Re: [VOTE] Change JSecurity's Name

[Tim Veil]

On Jan 11, 2009, at 5:53 PM, Alan D. Cabrera wrote:

On Jan 11, 2009, at 10:52 AM, Tim Veil wrote:

I guess my take is that

JSecurity has been in the name of this project for nearly 4 years without compliant

Sorry, I'm not following. Unless Juniper has held the name for three years or less, how is that relevant?

I guess I'm suggesting that JSecurity has been out in the wild for 4 years. At no time during this period has Juniper been concerned about name collision enough to contact anyone on the project. That suggests to me they will be unlikely to do so in the future. I have no idea how long they have been using their name.

JSecurity has name recognition and a following

Sorry, I don't understand if this is pertinent other than it being motivation for keeping the name. I also am motivated to keep the name but I don't see how we can get past the issues below.

The project of concern, "J-Security" is not a product at all but rather a " resource for security information and analysis." J-Security's parent company Juniper is in the network hardware business not the Java application business JSecurity is an open-source software project not a "product" we are looking to sell (not a competitor in any way to Juniper)

It doesn't matter if we sell a product or not. It's a name collision, albeit a potential collision. If they chose to push out a product under that name we would be in trouble; if I am wrong here someone please tell me.

I don't think you are wrong it just seems like such a remote possibility. In order for them to do this they would have to stray pretty far from their existing business. Even if they were to enter the fray and offer a similar product it seems unlikely they would choose to do so under the J-Security banner. I would imagine they would they would create a new brand for this service since they already have an unrelated presence under the name J-Security. Repackaging their J-Security center into something unrelated wouldn't make much sense.

Now, if you told me that we held our name longer than Juniper held theirs then it would be a different story. So to put it more succinctly, here are the criteria where I am happy to change my vote. Any single one would work for me.

Would you change your vote if I use the magic word?  Please?

I'm guessing that the others would change their vote as well.


Regards,
Alan

1) We held the name longer than Juniper - I'll take anyone's word on this 2) If Juniper came out with a product under their service offering we would have nothing to worry about - I will only take an informed opinion

On Jan 11, 2009, at 1:32 PM, Alan D. Cabrera wrote:

Here's my take and I'm not intransigent on this. I'll use a bit of hyperbole to make my point.

Regards,
Alan


On Jan 10, 2009, at 5:05 PM, Geir Magnusson Jr. wrote:

If some company who makes hand made woven baskets has had the name JSecurity there would be no problem. If that company decides to market a program that trains people in basket weaving written in java there would be no problem. However, other computer security companies have an earlier claim to JSecurity. If they decide the release a suite of java programs that performs security analysis then there's overlap. Why would we want to live in the grey area anyway? Am I misunderstanding something?

Agreed.

I don't really understand what problem is being solved here.

geir

On Jan 10, 2009, at 8:00 PM, Les Hazlewood wrote:

-1 to changing the name at this time.


NO trademark or patent conflicts, are dubious at best.

Cheers,

Les

I know my vote isn't binding, but I just want a record of it. At the moment, I think any potential causes of conflict, given that there are On Fri, Jan 2, 2009 at 7:06 PM, Craig L Russell <craig.russ...@sun.com > wrote:

any more...

ok, former board member. ;-)

Craig

On Jan 2, 2009, at 2:41 PM, Henri Yandell wrote:

I'm not a board member. :)


wrote:

On Fri, Jan 2, 2009 at 11:27 AM, Craig L Russell <craig.russ...@sun.com >

-1 Do not change JSecurity's name




the
name can be brought up:

1. The first release of JSecurity code from the incubator.
2. The graduation vote of JSecurity taken by the incubator PMC.

votes.

Craig


Dear JSecurity Team,


JSecurity's



a

be.

accounted for prior to the 7 day limit.


development team are binding.

[ ] +1 Change JSecurity's name
[ ] -1 Do not change JSecurity's name

On Dec 2, 2008, at 1:06 PM, Henri Yandell wrote:

We had the discussion in early December on the legal mailing list and no issues were raised contrary to Henri's comments. Henri is the only board member who commented on the JSecurity name during the discussion. We will have at least three more votes where additional issues regarding 3. The acceptance of JSecurity by the Apache board after the incubator There has been lengthy debate without consensus as to whether or name should be changed to something else. So, there is need for a vote. Please vote on changing JSecurity's name to something else. This is ONLY vote of if we should change the name, NOT what any alternate name might I'd like to leave this vote open for 7 days instead of the usual 3 to account for time that people may not be able to respond due to the holidays. Of course we can close the vote early if all binding votes are The vote is open for the next 7 days and only votes from the JSecurity

Given that it's a name you've been using for 4 years, and it's very generic [jXxx being a common pattern in our space and Security being very generic]; I'm inclined to keep the current name; though by the same reasoning, it's a weak name as "Apache JSecurity" isn't very good

branding.

