>>>>>>>>>>>> Eclipse.  But,
>>>>>>>>>>>> that's
>>>>>>>>>>>> only a very small part of the bigger issue.  Disruption, =20=

>>>>>>>>>>>> confusion,
>>>>>>>>>>>> support,
>>>>>>>>>>>> search engine optimization, etc. are what needs to be =20
>>>>>>>>>>>> thought about
>>>>>>>>>>>> when
>>>>>>>>>>>> changing the name.
>>>>>>>>>>>>
>>>>>>>>>>>> Further, what if you decide to change the name to =20
>>>>>>>>>>>> Alcatraz, and then
>>>>>>>>>>>> get
>>>>>>>>>>>> pressure from another software group?  Ouch, time to =20
>>>>>>>>>>>> rename the
>>>>>>>>>>>> project
>>>>>>>>>>>> yet
>>>>>>>>>>>> again.
>>>>>>>>>>>>
>>>>>>>>>>>> I think you all are better just letting this thing ride =20
>>>>>>>>>>>> until
>>>>>>>>>>>> something
>>>>>>>>>>>> real
>>>>>>>>>>>> convicting suggests you need a change.  JSecurity is a =20
>>>>>>>>>>>> great product
>>>>>>>>>>>> name
>>>>>>>>>>>> which you should stick with until otherwise needed.  And, =20=

>>>>>>>>>>>> if that day
>>>>>>>>>>>> comes,
>>>>>>>>>>>> Alcatraz is just simply the wrong name, in my humble =20
>>>>>>>>>>>> opinion, for all
>>>>>>>>>>>> the
>>>>>>>>>>>> reasons mentioned above.
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>
>>>>>>>>>>>> Adam
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Emmanuel Lecharny wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Alan D. Cabrera wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
>>>>>>>>>>>>>>>>> <elecharny@gmail.com> wrote:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Post to legal-discuss@a.o, ask them, but give them =20=

>>>>>>>>>>>>>>>>>> the names we
>>>>>>>>>>>>>>>>>> have googled
>>>>>>>>>>>>>>>>>> too.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> I think this needs to be vetted, so I'm happy to =20
>>>>>>>>>>>>>>>>> post to
>>>>>>>>>>>>>>>>> legal-discuss.  But, I can't easily find the thread =20=

>>>>>>>>>>>>>>>>> with the
>>>>>>>>>>>>>>>>> googled
>>>>>>>>>>>>>>>>> names.  Could you please forward them on so I can =20
>>>>>>>>>>>>>>>>> post them to
>>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>> legal team?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Let me suggest this.  It seems to me that that =20
>>>>>>>>>>>>>>>> alcatraz is the
>>>>>>>>>>>>>>>> clear
>>>>>>>>>>>>>>>> favorite, after jsecurity.  Let's start setting up =20
>>>>>>>>>>>>>>>> the 1.0
>>>>>>>>>>>>>>>> packages
>>>>>>>>>>>>>>>> to be alcatraz and when/if we get the go-ahead from =20
>>>>>>>>>>>>>>>> legal and the
>>>>>>>>>>>>>>>> Incubator PMC we can change the packages to be =20
>>>>>>>>>>>>>>>> jsecurity.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Well, I think then it's better to stick with JSecurity =20=

>>>>>>>>>>>>>>> (because
>>>>>>>>>>>>>>> it's
>>>>>>>>>>>>>>> already the name we use), ask to Legal, and move to =20
>>>>>>>>>>>>>>> alcatraz if
>>>>>>>>>>>>>>> needed (or any other name).
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> So the first step, IMHO, is to ask Legal about the =20
>>>>>>>>>>>>>>> Jsecurity name
>>>>>>>>>>>>>>> (with all the infos we have already found about it), =20
>>>>>>>>>>>>>>> and also ask
>>>>>>>>>>>>>>> them in the same mail if Alcatraz is ok or not (same =20
>>>>>>>>>>>>>>> here : add
>>>>>>>>>>>>>>> some
>>>>>>>>>>>>>>> more infos related to this name, assuming that being a
>>>>>>>>>>>>>>> geographical
>>>>>>>>>>>>>>> location, it should not be such a problem).
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Legal is not a clearing house for project names.  They =20=

