Re: OpenID 2.0 finalization progress
Completely agreed with Johannes. We are very close with the IPR policy/process being in place and assuming all the contributors agree to it, 2.0 can be declared final within 30 days of October 30th as that is the end of the public review period for the policy. 2.0 is really important and has a wide range of contributors, we've all put a lot of effort into this, lets make sure we do this right. There is nothing stopping people from releasing 2.0 libraries written to Draft 12 (as is already happening) nor from people implementing, using, and shipping 2.0 code and services. From a technical perspective, no issues have been raised so it is fair to assume that there will not be changes between Draft 12 and Final. To Kevin's question, the IPR policy does not require a patent search, which as he points out could be a lengthy process. Rather it requires that all contributors to the specification make a non- assertion statement to ensure that the spec truly is free and not encumbered by any patents. I spoke with Brad Fitzpatrick (cc'd) tonight about this and he too agrees that 2.0 should not be declared final until it has gone through the IPR review cycle to fully ensure that it is clear from any IPR encumbrances in regards to the contributors. If you didn't see the earlier message about the IPR policy/process review (http://openid.net/pipermail/legal/2007-September/ 32.html), I strongly recommend you read it so that the policy can be adopted in the most expeditious fashion. If nothing else, the rationale document is worth reading. http://openid.net/ipr/ OpenID_IPR_Rationale-Circulation_Draft_20070925.pdf If we wanted to move forward at an even faster rate, if all the contributors executed the non-assertion statement within the policy at (http://openid.net/ipr/OpenID_IPR_Policy- Circulation_Draft_20070925.pdf - section VI.1) on Draft 12, we would then be able to declare it as 2.0 Final and have these same protections. Sun, VeriSign, and JanRain already made similar statements for the previous final specifications. Is there anything stopping contributors to 2.0 doing this with the statement in the proposed policy? This really is one possibility to let us have our cake and eat it too (ensure IP is clean on Draft 12 by having all of its contributors execute the non-assert on it as fast as we can and then re-label it to Final assuming every contributor executes the non- assert). --David On Oct 19, 2007, at 4:12 PM, Johannes Ernst wrote: > Some years ago, if I recall correctly, Rambus participated in an open > industry process (or so the other participants thought) to define > certain memory communications protocols, and after they had produced > a spec, Rambus said "but we have some patents". This lead to at least > one lawsuit I believe. > > I have heard wildly diverging assessments on whether or not this > could happen here. The way to move forward is to put the IPR policy > in place prior to declaring any new specs final; fortunately we are > very close on the IPR policy. > > I strongly suggest that whoever feels the urgency to get a 2.0 spec > declared final to help out driving the IPR process to a close. That's > on the critical path, and that's where all energies should be > directed. > > On Oct 19, 2007, at 12:23, Kevin Turner wrote: > >> On Fri, 2007-10-19 at 10:02 -0700, Paul C. Bryan wrote: >>> On Thu, 2007-10-18 at 19:13 -0700, Dick Hardt wrote: >>> I don't see why the two processes need to be any more dependant on each other then they are already. >>> >>> With all due respect, why take the risk that there are intellectual >>> property issues after the specification is finalized? >> >> I'll let my ignorance show here: How will any potential IPR issues >> affect the final specification? I recognize that many parties >> require >> the IPR documentation before moving forward with their adoption of >> OpenID. However, there are many parties who do _not_ feel that need, >> and I do not understand what the downside is to calling the >> specification final now. Are we waiting on the results of a patent >> search which might necessitate re-working parts of the protocol? >> What >> exactly are the consequences, worst case, in calling the >> specification >> "final" before the IPR is sealed? >> >> >> >> ___ >> specs mailing list >> specs@openid.net >> http://openid.net/mailman/listinfo/specs > > ___ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs > ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
RE: OpenID 2.0 finalization progress