My tuppence of opinion.

Hen


wrote:

On Mon, Dec 1, 2008 at 7:55 PM, Les Hazlewood <lhazlew...@apache.org >

Hi ASF legal team,


project).






not.



<snip>

to JSecurity :

http://jwicglobal.com/Knowledge.htm
<http://jwicglobal.com/Knowledge.htm>

I'm writing this email in hopes of getting your feedback concerning a discussion we've been having on the JSecurity email list (an Incubator A few of our mentors have expressed concern that there might be a possible naming conflict with our project name (JSecurity) and some other references found through google and other search mechanisms. I'd like to point out that the JSecurity name, as an open source project identity has been around for almost 4 years now, with zero contact from any external entity claiming conflict with a proprietary name or product. I know this isn't legal criteria for determining if there is a name conflict, but I surface it only to put some context of why the original JSecurity developers (and our well- established communities) think we should keep the JSecurity name. There might be older references to this name, unrelated to our project, but we don't know for certain if they would constitute a risk in the name overlap. We'd like some feedback as to if the project name should be changed or Here is what one of our mentors summarized after doing some research: Now, looking a bit forward on google, here are some other references "WIC GLOBAL has developed a comprehensive Information Security Assessment service called JSecurity. Our JSecurity experts will conduct a full information security risk assessment focusing on:" http://www.juniper.net/security/ <http://www.juniper.net/security/ > Seems like they have a service called J-Security. Be sure that Juniper has a legal service who might perfectly well send some nicely written "cease and desist" letter to the ASF about this name. Not sure

that our legals want to deal with that ...

http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx

<http://www.jegers.com/dnn/Products/JPortfolio/tabid/83/Default.aspx > Another JSecurity... Seems to be around since 2/11/2005 (at least)

http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf

<http://www.powerlogic.com.br/powerportal/ecp/files.do?evento=download&urlArqPlc=fld_jc_produc_ing_web2.pdf >

This company has a product named JSecurity. Since when ?




name, you will have to go to le...@apache.org

As much as I like the JSecurity name, I also think that we are un potential jeopardy if we don't change its name. That's the main issue we have : we can't afford any kind of legal action when we already know that there are company out there which already use this name. Anyway, I can be wrong, I'm just trying to gather as much information as possible. When you guys think you have set your mind about this <mailto:le...@apache.org> with the selected name (be it JSecurity or any other) to double check that it's ok or not (IFAIK). That is one of

the condition to exit from the incubator :
"Check of project name for trademark issues "


(http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements

<http://incubator.apache.org/incubation/Incubation_Policy.html#Minimum+Graduation+Requirements >).

</snip>

Thanks for your review and feedback!

Best,

Les


wrote:

On Mon, Dec 1, 2008 at 10:18 PM, Les Hazlewood <lhazlew...@apache.org >

Adam,


the project in other ways.  This is very valuable to us.


curious :)


others) are taking continued interest in the project.

Best regards,

Les

Thanks _very_ much for such a detailed and thoughtful opinion. I love to see people who aren't necessarily code contributors contribute to I am in total agreement with your sentiments thus far. It is my opinion that the name we have is great as it is and I'd only like to change the name if someone from legal puts pressure on us to do so. IANAL, so I'd have to trust their judgment. I'm going to post this to legal in just a few minutes asking their feedback. I'd like to hear what they say regardless of what we end up doing - I'm genuinely Thanks again very much for chiming in. Its nice to see that you (and On Mon, Dec 1, 2008 at 6:28 PM, adamtaft <a...@adamtaft.com> wrote:

Hi,


hope to

so I
thought I'd give a couple of thoughts.


software

official

point out
a few things about the name Alcatraz.


news
with

location

the
term Alcatraz.


used
to

"security"

people
out,

even

would be

for
example.  Or a child internet monitoring product.


software

out.

can
make
a big difference.


people

hits,

name.

name.

and
nonsensical product names.


Alkitraz?

this
is a
minor point, admittedly).


you
don't

consulted.

names

renaming

the
future.  What value does this add to the software?


shouldn't

required

council

process?
Why

better
spent on other matters.


that's

support,

when
changing the name.


get

project
yet
again.


something
real

name

comes,

the
reasons mentioned above.

