Whoops, sent that unfinished... My last thought is that in my mind the
differences between the two projects are significant enough not to
warrant a change now.
It seems so unlikely that Juniper is going to want to compete in this
space, it just doesn't seem like a grey area to me.
Thanks,
Tim
On Jan 11, 2009, at 1:52 PM, Tim Veil wrote:
I guess my take is that
JSecurity has been in the name of this project for nearly 4 years
without compliant
JSecurity has name recognition and a following
The project of concern, "J-Security" is not a product at all but
rather a " resource for security information and analysis."
J-Security's parent company Juniper is in the network hardware
business not the Java application business
JSecurity is an open-source software project not a "product" we are
looking to sell (not a competitor in any way to Juniper)
On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:
Here's my take and I'm not intransigent on this. I'll use a bit of
hyperbole to make my point.
If some company who makes hand made woven baskets has had the name
JSecurity there would be no problem. If that company decides to
market a program that trains people in basket weaving written in
java there would be no problem.
However, other computer security companies have an earlier claim to
JSecurity. If they decide the release a suite of java programs
that performs security analysis then there's overlap.
Why would we want to live in the grey area anyway? Am I
misunderstanding something?
Regards,
Alan
On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:
Agreed.
I don't really understand what problem is being solved here.
geir
On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:
-1 to changing the name at this time.
I know my vote isn't binding, but I just want a record of it. At
the
moment, I think any potential causes of conflict, given that
there are
NO trademark or patent conflicts, are dubious at best.
Cheers,
Les
On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <[email protected]
> wrote:
any more...
ok, former board member. ;-)
Craig
On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:
I'm not a board member. :)
On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <[email protected]
>
wrote:
-1 Do not change JSecurity's name
We had the discussion in early December on the legal mailing
list and no
issues were raised contrary to Henri's comments. Henri is the
only board
member who commented on the JSecurity name during the
discussion.
We will have at least three more votes where additional issues
regarding
the
name can be brought up:
1. The first release of JSecurity code from the incubator.
2. The graduation vote of JSecurity taken by the incubator PMC.
3. The acceptance of JSecurity by the Apache board after the
incubator
votes.
Craig
Dear JSecurity Team,
There has been lengthy debate without consensus as to whether or
JSecurity's
name should be changed to something else. So, there is need
for a vote.
Please vote on changing JSecurity's name to something else.
This is ONLY
a
vote of if we should change the name, NOT what any alternate
name might
be.
I'd like to leave this vote open for 7 days instead of the
usual 3 to
account for time that people may not be able to respond due to
the
holidays. Of course we can close the vote early if all
binding votes are
accounted for prior to the 7 day limit.
The vote is open for the next 7 days and only votes from the
JSecurity
development team are binding.
[ ] +1 Change JSecurity's name
[ ] -1 Do not change JSecurity's name
On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:
Given that it's a name you've been using for 4 years, and
it's very
generic [jXxx being a common pattern in our space and
Security being
very generic]; I'm inclined to keep the current name; though
by the
same reasoning, it's a weak name as "Apache JSecurity" isn't
very good
branding.
My tuppence of opinion.
Hen
On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <[email protected]
>
wrote:
Hi ASF legal team,
I'm writing this email in hopes of getting your feedback
concerning a
discussion we've been having on the JSecurity email list (an
Incubator
project).
A few of our mentors have expressed concern that there might
be a
possible naming conflict with our project name (JSecurity)
and some
other references found through google and other search
mechanisms.
I'd like to point out that the JSecurity name, as an open
source
project identity has been around for almost 4 years now,
with zero
contact from any external entity claiming conflict with a
proprietary
name or product. I know this isn't legal criteria for
determining if
there is a name conflict, but I surface it only to put some
context of
why the original JSecurity developers (and our well-
established
communities) think we should keep the JSecurity name. There
might be
older references to this name, unrelated to our project, but
we don't
know for certain if they would constitute a risk in the name
overlap.
We'd like some feedback as to if the project name should be
changed or
not.
