Given that it's a name you've been using for 4 years, and it's very generic [jXxx being a common pattern in our space and Security being very generic]; I'm inclined to keep the current name; though by the same reasoning, it's a weak name as "Apache JSecurity" isn't very good branding.
My tuppence of opinion. Hen On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <[EMAIL PROTECTED]> wrote: > Hi ASF legal team, > > I'm writing this email in hopes of getting your feedback concerning a > discussion we've been having on the JSecurity email list (an Incubator > project). > > A few of our mentors have expressed concern that there might be a > possible naming conflict with our project name (JSecurity) and some > other references found through google and other search mechanisms. > > I'd like to point out that the JSecurity name, as an open source > project identity has been around for almost 4 years now, with zero > contact from any external entity claiming conflict with a proprietary > name or product. I know this isn't legal criteria for determining if > there is a name conflict, but I surface it only to put some context of > why the original JSecurity developers (and our well-established > communities) think we should keep the JSecurity name. There might be > older references to this name, unrelated to our project, but we don't > know for certain if they would constitute a risk in the name overlap. > > We'd like some feedback as to if the project name should be changed or not. > > Here is what one of our mentors summarized after doing some research: > > <snip> > Now, looking a bit forward on google, here are some other references > to JSecurity : > > http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm> > "WIC GLOBAL has developed a comprehensive Information Security > Assessment service called JSecurity. Our JSecurity experts will > conduct a full information security risk assessment focusing on:" > > http://www.juniper.net/security/ <http://www.juniper.net/security/> > Seems like they have a service called J-Security. Be sure that > Juniper has a legal service who might perfectly well send some nicely > written "cease and desist" letter to the ASF about this name. Not sure > that our legals want to deal with that ... > > http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx > <http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx> > Another JSecurity... Seems to be around since 2/11/2005 (at least) > > http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf > <http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf> > This company has a product named JSecurity. Since when ? > > As much as I like the JSecurity name, I also think that we are un > potential jeopardy if we don't change its name. That's the main issue > we have : we can't afford any kind of legal action when we already > know that there are company out there which already use this name. > > Anyway, I can be wrong, I'm just trying to gather as much information > as possible. When you guys think you have set your mind about this > name, you will have to go to [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> with the selected name (be it JSecurity or > any other) to double check that it's ok or not (IFAIK). That is one of > the condition to exit from the incubator : > "Check of project name for trademark issues " > (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements > <http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements>). > > </snip> > > Thanks for your review and feedback! > > Best, > > Les > > On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <[EMAIL PROTECTED]> wrote: >> Adam, >> >> Thanks _very_ much for such a detailed and thoughtful opinion. I love >> to see people who aren't necessarily code contributors contribute to >> the project in other ways. This is very valuable to us. >> >> I am in total agreement with your sentiments thus far. It is my >> opinion that the name we have is great as it is and I'd only like to >> change the name if someone from legal puts pressure on us to do so. >> IANAL, so I'd have to trust their judgment. I'm going to post this to >> legal in just a few minutes asking their feedback. I'd like to hear >> what they say regardless of what we end up doing - I'm genuinely >> curious :) >> >> Thanks again very much for chiming in. Its nice to see that you (and >> others) are taking continued interest in the project. >> >> Best regards, >> >> Les >> >> On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <[EMAIL PROTECTED]> wrote: >>> >>> Hi, >>> >>> I'm not really a contributor to the JSecurity project yet (though I hope to >>> be in the future). However, this thread has caught my attention, and so I >>> thought I'd give a couple of thoughts. >>> >>> I have an interest, call it a hobby, in name related issues for software >>> projects, open source included. So, though I don't speak from any official >>> background (I guess beyond a little professional), I would like to point out >>> a few things about the name Alcatraz. >>> >>> First, as I believe has been mentioned, the term Alcatraz has been >>> associated with other software products already. So, this is bad news with >>> regards to trademark related issues. Just because its a geographic location >>> doesn't mean that it can't be trademarked. Thus, likely these other >>> software products are going to have problems with any related use of the >>> term Alcatraz. >>> >>> Second, the connotation for JSecurity implies that the product is used to >>> keep people out of the protected system. This is what the term "security" >>> implies, right? Alcatraz is a prison. It was NOT meant to keep people out, >>> it