Thanks,

Adam





Emmanuel Lecharny wrote:

I'm not really a contributor to the JSecurity project yet (though I be in the future). However, this thread has caught my attention, and I have an interest, call it a hobby, in name related issues for projects, open source included. So, though I don't speak from any background (I guess beyond a little professional), I would like to First, as I believe has been mentioned, the term Alcatraz has been associated with other software products already. So, this is bad regards to trademark related issues. Just because its a geographic doesn't mean that it can't be trademarked. Thus, likely these other software products are going to have problems with any related use of Second, the connotation for JSecurity implies that the product is keep people out of the protected system. This is what the term implies, right? Alcatraz is a prison. It was NOT meant to keep it was meant to keep people in. The use is only quasi- related, and confusing, for a product with your feature set. Alcatraz software a better name for a product which keeps workstation/ network users constrained in their internet use, like a firewall, or a web proxy, Don't underestimate the importance of this point. The name of a should ideally be somewhat self describing, especially when starting Until the name becomes a core brand, having a self describing name Third, I don't think you can underestimate how important it is that can search the name of your product and find it through Google (and friends). Clearly the term Alcatraz has a huge number of unrelated and you would clearly be lost any search engine placement with the Much better to have a name for your software that is the only known reference so that people can easily find you after having hear the This is why so many companies go crazy and conjure completely strange Fourth, Alcatraz is a relatively difficult name to spell, which again becomes problematic for the above search recognition reasons. Some people simply won't know how to spell it immediately (though Fifth, it seems like you're making preparations for something that even know to be a problem. Yes, the Apache legal team should be However, it seems like jumping the gun to just start changing package with anticipation of a name change. You would be crazy to start packages based on some unknown possibility that it has to happen in Following the sigma-six and/or extreme programming world view, you be making any change to your software until the change is actually and value is added. Do you have a pending lawsuit? Has the Apache suggested the change? Are you being blocked by the incubation even consider a change until it needs to be done. Energy could be Yes, it's a trivial thing to refactor a project from Eclipse. But, only a very small part of the bigger issue. Disruption, confusion, search engine optimization, etc. are what needs to be thought about Further, what if you decide to change the name to Alcatraz, and then pressure from another software group? Ouch, time to rename the I think you all are better just letting this thing ride until convicting suggests you need a change. JSecurity is a great product which you should stick with until otherwise needed. And, if that day Alcatraz is just simply the wrong name, in my humble opinion, for all

Alan D. Cabrera wrote:

On Nov 30, 2008, at 2:32 PM, Emmanuel Lecharny wrote:

Alan D. Cabrera wrote:

On Nov 26, 2008, at 9:51 AM, Les Hazlewood wrote:

On Tue, Nov 25, 2008 at 6:01 PM, Emmanuel Lecharny
<elecha...@gmail.com> wrote:

Post to legal-disc...@a.o, ask them, but give them the names we

have googled
too.

googled

the
legal team?

I think this needs to be vetted, so I'm happy to post to legal-discuss. But, I can't easily find the thread with the names. Could you please forward them on so I can post them to

clear

packages

Let me suggest this. It seems to me that that alcatraz is the favorite, after jsecurity. Let's start setting up the 1.0 to be alcatraz and when/if we get the go-ahead from legal and the Incubator PMC we can change the packages to be jsecurity.

it's

needed (or any other name).


some
more infos related to this name, assuming that being a
geographical
location, it should not be such a problem).

Well, I think then it's better to stick with JSecurity (because already the name we use), ask to Legal, and move to alcatraz if So the first step, IMHO, is to ask Legal about the Jsecurity name (with all the infos we have already found about it), and also ask them in the same mail if Alcatraz is ok or not (same here : add

give

I
can tell, there is none for alcatraz.


start

process.

Legal is not a clearing house for project names. They can only advice if there's a potential conflict, i.e. JSecurity. So far as What I'm worried about is that the vetting effort for the JSecurity name will have the same track record as the v0.9 release. If we with alcatraz then we have one less thing impeding our incubation

some
vetting before 1.0 (hopefully when the project exits from
incubator).

So my +1 for alcatraz and +1 for doing the renaming now.


--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org

Let's start with Alcratraz then, and we have quit some time to do

--
View this message in context:
http://n2.nabble.com/JSecurity%27s-new-name-tp1569003p1601248.html

Sent from the JSecurity Developer mailing list archive at Nabble.com.

---------------------------------------------------------------------

only.  Statements made on this list are not privileged, do not

DISCLAIMER: Discussions on this list are informational and educational constitute legal advice, and do not necessarily reflect the opinions and policies of the ASF. See <http://www.apache.org/ licenses/> for

official ASF policies and documents.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscr...@apache.org
For additional commands, e-mail: legal-discuss-h...@apache.org

Craig L Russell
Architect, Sun Java Enterprise System http://db.apache.org/jdo
408 276-5638 mailto:craig.russ...@sun.com
P.S. A good JDO? O, Gasp!


---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscr...@apache.org
For additional commands, e-mail: legal-discuss-h...@apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscr...@apache.org
For additional commands, e-mail: legal-discuss-h...@apache.org

Craig L Russell
Architect, Sun Java Enterprise System http://db.apache.org/jdo
408 276-5638 mailto:craig.russ...@sun.com
P.S. A good JDO? O, Gasp!

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscr...@apache.org
For additional commands, e-mail: legal-discuss-h...@apache.org

smime.p7s
Description: S/MIME cryptographic signature