On Aug 9, 2015 8:33 PM, "Roman Shaposhnik" <ro...@shaposhnik.org> wrote: > > On Fri, Aug 7, 2015 at 12:46 AM, Bertrand Delacretaz > <bdelacre...@apache.org> wrote: > > On Fri, Aug 7, 2015 at 2:50 AM, Roman Shaposhnik <ro...@shaposhnik.org> wrote: > >> ...is Apache Brand meant to protect *any* possible object/binary > >> artifact or only those that PMC actually care about?... > > > > IMO any object/binary created from our source code has to be clearly > > identified as not coming from the ASF
As a reminder, based on the foundation core purpose, the ASF releases open source code for consumption by the general public at no charge. While convenience binaries are shipped by many projects, others pointedly refuse (subversion is one example where all binary builds are thirdparty). The complexity of the number of potential build is one driving factor... Compile once-and-done for Java is much different than a cross platform machine code result. > Well, the real question is: do we aspire to have a monopoly on certain > binary convenience artifacts? IOW, if a Hadoop PMC blessed and RPM > as one of those artifacts, does it mean that only that RPM (however > potentially screwed up it is from the standpoint of Fedora packaging > guidelines) is the RPM that can be called Hadoop? > > > If Kermit distributes a compiled version of httpd for example I would > > expect that to be labeled as "Kermit's distribution of the Apache HTTP > > Server". > > > > And if that's done properly I would expect filenames to reflect this > > where possible, so Kermit's binary package should be named like > > "kermit-httpd-2.4.16.tgz" to help prevent confusion. > > Well, this is not what's happening: http://pkgs.org/search/httpd A couple things here. Our claim to Apache HTTP Server or Apache httpd marks are strong. But HTTP alone is a protocol name, while httpd was the name of the binary of earlier (and other later) unix server daemons. The next is that many vendors compile httpd. They are encouraged to do so. If they label it apache-httpd, it aught to consist of ASF sources. If they label it kermits-httpd, it is likely a portmanteau of Kermit's modules and patches with ASF sources combined. If a vendor who hated the AL 2.0 (some did/still do?) decided to ship their improved "Apache httpd 2.0" based on their patches to 1.3 (under the AL 1.1) we would have had words, and likely a C&D letter to them eventually. Finally Apache HTTP Server was a very early mark, early abuse was not as effectively policed. So the approach to correcting abuse has been a strong emphasis on polite requests to avoid community confusion. Where that fails, only then do we escalate. Covalent/Springsource/VMW/Pivotal have a long history of renaming where confusion would result. "RavenSSL" was Apache httpd+mod_ssl, build upon RSA not OpenSSL for US domestic users looking for patent licensing. tcServer is Apache Tomcat combined with many enterprise extensions. The guidelines and Trademark usage constraints are rather straightforward. Where vendors have built-upon httpd, it is often as an extension to an ASF base package. RH GPL-licensed mod_cluster is but one example of this.