To close re Tony’s comment,
I’ve now been able to confirm with our legal department that my
understanding matches RSA Security’s assessment: that RSA Security holds
the overall copyright on the as-submitted document and that the OASIS policy
requirements regarding named contributors have been satisfied.
--jl
From: Linn, John
[mailto:jlinn@rsasecurity.com]
Sent: Monday, October 31, 2005
3:51 PM
To: Anthony Nadalin;
Cc: wss@lists.oasis-open.org
Subject: RE: [wss] Groups -
rsa-otps-otp-wss-token-v1-0.pdf (rsa-otps-otp-wss-token-v1-0.pdf) uploaded
We’ve received and reflected
comments from others (see Appendix A), but I believe RSA Security holds the
overall copyright on the document and that we’ve satisfied the OASIS
policy requirements regarding named contributors. I’ve forwarded
Tony’s specific query to our legal team, and will update once I’ve
been able to consult with them. In parallel, does anyone have comments to
offer about technical aspects of the document and its suitability as an OTP
profile for WSS?
--jl
From: Anthony Nadalin
[mailto:drsecure@us.ibm.com]
Sent: Friday, October 28, 2005
1:44 PM
To:
Cc:
Subject: RE: [wss] Groups -
rsa-otps-otp-wss-token-v1-0.pdf (rsa-otps-otp-wss-token-v1-0.pdf) uploaded
You misinterpreted me, as when I asked RSA about IPR on
the spec, the response I got back was that there may have been other feedback
into your spec and you were checking on that, thus I would have expected more
names on the copyright..
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
"
|
" 10/28/2005 07:34 AM |
|
Why does this have a
RSA copyright notice ?
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
Probably
for the same reason that the original WS-Security spec, WS-Security Addendum, etc.
submitted to WSS had IBM, Microsoft, et al copyrights. For the same reason that
the specs being submitted to WS-SX have copyrights.
The doc
was written by RSA. It simply is reporting the copyrights that currently apply
as is required by OASIS IPR policy (see section 5.1).
The
document also states that it is being contributed according to the requirements
in the OSAIS IPR policy section 5.2 which grants a copyright license to OASIS.
So I
think the real question should be “why DOESN’T the VeriSign submission
contain a copyright notice and a statement regarding the grant of copyright
license”?
5.2
Copyright Licenses
1. To the
extent that a Contributor holds a copyright interest in its Contribution, such
Contributor grants to OASIS a perpetual, irrevocable, non-exclusive,
royalty-free, worldwide copyright license, with the right to directly and
indirectly sublicense, to copy, publish, and distribute the Contribution in any
way, and to prepare derivative works that are based on or incorporate all or
part of the Contribution solely for the purpose of developing and promoting the
OASIS Committee Specification or OASIS Standard and enabling (subject to the
rights of the owners of any Essential Claims) the implementation of the same by
Licensees.
2. To the extent
that a Contribution is subject to copyright by parties that are not
Contributors, the submitter(s) must provide OASIS with a signed "Copyright
License Grant" (Appendix B) from each such copyright owner whose
permission would be required to permit OASIS to exercise the rights described
in Appendix B.