>>>>>>>>>>>>>> can only
>>>>>>>>>>>>>> give
>>>>>>>>>>>>>> advice if there's a potential conflict, i.e. =20
>>>>>>>>>>>>>> JSecurity.  So far as
>>>>>>>>>>>>>> I
>>>>>>>>>>>>>> can tell, there is none for alcatraz.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> What I'm worried about is that the vetting effort for =20
>>>>>>>>>>>>>> the JSecurity
>>>>>>>>>>>>>> name will have the same track record as the v0.9 =20
>>>>>>>>>>>>>> release.  If we
>>>>>>>>>>>>>> start
>>>>>>>>>>>>>> with alcatraz then we have one less thing impeding our =20=

>>>>>>>>>>>>>> incubation
>>>>>>>>>>>>>> process.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Let's start with Alcratraz then, and we have quit some =20
>>>>>>>>>>>>> time to do
>>>>>>>>>>>>> some
>>>>>>>>>>>>> vetting before 1.0 (hopefully when the project exits from
>>>>>>>>>>>>> incubator).
>>>>>>>>>>>>>
>>>>>>>>>>>>> So my +1 for alcatraz and +1 for doing the renaming now.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> --
>>>>>>>>>>>>> cordialement, regards,
>>>>>>>>>>>>> Emmanuel L=E9charny
>>>>>>>>>>>>> www.iktek.com
>>>>>>>>>>>>> directory.apache.org
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> View this message in context:
>>>>>>>>>>>> =
http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
>>>>>>>>>>>> Sent from the JSecurity Developer mailing list archive at =20=

>>>>>>>>>>>> Nabble.com.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> =
---------------------------------------------------------------------
>>>>>>>>> DISCLAIMER: Discussions on this list are informational and =20
>>>>>>>>> educational
>>>>>>>>> only.  Statements made on this list are not privileged, do not
>>>>>>>>> constitute legal advice, and do not necessarily reflect the =20=

>>>>>>>>> opinions
>>>>>>>>> and policies of the ASF.  See <http://www.apache.org/=20
>>>>>>>>> licenses/> for
>>>>>>>>> official ASF policies and documents.
>>>>>>>>> =
---------------------------------------------------------------------
>>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>>
>>>>>>>>
>>>>>>>> Craig L Russell
>>>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>>>
>>>>>>>>
>>>>>>>> =
---------------------------------------------------------------------
>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> =
---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>
>>>>>>
>>>>>> Craig L Russell
>>>>>> Architect, Sun Java Enterprise System http://db.apache.org/jdo
>>>>>> 408 276-5638 mailto:Craig.Russell@sun.com
>>>>>> P.S. A good JDO? O, Gasp!
>>>>>>
>>>>>>
>>>>
>>>>
>>>> =
---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>
>>>>
>>>
>>
>


