Re: JSecurity's new name

Mon, 01 Dec 2008 16:12:49 -0800 

Hi Emmanuel,
Thanks for the quick reply. I think it goes without saying that I'm naive about the Apache process, and obviously your history with them. 


Alcatraz has a very dark and negative connotation.  The prison itself 
was not looked upon favorably in the eyes of many.  It was an extremely 
controversial place, to say the least.  I can't imagine the ASF would 
want a subproject with that name.



I really like the idea of "Apache Security API."  That really works 
because of the strong Apache brand prefix.  org.apache.security for the 
package name, etc.  It means what it says.  Or, asa4j.


Some other ideas:

Apache Guard
Apache Fortress
Apache Frontline
Apache Stonewall
Apache Stronghold
Apache Redoubt
Apache Garrison
Apache Shield

Cheers,

Adam Taft


Emmanuel Lecharny wrote:

adamtaft wrote:

Hi,

  

Hi,

I'm not really a contributor to the JSecurity project yet (though I 
hope to
be in the future).  However, this thread has caught my attention, and 
so I

thought I'd give a couple of thoughts.

  

thanks for the detailed mail !

I have an interest, call it a hobby, in name related issues for software

projects, open source included.  So, though I don't speak from any 
official
background (I guess beyond a little professional), I would like to 
point out

a few things about the name Alcatraz.

First, as I believe has been mentioned, the term Alcatraz has been

associated with other software products already.  So, this is bad news 
with
regards to trademark related issues.  Just because its a geographic 
location

doesn't mean that it can't be trademarked.  Thus, likely these other
software products are going to have problems with any related use of the
term Alcatraz.

  

True. Java is also a geographical location, but I guarantee you you'll 
be sued immediatly if you use it for a software name ... Now, is this 
the case for Alcatraz? Might be...

Second, the connotation for JSecurity implies that the product is used to

keep people out of the protected system.  This is what the term 
"security"
implies, right?  Alcatraz is a prison.  It was NOT meant to keep 
people out,

it was meant to keep people in.  The use is only quasi-related, and even

confusing, for a product with your feature set.  Alcatraz software 
would be

a better name for a product which keeps workstation/network users
constrained in their internet use, like a firewall, or a web proxy, for
example.  Or a child internet monitoring product.

  

This is also something which came to my mind (I personally find Knox a 
better fit), but it's not as important as to have a name which can be 
recalled.

Don't underestimate the importance of this point.  The name of a software

should ideally be somewhat self describing, especially when starting 
out. Until the name becomes a core brand, having a self describing 
name can make

a big difference.

  

This is where it starts to be difficult :) The good point is that we are 
encapsulated by the Apache brand, and one of the rule of thumb you can 
find on the apache site is : "Consider using functional names, 
especially for products of existing projects, e.g. for an "Apache Foo" 
project, the product name "Apache Foo Pipelines". "

(http://www.apache.org/dev/project-names.html)


Something like Apache Security API for Java would be a perfect fit, 
except that it's a pretty long name (unless we call it asa4j :)

Third, I don't think you can underestimate how important it is that 
people

can search the name of your product and find it through Google (and
friends).  Clearly the term Alcatraz has a huge number of unrelated hits,

and you would clearly be lost any search engine placement with the 
name. Much better to have a name for your software that is the only known
reference so that people can easily find you after having hear the 
name. This is why so many companies go crazy and conjure completely 
strange and

nonsensical product names.

  

Apache related product are quickly highly ranked.

<snip>

Fifth, it seems like you're making preparations for something that you 
don't
even know to be a problem.  Yes, the Apache legal team should be 
consulted. However, it seems like jumping the gun to just start 
changing package names

with anticipation of a name change.  You would be crazy to start renaming
packages based on some unknown possibility that it has to happen in the
future.  What value does this add to the software?

  

None, clearly, except that at some point, it should be done.

Following the sigma-six and/or extreme programming world view, you 
shouldn't
be making any change to your software until the change is actually 
required
and value is added.  Do you have a pending lawsuit?  

In any case, this is not something we should be waiting for.

Has the Apache council

suggested the change?  

Three of this project's mentors has suggested that the name should be 
changed. I wish we are all wrong, but I'm afraid we are not ...

Are you being blocked by the incubation process?  Why
even consider a change until it needs to be done.  Energy could be better
spent on other matters.

  

This is a part of the incubation process :

"Make sure that the requested project name does not already exist and 
check www.nameprotect.com to be sure that the name is not already 
trademarked for an existing software product."


http://incubator.apache.org/projects/jsecurity.html, in Project setup.

<snip/>

I think you all are better just letting this thing ride until 
something real

convicting suggests you need a change.  JSecurity is a great product name

which you should stick with until otherwise needed. 

But sadly, even if it's a good name, we think it's already used, even if 
it's not trademarked. ("Trademarks exist by virtue of use, not just 
registration.")

 And, if that day comes,
Alcatraz is just simply the wrong name, in my humble opinion, for all the
reasons mentioned above.

Thanks,

  

Thanks !































					Reply via email to