Here is what one of our mentors summarized after doing some
research:
<snip>
Now, looking a bit forward on google, here are some other
references
to JSecurity :
http://jwicglobal.com/Knowledge.htm
<http://jwicglobal.com/Knowledge.htm>
"WIC GLOBAL has developed a comprehensive Information Security
Assessment service called JSecurity. Our JSecurity experts
will
conduct a full information security risk assessment focusing
on:"
http://www.juniper.net/security/ <http://www.juniper.net/security/
>
Seems like they have a service called J-Security. Be sure
that
Juniper has a legal service who might perfectly well send
some nicely
written "cease and desist" letter to the ASF about this
name. Not sure
that our legals want to deal with that ...
http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
<http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx
>
Another JSecurity... Seems to be around since 2/11/2005 (at
least)
http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
<http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf
>
This company has a product named JSecurity. Since when ?
As much as I like the JSecurity name, I also think that we
are un
potential jeopardy if we don't change its name. That's the
main issue
we have : we can't afford any kind of legal action when we
already
know that there are company out there which already use this
name.
Anyway, I can be wrong, I'm just trying to gather as much
information
as possible. When you guys think you have set your mind
about this
name, you will have to go to [email protected]
<mailto:[email protected]> with the selected name (be it
JSecurity or
any other) to double check that it's ok or not (IFAIK). That
is one of
the condition to exit from the incubator :
"Check of project name for trademark issues "
(http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
<http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements
>).
</snip>
Thanks for your review and feedback!
Best,
Les
On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <[email protected]
>
wrote:
Adam,
Thanks _very_ much for such a detailed and thoughtful
opinion. I love
to see people who aren't necessarily code contributors
contribute to
the project in other ways. This is very valuable to us.
I am in total agreement with your sentiments thus far. It
is my
opinion that the name we have is great as it is and I'd
only like to
change the name if someone from legal puts pressure on us
to do so.
IANAL, so I'd have to trust their judgment. I'm going to
post this to
legal in just a few minutes asking their feedback. I'd
like to hear
what they say regardless of what we end up doing - I'm
genuinely
curious :)
Thanks again very much for chiming in. Its nice to see
that you (and
others) are taking continued interest in the project.
Best regards,
Les
On Mon, Dec 1, 2008 at 6:28 PM, adamtaft
<[email protected]> wrote:
Hi,
I'm not really a contributor to the JSecurity project yet
(though I
hope to
be in the future). However, this thread has caught my
attention, and
so I
thought I'd give a couple of thoughts.
I have an interest, call it a hobby, in name related
issues for
software
projects, open source included. So, though I don't speak
from any
official
background (I guess beyond a little professional), I would
like to
point out
a few things about the name Alcatraz.
First, as I believe has been mentioned, the term Alcatraz
has been
associated with other software products already. So, this
is bad
news
with
regards to trademark related issues. Just because its a
geographic
location
doesn't mean that it can't be trademarked. Thus, likely
these other
software products are going to have problems with any
related use of
the
term Alcatraz.
Second, the connotation for JSecurity implies that the
product is
used
to
keep people out of the protected system. This is what the
term
"security"
implies, right? Alcatraz is a prison. It was NOT meant
to keep
people
out,
it was meant to keep people in. The use is only quasi-
related, and
even
confusing, for a product with your feature set. Alcatraz
software
would be
a better name for a product which keeps workstation/
network users
constrained in their internet use, like a firewall, or a
web proxy,
for
example. Or a child internet monitoring product.
Don't underestimate the importance of this point. The
name of a
software
should ideally be somewhat self describing, especially
when starting
out.
Until the name becomes a core brand, having a self
describing name
can
make
a big difference.
Third, I don't think you can underestimate how important
it is that
people
can search the name of your product and find it through
Google (and
friends). Clearly the term Alcatraz has a huge number of
unrelated
hits,
and you would clearly be lost any search engine placement
with the
name.
Much better to have a name for your software that is the
only known
reference so that people can easily find you after having
hear the
name.
