From: David RR Webber
Sent: Tuesday, May 02, 2006 9:57
To: Philpott, Robert
Cc: Chairs OASIS; Frederick
Hirsch; John Messing; Wachob,Gabe
Subject: RE: [chairs] Patent
Thanks for clarifying all this.
It might be an idea to add a colour coded column to this table -
to indicate which ones are RF and which ones require licensing for
implementers - as right now everything is lumped together - and people may
be forgiven for thinking these being all publicly approved spec's means
they are all open and public licensing as well.
[RSP] Seems reasonable to me.
I understand the need to be able to keep everything in synch'.
I'm not sure that decoupling the IP needs from the spec' however is necessarily
turning out in practice to be the best / least confusing approach.
We could always allow adminstrative corrections to specifications directly when
IP needs change - that would cover off the points you raise. That way we
have just one place for everything - the specification download.
[RSP] we could allow administrative updates, but then folks
need to learn about the updates and those that have previously downloaded the
approved standard would have to come back to get the new one. That doesn’t
seem too practical to me, but I’m open to being convinced otherwise.
One question though - if I sign an agreement - and then subsequently the
terms change - do I have to re-sign? Seems like we probably have to have
that covered in the IP assignment clauses that OASIS asks for - so
grandfathering can occur.
[RSP] seems to me it depends on the license TERMS. It gets
pretty messy if you change the terms of the licensing. In our case, we’re
moving from an active licensing process to a defensive suspension process.
The actual terms aren’t changing as they are both Royalty Free/Reasonable
and Non-Discriminatory (RF/RAND). Just the licensing process changed (we
just made it easier – getting rid of the download/sign/return).
It would be a BAD idea to permit someone to change their
licensing terms and (I don’t recall this off the top of my head), but
that may already be disallowed by OASIS.
-------- Original Message --------
Subject: RE: [chairs] Patent license friction...
From: "Philpott, Robert" <firstname.lastname@example.org>
Date: Tue, May 02, 2006 9:40 am
To: "David RR Webber (XML)" <email@example.com>,
Cc: "Chairs OASIS" <firstname.lastname@example.org>,
<email@example.com>, "John Messing"
From: David RR Webber (XML) [mailto:firstname.lastname@example.org]
Sent: Monday, May 01, 2006 9:19 PM
Cc: Chairs OASIS; Frederick
Hirsch; John Messing
Subject: RE: [chairs] Patent
As a TC chair I've
not had to cover IP on a spec' so I'm a little surprised to find that this
is not more formally addressed in the OASIS specifications requirements.
I would expect
something akin to:
a) All licensing
requirements clearly stipulated as part of the body of the specifications in a
specific document section (beyond just the normal OASIS license blurb).
[RSP] As IP issues can arise at
any time, including after the spec has been approved, I feel that putting such
info in the spec is not a good idea since it could end up being incomplete
unless you rev the spec. The current document template refers people to
the IPR page on the TC web site and, IMO, that should remain the authoritative,
single place to go look for IP claims and the required licensing for those
claims. If the web site is not clear, especially on the licensing process, TC
administration should address it with the IP claimants and get it
corrected. But I personally don’t want to see this stuff going in
b) Addendum entry
that references points of contacts for members that are asserting license
[RSP] As I said, IMO, the web
site is sufficient.
c) Reference to a
ZIP file stored in the TC documents area that contains a copy of each
actionable license from each such member.
[RSP] This MIGHT be a reasonable
thing to do, but since companies sometimes change their contract and licensing
forms or update license wording, they might not want to do this, and it runs
the risk of becoming incomplete as well. Also, since some IP might be
asserted by companies that are not OASIS members, you’d not likely get
them to provide such a file to include in the ZIP file.
I don’t believe the web
site says this, but if other non-member IP claims are known, there probably
SHOULD be a place on the TC IPR page to at least mention that and hopefully
list who they are. I’ll also point out that the IPR pages could be
organized a bit better. Just putting some links at the top to each of the
individual declarations would be helpful. As it is now, it’s just a set
of letters appended to each other and you have to just scroll through them.
We could then go
one step further and note that members who waive the right to include such
entries a) thru c) - are therefore providing a RF license for any relevant IP
they may adjudge to be applicable either currently or subsequently later.
If this is not the
case - I would suggest we ask the BOD to review this urgently and create policy
- before we get more IP related specifications out there that are not clearly
[RSP] I certainly don’t
feel that it’s not clear who has made IP claims on SAML (they’re
all on the web page at http://www.oasis-open.org/committees/security/ipr.php);
the TC process is quite clear about soliciting claim info from members and
getting those declarations posted. However, the licensing process in the
Fidelity statement IS currently ambiguous. This was actually pointed out to
them recently and we’ve been working with them to get that fixed
(it’s almost done). The licensing process for the AOL and RSA
claims however are quite clear. AOL uses a defensive suspension provision
(i.e. you don’t have to do anything to get an RF/RAND license, but if you
bring any IP claims against them, you lose that license). The current RSA
process states that implementers MUST download/sign/return a license from the
RSA web site (link is provided). Note that this will be changing very
shortly as we have submitted a new letter to OASIS in the past few days that
changes our process to a defensive suspension provision, ala the AOL
IMO, if there are TC’s
with encumbered specs that don’t have clear info on their TC IPR page for
users of the specs, then that is a problem that TC administration should
address with the TC. I don’t think we need additional, multiple
places to put the info where the possibility arises for one (i.e. the specs, a
ZIP file) to become out-of-date.
It’s always a technology
adopter’s responsibility to find out whether they are using someone
else’s IP, and if so, properly licensing that IP. The current OASIS
process is clear on how to locate that info. OASIS can and should make sure
that the info is clear on the licensing process for each claim, but
that’s a relatively minor admin issue IMO. Once the claims and licensing
process are declared,it’s the responsibility of the IP holder to monitor
industry use of their IP and ensure that users are licensed. Otherwise, I
believe they run the risk of losing their rights to the IP because they
didn’t attempt to defend their claims – obviously IANAL so take
this with a grain of salt J)