www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lawrence Rosen" <lro...@rosenlaw.com>
Subject RE: To IP Clearance? or not?
Date Thu, 31 Jan 2013 21:59:38 GMT
Benson Margulies wrote:
> In practical terms, people who choose the AL are hardly ever stingy
> in responding to a polite request for a voluntary contribution. So I'd
> advise asking first, and splitting policy hairs only if needed. 

I agree with you and I wasn't meaning to sound disagreeable in the process. :-) But you posted
your email on the legal-discuss@ list so I assumed you were seeking legal viewpoints as well.

This legal issue is easy. As you suggest, we split policy hairs only if needed and as described
at http://www.apache.org/legal/resolved.html.

BTW, I recently was contacted by the chief IP counsel of a large company who was surprised
to find non-Apache code inside some software of ours. I referred her to the above FAQ and
she was satisfied that the software we included is "safe" to use. I told her this situation
was entirely typical of open source software from commercial companies and non-profit organizations
around the world and that the only specific thing I could advise her to do was to read our
NOTICE and LICENSE files and be advised accordingly. I also suggested that they use extra
caution if they elect to redistribute our software or derivative works of it because they
must comply with the third party license requirements *and* Apache License 2.0.

The Apache policy is easy for Category A licenses. Category B is more tricky. As for Category
X -- at least currently -- das ist verboten!

Roy, what say you?

/Larry

Lawrence Rosen
Rosenlaw & Einschlag, a technology law firm (www.rosenlaw.com)
3001 King Ranch Rd., Ukiah, CA 95482
Office: 707-485-1242


-----Original Message-----
From: Benson Margulies [mailto:bimargulies@gmail.com] 
Sent: Thursday, January 31, 2013 12:18 PM
To: legal-discuss@apache.org; Lawrence Rosen
Subject: Re: To IP Clearance? or not?

Larry, this isn't a legal issue. It's a cultural issue. Roy has been very clear on the 'voluntary'
nature of contributions as an essential characteristic of how we work. Since I personally
think this is a good thing, I find it easy to accept his statements as settled policy. If
Greg and others have different views, well, that's a point of departure for a conversation.

It has been my recent experience that mentioning Roy in a message here tends to elicit his
own statement on the topic, so I look forward to reading it.

In practical terms, people who choose the AL are hardly ever stingy in responding to a polite
request for a voluntary contribution. So I'd advise asking first, and splitting policy hairs
only if needed.



On Thu, Jan 31, 2013 at 7:49 PM, Lawrence Rosen <lrosen@rosenlaw.com> wrote:
> Benson Margulies wrote:
>> The issue here is the absolute requirements that all code 
>> contributions be _voluntary_. The policy has been that ' very small'
>> bits of code under 'category A' licenses can be committed, but, if 
>> it's larger than small, it must be actively contributes by its author.
>> Whether we need IP clearance is again a matter of judgement based on 
>> size.
>
> The only  legal IP issue here is whether ASF can *rely* (for IP 
> clearance
> purposes) on something *other than an intentional contribution*? The 
> answer is "yes" with certain IP notices required to protect our 
> projects and our downstream users. As I understand it, our procedures 
> also require certain due diligence relating to the license of that 
> third-party code. [1] That's largely settled policy for the Incubator and all other Apache
projects.
>
> An intentional contribution is one made to ASF under an ICLA, CCLA or 
> SGA signed by an individual or organization intentionally contributing 
> code to us. We rely on those promises.
>
> Even if some code we need is not *intentionally contributed* to 
> Apache, we can reach out on the web and take any copy of it made 
> available to the public under an open source license.  There is no 
> reason to ask the author of that code for his or her additional 
> permission or consent. The license is sufficient to rely on for IP clearance purposes.
>
> There may be, in some Apache projects, additional policy issues 
> whether to import large blocks of code available under FOSS licenses 
> or whether to start from scratch. But I don't believe this is an IP clearance problem.
>
> /Larry
>
> [1] http://www.apache.org/legal/resolved.html
>
> Lawrence Rosen
> Rosenlaw & Einschlag, a technology law firm (www.rosenlaw.com)
> 3001 King Ranch Rd., Ukiah, CA 95482
> Office: 707-485-1242
>
>
> -----Original Message-----
> From: Greg Stein [mailto:gstein@gmail.com]
> Sent: Thursday, January 31, 2013 9:09 AM
> To: legal-discuss@apache.org
> Subject: Re: To IP Clearance? or not?
>
> On Jan 31, 2013 11:47 AM, "Benson Margulies" <bimargulies@gmail.com> wrote:
>>
>> On Thu, Jan 31, 2013 at 4:38 PM, David Nalley <david@gnsa.us> wrote:
>> > Hi folks:
>> >
>> > CloudStack is currently discussing adding some code which includes 
>> > some chunks of 3rd party code that is licensed under ALv2. [1]
>> >
>> > Essentialy the situation is:
>> >
>> > * Developer found some ALv2 code that fit a specific need from a 
>> > non-ASF open source project that is in the same space.
>> > * Developer modified that code to work in CloudStack
>> > * Developer submitted that for review/inclusion, at which point 
>> > someone noted the Copyright attributions and our discussion began.
>> > * If accepted (and I think the assumption is that it would be) the 
>> > code would be included in the CloudStack codebase and distributed 
>> > in future CloudStack releases.
>> > * The total line count is around 1500 lines of code that wasn't 
>> > developed specifically for CloudStack
>>
>> The issue here is the absolute requirements that all code 
>> contributions be _voluntary_. The policy has been that ' very small'
>> bits of code under 'category A' licenses can be committed, but, if 
>> it's larger than small, it must be actively contributes by its author.
>> Whether we need IP clearance is again a matter of judgement based on 
>> size.
>>
>> It strikes me as too big to be collected without active participation 
>> from the author, but I leave it to others to comment on whether it's 
>> big enough to require full IP clearance.
>
> No no... You're talking about code that arrives with the intent on
> *moving* its locus of development to the ASF. The IP clearance is 
> needed to ensure we have the necessary rights to do the work here. It 
> sounds like this is (and will remain) a third-party library. That its 
> development location isn't moving here.
>
> If the code is merely a dependent library, pulled into our version 
> control for ease of packaging, then that's just fine. In httpd, we do 
> that with PCRE. In APR, we do that with Expat. There is ample 
> precedent, as long as the code is properly marked (ie. leave all of 
> its headers alone, noting the correct copyright holder and license).
>
> If the code is a third-party library, and further work is intended, 
> then I would suggest a vendor branch. Check in the original library 
> onto a vendor branch, copy that into trunk, and apply changes into trunk. For "large"
> modifications (for some suitable definition of "large"), then it may 
> be desirable to apply additional ASF headers into the files, noting 
> "portions are copyright ASF, and subject to ALv2" (or whatever the 
> right text is; you get the idea)
>
> So... IP clearance in this situation depends on long-term intent, I 
> would say.
>
> Cheers,
> -g
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message