This is why so many companies go crazy and conjure
completely strange
and
nonsensical product names.
Fourth, Alcatraz is a relatively difficult name to spell,
which again
becomes problematic for the above search recognition
reasons.
Alkitraz?
Some people simply won't know how to spell it immediately
(though
this
is a
minor point, admittedly).
Fifth, it seems like you're making preparations for
something that
you
don't
even know to be a problem. Yes, the Apache legal team
should be
consulted.
However, it seems like jumping the gun to just start
changing package
names
with anticipation of a name change. You would be crazy to
start
renaming
packages based on some unknown possibility that it has to
happen in
the
future. What value does this add to the software?
Following the sigma-six and/or extreme programming world
view, you
shouldn't
be making any change to your software until the change is
actually
required
and value is added. Do you have a pending lawsuit? Has
the Apache
council
suggested the change? Are you being blocked by the
incubation
process?
Why
even consider a change until it needs to be done. Energy
could be
better
spent on other matters.
Yes, it's a trivial thing to refactor a project from
Eclipse. But,
that's
only a very small part of the bigger issue. Disruption,
confusion,
support,
search engine optimization, etc. are what needs to be
thought about
when
changing the name.
Further, what if you decide to change the name to
Alcatraz, and then
get
pressure from another software group? Ouch, time to
rename the
project
yet
again.
I think you all are better just letting this thing ride
until
something
real
convicting suggests you need a change. JSecurity is a
great product
name
which you should stick with until otherwise needed. And,
if that day
comes,
Alcatraz is just simply the wrong name, in my humble
opinion, for all
the
reasons mentioned above.
Thanks,
Adam
Emmanuel Lecharny wrote:
Alan D. Cabrera wrote:
On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:
Alan D. Cabrera wrote:
On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:
On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
<[email protected]> wrote:
Post to [email protected], ask them, but give them
the names we
have googled
too.
I think this needs to be vetted, so I'm happy to post
to
legal-discuss. But, I can't easily find the thread
with the
googled
names. Could you please forward them on so I can
post them to
the
legal team?
Let me suggest this. It seems to me that that
alcatraz is the
clear
favorite, after jsecurity. Let's start setting up the
1.0
packages
to be alcatraz and when/if we get the go-ahead from
legal and the
Incubator PMC we can change the packages to be
jsecurity.
Well, I think then it's better to stick with JSecurity
(because
it's
already the name we use), ask to Legal, and move to
alcatraz if
needed (or any other name).
So the first step, IMHO, is to ask Legal about the
Jsecurity name
(with all the infos we have already found about it),
and also ask
them in the same mail if Alcatraz is ok or not (same
here : add
some
more infos related to this name, assuming that being a
geographical
location, it should not be such a problem).
Legal is not a clearing house for project names. They
can only
give
advice if there's a potential conflict, i.e. JSecurity.
So far as
I
can tell, there is none for alcatraz.
What I'm worried about is that the vetting effort for
the JSecurity
name will have the same track record as the v0.9
release. If we
start
with alcatraz then we have one less thing impeding our
incubation
process.
Let's start with Alcratraz then, and we have quit some
time to do
some
vetting before 1.0 (hopefully when the project exits from
incubator).
So my +1 for alcatraz and +1 for doing the renaming now.
--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
--
View this message in context:
http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html
Sent from the JSecurity Developer mailing list archive at
Nabble.com.
---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and
educational
only. Statements made on this list are not privileged, do not
constitute legal advice, and do not necessarily reflect the
opinions
and policies of the ASF. See <http://www.apache.org/licenses/
> for
official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Craig L Russell
Architect, Sun Java Enterprise System http://db.apache.org/jdo
408 276-5638 mailto:[email protected]
P.S. A good JDO? O, Gasp!
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Craig L Russell
Architect, Sun Java Enterprise System http://db.apache.org/jdo
408 276-5638 mailto:[email protected]
P.S. A good JDO? O, Gasp!
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
