any more... ok, former board member. ;-)
Craig On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
I'm not a board member. :)On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <[email protected] > wrote:-1 Do not change JSecurity's nameWe had the discussion in early December on the legal mailing list and no issues were raised contrary to Henri's comments. Henri is the only boardmember who commented on the JSecurity name during the discussion.We will have at least three more votes where additional issues regarding thename can be brought up: 1. The first release of JSecurity code from the incubator. 2. The graduation vote of JSecurity taken by the incubator PMC.3. The acceptance of JSecurity by the Apache board after the incubatorvotes. Craig Dear JSecurity Team,There has been lengthy debate without consensus as to whether or JSecurity's name should be changed to something else. So, there is need for a vote.Please vote on changing JSecurity's name to something else. This is ONLY a vote of if we should change the name, NOT what any alternate name might be.I'd like to leave this vote open for 7 days instead of the usual 3 to account for time that people may not be able to respond due to theholidays. Of course we can close the vote early if all binding votes areaccounted for prior to the 7 day limit.The vote is open for the next 7 days and only votes from the JSecuritydevelopment team are binding. [ ] +1 Change JSecurity's name [ ] -1 Do not change JSecurity's name On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:Given that it's a name you've been using for 4 years, and it's very generic [jXxx being a common pattern in our space and Security being very generic]; I'm inclined to keep the current name; though by thesame reasoning, it's a weak name as "Apache JSecurity" isn't very goodbranding. My tuppence of opinion. HenOn Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <[email protected]>wrote:Hi ASF legal team,I'm writing this email in hopes of getting your feedback concerning a discussion we've been having on the JSecurity email list (an Incubatorproject). A few of our mentors have expressed concern that there might be a possible naming conflict with our project name (JSecurity) and some other references found through google and other search mechanisms. I'd like to point out that the JSecurity name, as an open source project identity has been around for almost 4 years now, with zerocontact from any external entity claiming conflict with a proprietary name or product. I know this isn't legal criteria for determining if there is a name conflict, but I surface it only to put some context ofwhy the original JSecurity developers (and our well-establishedcommunities) think we should keep the JSecurity name. There might be older references to this name, unrelated to our project, but we don't know for certain if they would constitute a risk in the name overlap.We'd like some feedback as to if the project name should be changed ornot.Here is what one of our mentors summarized after doing some research:<snip>Now, looking a bit forward on google, here are some other referencesto JSecurity :http://jwicglobal.com/Knowledge.htm <http://jwicglobal.com/Knowledge.htm >"WIC GLOBAL has developed a comprehensive Information Security Assessment service called JSecurity. Our JSecurity experts will conduct a full information security risk assessment focusing on:" http://www.juniper.net/security/ <http://www.juniper.net/security/> Seems like they have a service called J-Security. Be sure thatJuniper has a legal service who might perfectly well send some nicely written "cease and desist" letter to the ASF about this name. Not surethat our legals want to deal with that ... http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx<http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx >Another JSecurity... Seems to be around since 2/11/2005 (at least) http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf<http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf >This company has a product named JSecurity. Since when ? As much as I like the JSecurity name, I also think that we are unpotential jeopardy if we don't change its name. That's the main issuewe have : we can't afford any kind of legal action when we already know that there are company out there which already use this name.Anyway, I can be wrong, I'm just trying to gather as much informationas possible. When you guys think you have set your mind about this name, you will have to go to [email protected]<mailto:[email protected]> with the selected name (be it JSecurity or any other) to double check that it's ok or not (IFAIK). That is one ofthe condition to exit from the incubator : "Check of project name for trademark issues " (http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements<http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements >).</snip> Thanks for your review and feedback! Best, LesOn Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <[email protected] >wrote:Adam,Thanks _very_ much for such a detailed and thoughtful opinion. I love to see people who aren't necessarily code contributors contribute tothe project in other ways. This is very valuable to us. I am in total agreement with your sentiments thus far. It is myopinion that the name we have is great as it is and I'd only like to change the name if someone from legal puts pressure on us to do so. IANAL, so I'd have to trust their judgment. I'm going to post this to legal in just a few minutes asking their feedback. I'd like to hearwhat they say regardless of what we end up doing - I'm genuinely curious :)Thanks again very much for chiming in. Its nice to see that you (andothers) are taking continued interest in the project. Best regards, LesOn Mon, Dec 1, 2008 at 6:28 PM, adamtaft <[email protected]> wrote:Hi,I'm not really a contributor to the JSecurity project yet (though Ihope tobe in the future). However, this thread has caught my attention, andso I thought I'd give a couple of thoughts. I have an interest, call it a hobby, in name related issues for softwareprojects, open source included. So, though I don't speak from anyofficialbackground (I guess beyond a little professional), I would like topoint out a few