was meant to keep people in. The use is only quasi-related, and even >>> confusing, for a product with your feature set. Alcatraz software would be >>> a better name for a product which keeps workstation/network users >>> constrained in their internet use, like a firewall, or a web proxy, for >>> example. Or a child internet monitoring product. >>> >>> Don't underestimate the importance of this point. The name of a software >>> should ideally be somewhat self describing, especially when starting out. >>> Until the name becomes a core brand, having a self describing name can make >>> a big difference. >>> >>> Third, I don't think you can underestimate how important it is that people >>> can search the name of your product and find it through Google (and >>> friends). Clearly the term Alcatraz has a huge number of unrelated hits, >>> and you would clearly be lost any search engine placement with the name. >>> Much better to have a name for your software that is the only known >>> reference so that people can easily find you after having hear the name. >>> This is why so many companies go crazy and conjure completely strange and >>> nonsensical product names. >>> >>> Fourth, Alcatraz is a relatively difficult name to spell, which again >>> becomes problematic for the above search recognition reasons. Alkitraz? >>> Some people simply won't know how to spell it immediately (though this is a >>> minor point, admittedly). >>> >>> Fifth, it seems like you're making preparations for something that you don't >>> even know to be a problem. Yes, the Apache legal team should be consulted. >>> However, it seems like jumping the gun to just start changing package names >>> with anticipation of a name change. You would be crazy to start renaming >>> packages based on some unknown possibility that it has to happen in the >>> future. What value does this add to the software? >>> >>> Following the sigma-six and/or extreme programming world view, you shouldn't >>> be making any change to your software until the change is actually required >>> and value is added. Do you have a pending lawsuit? Has the Apache council >>> suggested the change? Are you being blocked by the incubation process? Why >>> even consider a change until it needs to be done. Energy could be better >>> spent on other matters. >>> >>> Yes, it's a trivial thing to refactor a project from Eclipse. But, that's >>> only a very small part of the bigger issue. Disruption, confusion, support, >>> search engine optimization, etc. are what needs to be thought about when >>> changing the name. >>> >>> Further, what if you decide to change the name to Alcatraz, and then get >>> pressure from another software group? Ouch, time to rename the project yet >>> again. >>> >>> I think you all are better just letting this thing ride until something real >>> convicting suggests you need a change. JSecurity is a great product name >>> which you should stick with until otherwise needed. And, if that day comes, >>> Alcatraz is just simply the wrong name, in my humble opinion, for all the >>> reasons mentioned above. >>> >>> Thanks, >>> >>> Adam >>> >>> >>> >>> >>> >>> Emmanuel Lecharny wrote: >>>> >>>> Alan D. Cabrera wrote: >>>>> >>>>> On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote: >>>>> >>>>>> Alan D. Cabrera wrote: >>>>>>> >>>>>>> On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote: >>>>>>> >>>>>>>> On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny >>>>>>>> <[EMAIL PROTECTED]> wrote: >>>>>>>> >>>>>>>>> Post to [EMAIL PROTECTED], ask them, but give them the names we >>>>>>>>> have googled >>>>>>>>> too. >>>>>>>> >>>>>>>> I think this needs to be vetted, so I'm happy to post to >>>>>>>> legal-discuss. But, I can't easily find the thread with the googled >>>>>>>> names. Could you please forward them on so I can post them to the >>>>>>>> legal team? >>>>>>> >>>>>>> Let me suggest this. It seems to me that that alcatraz is the clear >>>>>>> favorite, after jsecurity. Let's start setting up the 1.0 packages >>>>>>> to be alcatraz and when/if we get the go-ahead from legal and the >>>>>>> Incubator PMC we can change the packages to be jsecurity. >>>>>> Well, I think then it's better to stick with JSecurity (because it's >>>>>> already the name we use), ask to Legal, and move to alcatraz if >>>>>> needed (or any other name). >>>>>> >>>>>> So the first step, IMHO, is to ask Legal about the Jsecurity name >>>>>> (with all the infos we have already found about it), and also ask >>>>>> them in the same mail if Alcatraz is ok or not (same here : add some >>>>>> more infos related to this name, assuming that being a geographical >>>>>> location, it should not be such a problem). >>>>> >>>>> Legal is not a clearing house for project names. They can only give >>>>> advice if there's a potential conflict, i.e. JSecurity. So far as I >>>>> can tell, there is none for alcatraz. >>>>> >>>>> What I'm worried about is that the vetting effort for the JSecurity >>>>> name will have the same track record as the v0.9 release. If we start >>>>> with alcatraz then we have one less thing impeding our incubation >>>>> process. >>>> Let's start with Alcratraz then, and we have quit some time to do some >>>> vetting before 1.0 (hopefully when the project exits from incubator). >>>> >>>> So my +1 for alcatraz and +1 for doing the renaming now. >>>> >>>> >>>> -- >>>> -- >>>> cordialement, regards, >>>> Emmanuel Lécharny >>>> www.iktek.com >>>> directory.apache.org >>>> >>>> >>>> >>>> >>> >>> -- >>> View this message in context: >>> http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html >>> Sent from the JSecurity Developer mailing list archive at Nabble.com. >>> >>> >> >