--Apple-Mail-7-8270105
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGITCCAtow
ggJDoAMCAQICECrGtO4cGI/rnblmE9dOIxQwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCWkEx
JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQ
ZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA4MDYyMDAwMDAwOFoXDTA5MDYyMDAwMDAw
OFowQjEfMB0GA1UEAxMWVGhhd3RlIEZyZWVtYWlsIE1lbWJlcjEfMB0GCSqGSIb3DQEJARYQdGp2
ZWlsQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTP5KEiqKamEyeP
qf5NQ2pI2AdTvJG6lKflV4uEFjTkZAFwMwp+CMnrgHTwMt/HHvUnUaPvB/PqLYZKsXR6pBquu4Qk
52cQItajQIaPJ9gjGObMU59Aapgk7yHDiQAiVTz2/nFL4O69aoW3F/lNHBAHOIuLzkkkqMMvbmoZ
NSmKwPx43O9MYaw1LU4nz8FPC8JRh9G734K0F7x4YHwUJ+YgVfUr4JhPT63gtMV4UgOq8L59Mj6+
ZeLJEIcnW7oSD+oxQ7lAOvVu23xPA2l5IXNUQQU6JFCqf+pcFCdNcEjenazDI/1BR6NIOlpeaTqZ
IZ7tZUqfmWGa54q4OcE8qkECAwEAAaMtMCswGwYDVR0RBBQwEoEQdGp2ZWlsQGdtYWlsLmNvbTAM
BgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBQUAA4GBAFJCp/bgmdBQmqG6IH9z5TeaF0xhOyAOyUyV
2mUKeVU7uzGwMr15YFPEGkI8HsOheHADluS2ilyMuNaG47LELbrdSZfxnr5AovLuDl0ZNFY+ZNP1
WJiBZHL6R9gwURTS9EspeMINB4UDzCjLZM63j/D9nP+G3WdJgvOjJHaWU79qMIIDPzCCAqigAwIB
AgIBDTANBgkqhkiG9w0BAQUFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2Fw
ZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UE
CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUu
Y29tMB4XDTAzMDcxNzAwMDAwMFoXDTEzMDcxNjIzNTk1OVowYjELMAkGA1UEBhMCWkExJTAjBgNV
BAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25h
bCBGcmVlbWFpbCBJc3N1aW5nIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEpjxVc1X7
TrnKmVoeaMB1BHCd3+n/ox7svc31W/Iadr1/DDph8r9RzgHU5VAKMNcCY1osiRVwjt3J8CuFWqo/
cVbLrzwLB+fxH5E2JCoTzyvV84J3PQO+K/67GD4Hv0CAAmTXp6a7n2XRxSpUhQ9IBH+nttE8YQRA
HmQZcmC3+wIDAQABo4GUMIGRMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0fBDwwOjA4oDagNIYy
aHR0cDovL2NybC50aGF3dGUuY29tL1RoYXd0ZVBlcnNvbmFsRnJlZW1haWxDQS5jcmwwCwYDVR0P
BAQDAgEGMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwyLTEzODANBgkqhkiG
9w0BAQUFAAOBgQBIjNFQg+oLLswNo2asZw9/r6y+whehQ5aUnX9MIbj4Nh+qLZ82L8D0HFAgk3A8
/a3hYWLD2ToZfoSxmRsAxRoLgnSeJVCUYsfbJ3FXJY3dqZw5jowgT2Vfldr394fWxghOrvbqNOUQ
Gls1TXfjViF4gtwhGTXeJLHTHUb/XV9lTzGCAxAwggMMAgEBMHYwYjELMAkGA1UEBhMCWkExJTAj
BgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJz
b25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAhAqxrTuHBiP6525ZhPXTiMUMAkGBSsOAwIaBQCgggFv
MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA5MDExMjAwMDIyMFow
IwYJKoZIhvcNAQkEMRYEFF9k+vjkAD7NzKgd3BcpfT8W4IvIMIGFBgkrBgEEAYI3EAQxeDB2MGIx
CzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYD
VQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQKsa07hwYj+uduWYT104j
FDCBhwYLKoZIhvcNAQkQAgsxeKB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u
c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNz
dWluZyBDQQIQKsa07hwYj+uduWYT104jFDANBgkqhkiG9w0BAQEFAASCAQBmio706OebvSIgMxcw
Wpu+W2S3pqQ7+3cDTFNlNWy47KKifT8wnU7DCEA3IlBadkN8j5C6wjNe14bIIH4A/QPkR9JpD9p7
QmfkO9CK5OUN9YUGAaxxeLCSSlVKxo4mkSh4DvFlGRWawY53QUoBHznLWQFlFG1fQIGQsdg+Xfyq
TFhxzsKm8hGxnq7dg6Zsc9H/r+0bdp6pliwUk+o3HKd8GjK8B0eDOG3YzANHvSFuwuJij7eaQs/7
ONvlqGF4KUlfAKhqIeKMPWjkPBapB+VYwTFwSWf5abgvypfxvFkid3nhVg3L6HHcSzqlK9UT/bSd
vSeWhHCtlEPWBll9pTT/AAAAAAAA

--Apple-Mail-7-8270105--