Drummond Reed drummond.reed at cordance.net
Mon Dec 5 19:28:10 UTC 2005

At the meeting last week, the question was raised about whether there could
be any IPR issues related to use of an OASIS specification such as the XRDS
specification from the XRI Technical Committee.

Following is a response I sent Johannes when he emailed me prior to the
meeting with concerns that implementations of WS-Security (another
specification from OASIS) had run into open source licensing issues. My
response explains the IPR background of the XRI TC and why it should be safe
to use any specification from the TC.

Also included is a followup response from Gabe Wacob, XRI TC co-chair, with
further information.

Feel free to contact myself or Gabe (who is also on the YADIS list) if you
have any further questions.


-----Original Message-----
From: Drummond Reed [mailto:drummond.reed at cordance.net] 
Sent: Wednesday, November 30, 2005 11:27 PM
To: 'Johannes Ernst'
Cc: 'Wachob, Gabe'
Subject: RE: IP and OASIS and YADIS


I understand this issue very well - my co-chair Gabe Wachob (who is an
non-practicing attorney as well as a software architect) and I have been
working on it internally at OASIS for some time now.

First, to reassure you, the OASIS XRI and XDI TCs were one of the first
OASIS TCs to avail themselves of a special clause in the old OASIS IPR
policy that allowed us to declare ourselves royalty-free and unencumbered in
our charter. The exact language (from our charter page at
http://www.oasis-open.org/committees/xri/charter.php), is:

"In no event shall this Technical Committee finalize or approve any
technical specification if it believes that the use, distribution, or
implementation of such specification would necessarily require the
unauthorized infringement of any third party rights known to the Technical
Committee, and such third party has not agreed to provide necessary license
rights on perpetual, royalty-free, non-discriminatory terms."

All contributions to the TC have been made under this provision. Under the
old OASIS IPR policy, this was the only way a TC could declare itself a
"patent-free zone".

WS-Security (and indeed, all the WS-* work at OASIS) did not use this
provision (which is at least as strong if not stronger than the new
"Royalty-Free under Limited Terms" option). If they had, they would not have
had the issue with Apache.

Gabe and I and the entire XRI TC has been 100% committed to making sure all
XRI TC work is unencumbered and completely open-source compatabile. Neither
of us has been happy with the IPR policy issues at OASIS, but we and others
there have made sure that the fully-unencumbered work there such as XRI and
XDI can stay that way.

We are also working with others there (and Doc) to figure out a stronger way
for OASIS TCs who adopt this same policy to be clearly stamped as "Open
Source Compatible". 

Net net: XRI TC workproduct is safe and will not have the issues that
WS-Security had.

Please report this to everyone at the meeting tomorrow, and feel free to
call either Gabe or myself to discuss at any time. 

206.364.0992 office
206.618.8530 cell
i-name: =Drummond.Reed

-----Original Message-----
From: Wachob, Gabe [mailto:gwachob at visa.com] 
Sent: Thursday, December 01, 2005 9:50 AM
To: Drummond Reed; Johannes Ernst
Subject: RE: IP and OASIS and YADIS


Just to echo what Drummond is saying - XRI is produced with RF (Royalty
Free) licensing. That means, to the extent that anybody participating knows,
there are no claims against anything in XRI that will require licensing.
That's not a guarantee that some third party out there won't decide that
they have a patent they can use to beat people over the head with, but
that's the case with almost any technology.

In any case, the licensing regime we've worked under for XRI is intended
explicitly to be open source compatible (ie should be able to implement
using a OSI-approved or other open source license). The WS-Security TC may
have been operating under a less specific IPR mode, and that's what got them
into trouble. We knew from the start that if there were any IP gotchas, it
would be a problem for open source implementers, so we tried very hard to
make sure that there were none of these gotchas.


P.S. I can't call myself an attorney because I never took the bar exam
(though I did slog through law school). Drummond is free to call me whatever
he likes, though ;-)

More information about the yadis mailing list