things about the name Alcatraz.First, as I believe has been mentioned, the term Alcatraz has been associated with other software products already. So, this is bad newswithregards to trademark related issues. Just because its a geographiclocationdoesn't mean that it can't be trademarked. Thus, likely these other software products are going to have problems with any related use ofthe term Alcatraz.Second, the connotation for JSecurity implies that the product is usedto keep people out of the protected system. This is what the term "security"implies, right? Alcatraz is a prison. It was NOT meant to keep peopleout,it was meant to keep people in. The use is only quasi-related, andevenconfusing, for a product with your feature set. Alcatraz softwarewould be a better name for a product which keeps workstation/network usersconstrained in their internet use, like a firewall, or a web proxy, forexample. Or a child internet monitoring product. Don't underestimate the importance of this point. The name of a softwareshould ideally be somewhat self describing, especially when startingout.Until the name becomes a core brand, having a self describing name canmake a big difference.Third, I don't think you can underestimate how important it is thatpeoplecan search the name of your product and find it through Google (and friends). Clearly the term Alcatraz has a huge number of unrelatedhits,and you would clearly be lost any search engine placement with thename.Much better to have a name for your software that is the only known reference so that people can easily find you after having hear thename.This is why so many companies go crazy and conjure completely strangeand nonsensical product names.Fourth, Alcatraz is a relatively difficult name to spell, which againbecomes problematic for the above search recognition reasons. Alkitraz?Some people simply won't know how to spell it immediately (though thisis a minor point, admittedly).Fifth, it seems like you're making preparations for something that youdon't even know to be a problem. Yes, the Apache legal team should be consulted.However, it seems like jumping the gun to just start changing packagenames with anticipation of a name change. You would be crazy to start renamingpackages based on some unknown possibility that it has to happen in thefuture. What value does this add to the software?Following the sigma-six and/or extreme programming world view, youshouldn'tbe making any change to your software until the change is actuallyrequiredand value is added. Do you have a pending lawsuit? Has the Apachecouncilsuggested the change? Are you being blocked by the incubation process?Whyeven consider a change until it needs to be done. Energy could bebetter spent on other matters.Yes, it's a trivial thing to refactor a project from Eclipse. But,that'sonly a very small part of the bigger issue. Disruption, confusion,support,search engine optimization, etc. are what needs to be thought aboutwhen changing the name.Further, what if you decide to change the name to Alcatraz, and thengetpressure from another software group? Ouch, time to rename the projectyet again.I think you all are better just letting this thing ride until somethingrealconvicting suggests you need a change. JSecurity is a great productnamewhich you should stick with until otherwise needed. And, if that daycomes,Alcatraz is just simply the wrong name, in my humble opinion, for allthe reasons mentioned above. Thanks, Adam Emmanuel Lecharny wrote:Alan D. Cabrera wrote:On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:Alan D. Cabrera wrote:On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny <[email protected]> wrote:Post to [email protected], ask them, but give them the names wehave googled too.I think this needs to be vetted, so I'm happy to post to legal-discuss. But, I can't easily find the thread with the googlednames. Could you please forward them on so I can post them to thelegal team?Let me suggest this. It seems to me that that alcatraz is theclearfavorite, after jsecurity. Let's start setting up the 1.0 packages to be alcatraz and when/if we get the go-ahead from legal and theIncubator PMC we can change the packages to be jsecurity.Well, I think then it's better to stick with JSecurity (because it's already the name we use), ask to Legal, and move to alcatraz ifneeded (or any other name).So the first step, IMHO, is to ask Legal about the Jsecurity name (with all the infos we have already found about it), and also ask them in the same mail if Alcatraz is ok or not (same here : add some more infos related to this name, assuming that being a geographicallocation, it should not be such a problem).Legal is not a clearing house for project names. They can only give advice if there's a potential conflict, i.e. JSecurity. So far as Ican tell, there is none for alcatraz.What I'm worried about is that the vetting effort for the JSecurity name will have the same track record as the v0.9 release. If westartwith alcatraz then we have one less thing impeding our incubationprocess.Let's start with Alcratraz then, and we have quit some time to do some vetting before 1.0 (hopefully when the project exits from incubator).So my +1 for alcatraz and +1 for doing the renaming now. -- -- cordialement, regards, Emmanuel Lécharny www.iktek.com directory.apache.org-- View this message in context:http://n2.nabble.com/JSecurity%27s-new-name- tp1569003p1601248.html Sent from the JSecurity Developer mailing list archive at Nabble.com.---------------------------------------------------------------------DISCLAIMER: Discussions on this list are informational and educationalonly. Statements made on this list are not privileged, do not constitute legal advice, and do not necessarily reflect the opinions and policies of the ASF. See <http://www.apache.org/licenses/> for official ASF policies and documents. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]Craig L Russell Architect, Sun Java Enterprise System http://db.apache.org/jdo 408 276-5638 mailto:[email protected] P.S. A good JDO? O, Gasp! --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Craig L Russell Architect, Sun Java Enterprise System http://db.apache.org/jdo 408 276-5638 mailto:[email protected] P.S. A good JDO? O, Gasp!
