Jbilling: Possible unauthorised use of OSI Certified service mark

> Dear OSI Board members:
>
> Please see http://www.jbilling.com/?q=node/7&pl=pr
> Note OSI Certified logo.
>
> The company in question, Sapienter Billing Software Corporation, is yet
> another Web 2.0 company using MPL 1.1 + an "Exhibit B" badgeware
> addendum, calling it "open source".  However, this firm takes one step
> further the stance characteristic of Socialtext, SugarCRM, Alfresco,
> Zimbra, Qlusters, Jitterbit, Scalix, MuleSource, Dimdim, Agnitas AG,
> Openbravo, Emu Software, Terracotta, Cognizo Technologies, ValueCard,
> KnowledgeTree, OpenCountry, and 1BizCom, by using OSI's certification
> mark in outright violation of OSI's licensing terms -- or, at least, I'd
> be surprised to learn otherwise.  Therefore, I'm mentioning that use, in
> case corrective action is needed.
>
>
> I'd suggest Sapienter illustrates why "Exhibit B" licences (though
> certainly _not_ badgeware licences generically) have become, in my view,
> a serious problem:
>
> o  Substantively all (probably literally all 19) of the above-listed firms
>    already have considerable history of claiming in public to be open source.
>
> o  Few if any mention their licences' lack of OSI approval.  Many
>    imply otherwise; one (Sapienter) outright claims approval (as noted).
>
> o  Not ONE has applied for OSI approval, though many are demonstrably
>    aware of OSI's approval process.  It's also notable that
>    many of their modified-MPL licences were reportedly written by OSI
>    General Counsel Mark Radcliffe in his private capacity -- so it's
>    doubtful many are unaware.
>
> o  Several of those firms' officers have already turned a deaf ear
>    (so far) to suggestions on OSI license-discuss that they make their
>    licences comply with OSD#10 ("License Must Be Technology-Neutral" --
>    the main problem) by adding "if any" qualifiers to their licences'
>    requirements concerning "each user interface screen".
>
> o  At least one, Socialtext, falsely claims in public to use MPL 1.1
>    without mentioning its licence modifications at all.[1]
>
> Aside from Sapienter's outreach breach of trademark law, some might
> object that OSI simply cannot do anything, to correct this situation.  I
> beg to differ, and ask that OSI take appropriate, measured, and
> constructive action:  Please consider issuing a formal statement
> deploring use of "modified MPL" licenses in circumvention of OSI
> scrutiny, and especially their use without clearly disclosing lack of
> OSI approval.
>
> No one is denying the value of efforts to close the much-discussed ASP
> Loophole through suitable "attribution" clauses that _do_ respect the
> OSD and substantively allow code reuse, forking, and other underlying
> core notions of open source.  Reasonable people can create licences
> containing such clauses and get them approved.  Unfortunately, the
> above-cited companies are pointedly eschewing any such effort, thereby
> making a mockery of OSI's moral and other authority over open source.
>
> Please help us of the open source community's desire to help the OSI, by
> issuing a clear statement that we can use to enforce open source
> standards within this troublesome area.  Thank you.
>
> [1] http://www.socialtext.com/node/88
>
> Sincerely
> Rick Moen
> (representing himself)
>

> Quoting Ross Mayfield (ross.mayfield@...):
>
> > You have done a service by pointing out this alleged breach of the OSI
> > Certified trademark by this corporation.
>
> Thank you for saying that.
>
> > However, ONLY ONE company that employs a provision similar to the
> > Generic Attribution Provision has breached this trust.  I believe you
> > have provided another reason for the GAP to be minded by OSI.
>
> Hmm, only one company mentioned (out of 20) actually is implementiong
> GAP:  Intalio.  Every other one of the other 19 licences I cited,
> including the one your company _uses_, i.e., Socialtext Public Licence
> 1.0.0, seems to me to require a considerably more expansive
> implementation of "attribution" than does the GAP clause.
>
> > It is inaccurate to say that NOT ONE company has applies for OSI
> > approval, that is precisely what Socialtext has.
>
> Do you mean you have submitted _Socialtext Public Licence 1.0.0_ for OSI
> certification?  I attempted to search for any such indication, and found
> none.
>
> I respect highly Socialtext's intent in bringing the GAP memo in front
> of the OSI Board, but it is my understanding that your firm uses SPL
> 1.0.0, _not_ MPL + GAP (which Intalio proposes to use), for its
> wiki software.  What I said to the Board was, of course, that none of
> the 19 firms referenced in my bullet list had submitted the licences
> they _use_ (and claim in public to be open source) to the Board for
> certification.
>
> Socialtext's commendable intent seems noteworthy despite the fact that
> Socialtext substantively ignored the process detailed on
> http://www.opensource.org/docs/certification_mark.php by not submitting
> a _licence_ at all, but rather a patch that Socialtext evidently wishes
> the Board to consider as applied to some unspecified fraction of the 58
> existing OSI Certified licence (those with modifiable content).
>
> > And we clarified this blog post to say more than we were MPL with an
> > addendum, and have had the license available our open source wiki
> > since inception.
>
> Thank you for doing that, retroactively.  Your edit appears to have been
> implemented _within the past hour_, I will note.  As you know, I'd
> mentioned the misstatement of fact twice on license-discuss twice, the
> earlier time having been on Dec. 20, i.e., right in front of you, nine
> days ago.
>
> > Deplorable is a strong word in the context of a community, especially
> > a welcoming one.
>
> Asking the Board to formally deplore the particular patterns of activity
> I cited seems amply merited by the problem those 20 firms have created.
> In fact, it strikes me as extremely mild, in the circumstances.  Other
> actions, such as yours in sending and posting the GAP memo, should be
> praised and are quite appreciated.
>
> Best Regards,
> Rick Moen
>
>