I've already suggested that to the OAuth community and they are heartily taking up that suggestion... > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Pat Patterson > Sent: Friday, October 19, 2007 4:36 PM > To: Johannes Ernst > Cc: specs@openid.net > Subject: Re: OpenID 2.0 finalization progress > > +1 FWIW > > Interested parties, feel free to use the Sun OpenID NAC as a model - > http://www.sun.com/software/standards/persistent/openid/nac.xml > > Cheers, > > Pat > > On Oct 19, 2007, at 4:12 PM, Johannes Ernst wrote: > > > Some years ago, if I recall correctly, Rambus participated in an open > > industry process (or so the other participants thought) to define > > certain memory communications protocols, and after they had produced > > a spec, Rambus said "but we have some patents". This lead to at least > > one lawsuit I believe. > > > > I have heard wildly diverging assessments on whether or not this > > could happen here. The way to move forward is to put the IPR policy > > in place prior to declaring any new specs final; fortunately we are > > very close on the IPR policy. > > > > I strongly suggest that whoever feels the urgency to get a 2.0 spec > > declared final to help out driving the IPR process to a close. That's > > on the critical path, and that's where all energies should be > > directed. > > > > On Oct 19, 2007, at 12:23, Kevin Turner wrote: > > > >> On Fri, 2007-10-19 at 10:02 -0700, Paul C. Bryan wrote: > >>> On Thu, 2007-10-18 at 19:13 -0700, Dick Hardt wrote: > >>> > I don't see why the two processes need to be any more dependant on > each other then they are already. > >>> > >>> With all due respect, why take the risk that there are intellectual > >>> property issues after the specification is finalized? > >> > >> I'll let my ignorance show here: How will any potential IPR issues > >> affect the final specification? I recognize that many parties > >> require > >> the IPR documentation before moving forward with their adoption of > >> OpenID. However, there are many parties who do _not_ feel that need, > >> and I do not understand what the downside is to calling the > >> specification final now. Are we waiting on the results of a patent > >> search which might necessitate re-working parts of the protocol? > >> What > >> exactly are the consequences, worst case, in calling the > >> specification > >> "final" before the IPR is sealed? > >> > >> > >> > >> ___ > >> specs mailing list > >> specs@openid.net > >> http://openid.net/mailman/listinfo/specs > > > > ___ > > specs mailing list > > specs@openid.net > > http://openid.net/mailman/listinfo/specs > > - - - - - > Pat Patterson > Federation Architect, Sun Microsystems, Inc. > [EMAIL PROTECTED] - http://blogs.sun.com/superpat > - - - - - > Join OpenSSO today! http://opensso.dev.java.net/ > - - - - - > > > > > ___ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
Re: OpenID 2.0 finalization progress
+1 FWIW Interested parties, feel free to use the Sun OpenID NAC as a model - http://www.sun.com/software/standards/persistent/openid/nac.xml Cheers, Pat On Oct 19, 2007, at 4:12 PM, Johannes Ernst wrote: > Some years ago, if I recall correctly, Rambus participated in an open > industry process (or so the other participants thought) to define > certain memory communications protocols, and after they had produced > a spec, Rambus said "but we have some patents". This lead to at least > one lawsuit I believe. > > I have heard wildly diverging assessments on whether or not this > could happen here. The way to move forward is to put the IPR policy > in place prior to declaring any new specs final; fortunately we are > very close on the IPR policy. > > I strongly suggest that whoever feels the urgency to get a 2.0 spec > declared final to help out driving the IPR process to a close. That's > on the critical path, and that's where all energies should be > directed. > > On Oct 19, 2007, at 12:23, Kevin Turner wrote: > >> On Fri, 2007-10-19 at 10:02 -0700, Paul C. Bryan wrote: >>> On Thu, 2007-10-18 at 19:13 -0700, Dick Hardt wrote: >>> I don't see why the two processes need to be any more dependant on each other then they are already. >>> >>> With all due respect, why take the risk that there are intellectual >>> property issues after the specification is finalized? >> >> I'll let my ignorance show here: How will any potential IPR issues >> affect the final specification? I recognize that many parties >> require >> the IPR documentation before moving forward with their adoption of >> OpenID. However, there are many parties who do _not_ feel that need, >> and I do not understand what the downside is to calling the >> specification final now. Are we waiting on the results of a patent >> search which might necessitate re-working parts of the protocol? >> What >> exactly are the consequences, worst case, in calling the >> specification >> "final" before the IPR is sealed? >> >> >> >> ___ >> specs mailing list >> specs@openid.net >> http://openid.net/mailman/listinfo/specs > > ___ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs - - - - - Pat Patterson Federation Architect, Sun Microsystems, Inc. [EMAIL PROTECTED] - http://blogs.sun.com/superpat - - - - - Join OpenSSO today! http://opensso.dev.java.net/ - - - - - ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
