On Aug 9, 2015 8:33 PM, "Roman Shaposhnik" <ro...@shaposhnik.org> wrote:
>
> On Fri, Aug 7, 2015 at 12:46 AM, Bertrand Delacretaz
> <bdelacre...@apache.org> wrote:
> > On Fri, Aug 7, 2015 at 2:50 AM, Roman Shaposhnik <ro...@shaposhnik.org>
wrote:
> >> ...is Apache Brand meant to protect *any* possible object/binary
> >> artifact or only those that PMC actually care about?...
> >
> > IMO any object/binary created from our source code has to be clearly
> > identified as not coming from the ASF

As a reminder, based on the foundation core purpose, the ASF releases open
source code for consumption by the general public at no charge.

While convenience binaries are shipped by many projects, others pointedly
refuse (subversion is one example where all binary builds are thirdparty).
The complexity of the number of potential build is one driving factor...
Compile once-and-done for Java is much different than a cross platform
machine code result.

> Well, the real question is: do we aspire to have a monopoly on certain
> binary convenience artifacts? IOW, if a Hadoop PMC blessed and RPM
> as one of those artifacts, does it mean that only that RPM (however
> potentially screwed up it is from the standpoint of Fedora packaging
> guidelines) is the RPM that can be called Hadoop?
>
> > If Kermit distributes a compiled version of httpd for example I would
> > expect that to be labeled as "Kermit's distribution of the Apache HTTP
> > Server".
> >
> > And if that's done properly I would expect filenames to reflect this
> > where possible, so Kermit's binary package should be named like
> > "kermit-httpd-2.4.16.tgz" to help prevent confusion.
>
> Well, this is not what's happening: http://pkgs.org/search/httpd

A couple things here.  Our claim to Apache HTTP Server or Apache httpd
marks are strong.  But HTTP alone is a protocol name, while httpd was the
name of the binary of earlier (and other later) unix server daemons.

The next is that many vendors compile httpd.  They are encouraged to do
so.  If they label it apache-httpd, it aught to consist of ASF sources.  If
they label it kermits-httpd, it is likely a portmanteau of Kermit's modules
and patches with ASF sources combined.

If a vendor who hated the AL 2.0 (some did/still do?) decided to ship their
improved "Apache httpd 2.0" based on their patches to 1.3 (under the AL
1.1) we would have had words, and likely a C&D letter to them eventually.

Finally Apache HTTP Server was a very early mark, early abuse was not as
effectively policed.  So the approach to correcting abuse has been a strong
emphasis on polite requests to avoid community confusion.  Where that
fails, only then do we escalate.

Covalent/Springsource/VMW/Pivotal have a long history of renaming where
confusion would result.  "RavenSSL" was Apache httpd+mod_ssl, build upon
RSA not OpenSSL for US domestic users looking for patent licensing.
tcServer is Apache Tomcat combined with many enterprise extensions.  The
guidelines and Trademark usage constraints are rather straightforward.
Where vendors have built-upon httpd, it is often as an extension to an ASF
base package.  RH GPL-licensed mod_cluster is but one example of this.

Reply via email to