> I'm not going to engage in fisking arguments by email.  I might have
> lost your prior comments in the 100 fold thread that didn't yield that
> much substance against the GAP.
>
> I'll point to a link that should help clarify the steps Socialtext has
> taken in good faith, and what we did to clarify our license.
> http://blogs.zdnet.com/BTL/?p=3430
>
> I did amend the blog post tonight to provide a link to the license.
>
> We did not submit the SPL which is consistent with OSD --  and instead
> sought to address the general problem we all face through the GAP.
> And we would never use the OSI Certified mark unless under an OSI
> approved.  That's the point.
>
> Ross
>
>
> On 12/29/06, Rick Moen <rick@...> wrote:
>> Quoting Ross Mayfield (ross.mayfield@...):
>>
>> > You have done a service by pointing out this alleged breach of  
>> the OSI
>> > Certified trademark by this corporation.
>>
>> Thank you for saying that.
>>
>> > However, ONLY ONE company that employs a provision similar to the
>> > Generic Attribution Provision has breached this trust.  I  
>> believe you
>> > have provided another reason for the GAP to be minded by OSI.
>>
>> Hmm, only one company mentioned (out of 20) actually is implementiong
>> GAP:  Intalio.  Every other one of the other 19 licences I cited,
>> including the one your company _uses_, i.e., Socialtext Public  
>> Licence
>> 1.0.0, seems to me to require a considerably more expansive
>> implementation of "attribution" than does the GAP clause.
>>
>> > It is inaccurate to say that NOT ONE company has applies for OSI
>> > approval, that is precisely what Socialtext has.
>>
>> Do you mean you have submitted _Socialtext Public Licence 1.0.0_  
>> for OSI
>> certification?  I attempted to search for any such indication, and  
>> found
>> none.
>>
>> I respect highly Socialtext's intent in bringing the GAP memo in  
>> front
>> of the OSI Board, but it is my understanding that your firm uses SPL
>> 1.0.0, _not_ MPL + GAP (which Intalio proposes to use), for its
>> wiki software.  What I said to the Board was, of course, that none of
>> the 19 firms referenced in my bullet list had submitted the licences
>> they _use_ (and claim in public to be open source) to the Board for
>> certification.
>>
>> Socialtext's commendable intent seems noteworthy despite the fact  
>> that
>> Socialtext substantively ignored the process detailed on
>> http://www.opensource.org/docs/certification_mark.php by not  
>> submitting
>> a _licence_ at all, but rather a patch that Socialtext evidently  
>> wishes
>> the Board to consider as applied to some unspecified fraction of  
>> the 58
>> existing OSI Certified licence (those with modifiable content).
>>
>> > And we clarified this blog post to say more than we were MPL  
>> with an
>> > addendum, and have had the license available our open source wiki
>> > since inception.
>>
>> Thank you for doing that, retroactively.  Your edit appears to  
>> have been
>> implemented _within the past hour_, I will note.  As you know, I'd
>> mentioned the misstatement of fact twice on license-discuss twice,  
>> the
>> earlier time having been on Dec. 20, i.e., right in front of you,  
>> nine
>> days ago.
>>
>> > Deplorable is a strong word in the context of a community,  
>> especially
>> > a welcoming one.
>>
>> Asking the Board to formally deplore the particular patterns of  
>> activity
>> I cited seems amply merited by the problem those 20 firms have  
>> created.
>> In fact, it strikes me as extremely mild, in the circumstances.  
>> Other
>> actions, such as yours in sending and posting the GAP memo, should be
>> praised and are quite appreciated.
>>
>> Best Regards,
>> Rick Moen
>>
>>
>
>
> --
> --
> Ross Mayfield
> CEO
> Socialtext, Inc.
> ross.mayfield@...
> aim:rossdmayfield
> skype:rossmayfield
> t. +1-650-323-0800
> f. +1-650-323-0801
> company: http://www.socialtext.com
> weblog: http://ross.typepad.com
> many-to-many: http://www.corante.com/many
> this email is: [ ] bloggable [ x ] ask first [ ] private