Re: OpenID 2.0 finalization progress
Some years ago, if I recall correctly, Rambus participated in an open industry process (or so the other participants thought) to define certain memory communications protocols, and after they had produced a spec, Rambus said "but we have some patents". This lead to at least one lawsuit I believe. I have heard wildly diverging assessments on whether or not this could happen here. The way to move forward is to put the IPR policy in place prior to declaring any new specs final; fortunately we are very close on the IPR policy. I strongly suggest that whoever feels the urgency to get a 2.0 spec declared final to help out driving the IPR process to a close. That's on the critical path, and that's where all energies should be directed. On Oct 19, 2007, at 12:23, Kevin Turner wrote: > On Fri, 2007-10-19 at 10:02 -0700, Paul C. Bryan wrote: >> On Thu, 2007-10-18 at 19:13 -0700, Dick Hardt wrote: >> >>> I don't see why the two processes need to be any more dependant on >>> each other then they are already. >> >> With all due respect, why take the risk that there are intellectual >> property issues after the specification is finalized? > > I'll let my ignorance show here: How will any potential IPR issues > affect the final specification? I recognize that many parties require > the IPR documentation before moving forward with their adoption of > OpenID. However, there are many parties who do _not_ feel that need, > and I do not understand what the downside is to calling the > specification final now. Are we waiting on the results of a patent > search which might necessitate re-working parts of the protocol? What > exactly are the consequences, worst case, in calling the specification > "final" before the IPR is sealed? > > > > ___ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
Re: OpenID 2.0 finalization progress
On Fri, 2007-10-19 at 10:02 -0700, Paul C. Bryan wrote: > On Thu, 2007-10-18 at 19:13 -0700, Dick Hardt wrote: > > > I don't see why the two processes need to be any more dependant on > > each other then they are already. > > With all due respect, why take the risk that there are intellectual > property issues after the specification is finalized? I'll let my ignorance show here: How will any potential IPR issues affect the final specification? I recognize that many parties require the IPR documentation before moving forward with their adoption of OpenID. However, there are many parties who do _not_ feel that need, and I do not understand what the downside is to calling the specification final now. Are we waiting on the results of a patent search which might necessitate re-working parts of the protocol? What exactly are the consequences, worst case, in calling the specification "final" before the IPR is sealed? ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
RE: OpenID 2.0 finalization progress
That's a chicken/egg situation and you have to just pick a place to start. Declaring the spec final is much more practical than running after IP declarations. I also don't think OpenID 2.0 adds any significant new IP issues over OpenID 1.0 (not that I think there are issues with OpenID 1.0). EHL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul C. Bryan Sent: Friday, October 19, 2007 1:02 PM To: Dick Hardt Cc: OpenID specs list Subject: Re: OpenID 2.0 finalization progress On Thu, 2007-10-18 at 19:13 -0700, Dick Hardt wrote: > I don't see why the two processes need to be any more dependant on > each other then they are already. With all due respect, why take the risk that there are intellectual property issues after the specification is finalized? To use a nautical analogy, wouldn't it be most prudent to ensure the deck is clear before setting sail? Paul ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
Re: OpenID 2.0 finalization progress
On Thu, 2007-10-18 at 19:13 -0700, Dick Hardt wrote: > I don't see why the two processes need to be any more dependant on > each other then they are already. With all due respect, why take the risk that there are intellectual property issues after the specification is finalized? To use a nautical analogy, wouldn't it be most prudent to ensure the deck is clear before setting sail? Paul ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs