Skip to Main Content
Apache Events The Apache Software Foundation
Apache 20th Anniversary Logo

This was extracted (@ 2024-09-21 23:10) from a list of minutes which have been approved by the Board.
Please Note The Board typically approves the minutes of the previous meeting at the beginning of every Board meeting; therefore, the list below does not normally contain details from the minutes of the most recent Board meeting.

WARNING: these pages may omit some original contents of the minutes.
This is due to changes in the layout of the source minutes over the years. Fixes are being worked on.

Meeting times vary, the exact schedule is available to ASF Members and Officers, search for "calendar" in the Foundation's private index page (svn:foundation/private-index.html).

Legal Affairs

17 Jul 2024 [Roman Shaposhnik]

A report was expected, but not received

19 Jun 2024 [Roman Shaposhnik / Jeff]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are
slightly up at 21 issues (from 19).

We had a tip about potential Infringement of the Apache Free Software License
by a company selling medical devices. The person was routed to an appropriate
ASF community (httpd) for the next steps. We haven't heard from the httpd PMC
on the matter since.

U.S. Federal Trade Commission reached out to us regarding an anti-trust
investigation. After explaining the basics of how ASF works they proceeded to
have a conversation with PMC members of Apache Airflow.

After a bit of delay (and frankly prodding) Annual Report FY2024 Legal section
was submitted.

15 May 2024 [Roman Shaposhnik]

A report was expected, but not received

17 Apr 2024 [Roman Shaposhnik / Craig]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
19 issues.

Not really much else to report.

20 Mar 2024 [Roman Shaposhnik / Shane]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
19 issues.

M&P reached out to VP Legal regarding clarifying implications for running
sweepstakes. We reviewed the proposed T&Cs and suggested one small
clarification. Other than that this project is good to go from our
perspective.

21 Feb 2024 [Roman Shaposhnik / Sander]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are
slightly up at 19 issues (from 17 last month).

M&P reached out to VP Legal regarding clarifying implications for running
sweepstakes.

There was a brief discussion around patent implications of the Apache License
v2. The takeaway, as always, has been that the ASF's official position is the
text of the license. It is self-descriptive, but we do provide a reasonable
amount of FAQ material as well.

17 Jan 2024 [Roman Shaposhnik / Willem]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are
standing flat at 17 issues.

20 Dec 2023 [Roman Shaposhnik / Rich]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we made a
significant dent in the number and are standing flat at 17 issues.

15 Nov 2023 [Roman Shaposhnik / Sander]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we made a
significant dent in the number and are a tiny bit up now standing at 17 (from
16 last month).

An individual reached out to us, mistakengly thinking that ASF Legal plays a
role in any dispute over the implications of the Apache License v2. It was
explained that since the project in question isn't part of the ASF (on top
which it was it wasn't even clear if it was under ALv2) we are not getting
involved.

18 Oct 2023 [Roman Shaposhnik / Sharan]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we made a
significant dent in the number and are now standing at 16 (from 24 last
month).

Jude Smith began his volunteering for the ASF as a pro-bono attorney. See a
more details introduction on legal-discuss.

I picked up an item that sadly fell through the cracks in the past month: our
by-laws review. We are actually pretty close to a final draft, but one more
iteration with DLAPiper folks is needed.

We are arranging consultations with various licensed legal professionals
around implications of various clauses in the proposed CRA legislation. This
is done in cooperation with VP Public Affairs and with a great deal of support
from the Linux Foundation's legal team.

I had a great discussion with the head of OpenUK and was intrigued by her
thoughts on how some of the ramifications of CRA can be mitigated through the
clever use of insurance products. More details to come (provided we both find
it applicable to the ASF's usecase).

20 Sep 2023 [Roman Shaposhnik / Christofer]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are
slightly up at 24 outstanding issues (from 22 last month).

Otherwise the month was extremely calm and uneventful.

16 Aug 2023 [Roman Shaposhnik / Craig]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues.

The committee has successfully published and promoted a Generative Tooling
Guidance and FAQ on Legal responsibilities within the foundation. Both
documents were received with very positive feedback from the membership and
committers.

VP Legal attended an Open Source Congress in Geneva hosted by the Linux
Foundation. The event was a nice opportunity to synchronize the view points of
various leaders in open source organizations on the plethora of topics.
Despite the VP Public Affairs's strongly voiced opinion that VP Legal
participating in this event would lead ASF into a trap of having a binding
opinion on a variety of topics nothing like that had happened.

An opinion of VP Legal was requested on the ramifications of some of the
recent legislation coming out of the Russian Federation. It was determined
that from the legal perspective absolutely no action on the ASF's part is
required.

19 Jul 2023

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software Foundation
 (ASF) expects to better serve its purpose through the periodic update
 of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee whose
 membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following contributor be
 added as a Legal Affairs Committee member:

 Henri Yandell <bayard@apache.org>

 Special Order 7C, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

19 Jul 2023 [Roman Shaposhnik / Sharan]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues.

Henri Yandell's draft of formal guidance for ASF contributors on using
generative AI code assist tools (e.g. GitHub Co-pilot, etc.) has been
successfully reviewed by Legal Committee and is ready to be published.

Board resolution to add Henri Yandell to the Legal Committee has been
submitted.

We have cleaned up membership of legal-private@ to correspond to the current
Legal Committee roster. legal-internal@ has been cleaned up to be
legal-private@ plus some folks working in the office of the President.

We have reached a consensus on the division of labor when it comes to legal
matters between the Legal Committee and the office of the President. We're
working on an official FAQ to clarify our joint understanding. Expect it to be
sent for review and published in the next few weeks.

We have clarified an outstanding issue for the Apache SVN community regarding
licensing of old open.collab.net content to the ASF for re-hosting.

VP Legal is expected to attend an Open Source Congress in Geneva hosted by the
Linux Foundation last week of July.

21 Jun 2023 [Roman Shaposhnik / Craig]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues.

Henri Yandell prepared the first draft of formal guidance for ASF contributors
on using generative AI code assist tools (e.g. GitHub Co-pilot, etc.). Next
step is to settle it with the legal committee and then members@.

There appears to be some level of disagreement and the need for further
clarification around split of Legal responsibilities between the office of the
President of the ASF and the Legal Committee/VP Legal. See public emails
discussion threads on legal-discuss@ and, likely, on board@ soon. Roman and
David are scheduled to spend some time 1-1 to figure out the proposal here.

17 May 2023 [Roman Shaposhnik / Sander]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues.

Henri Yandell and I are working on providing some amount of formal guidance
for ASF contributors on using generative AI code assist tools (e.g. GitHub
Co-pilot, etc.). This is done in coordination with Linux Foundation's legal
team and Eclipse Foundation in order to harmonize our recommendations where
reasonable.

I got invited to the Open Source Congress in Geneva on July 27 to discuss,
among other things, questions surrounding AI code assist tools and upcoming EU
legislation.

There appears to be some level of disagreement and the need for further
clarification around split of Legal responsibilities between the office of the
President of the ASF and the Legal Committee/VP Legal. See public emails
discussion threads on legal-discuss@ and, likely, on board@ soon.

Mark Radcliffe is expected to make an additional appeal to the board at this
month's board meeting regarding legal aspects of the "Apache" name. He also
has news to share when it comes to who will be our go-to contact at DLAPiper
from now on.

19 Apr 2023 [Roman Shaposhnik / Justin]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues.

The board is receiving continuous guidance on the legal aspects of the
"Apache" name from DLAPiper.

22 Mar 2023 [Roman Shaposhnik / Craig]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are
slightly up at 22 outstanding issues compared to 21 last month.

15 Feb 2023 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are
slightly up at 21 outstanding issues compared to 19 last month.

A discussion around updating contributor guidance around AI generated code is
underway and anybody interested in participating is encouraged to comment on
LEGAL-631

18 Jan 2023 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
19 outstanding issues compared to last month.

I was able to reach the folks at DLAPiper. Scheduling by-laws review for next
week.

21 Dec 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
19 outstanding issues compared to last month.

Not being able to reach DLAPiper folks for a few months is becoming a bit of a
problem. I may need to start looking more aggressively for how to re-connect
with our contacts there. This also means that the process of finalizing the
draft of the updated bylaws seems to be on hold for now.

The board discussed the letter to DG COMP. No action was taken at this time.

16 Nov 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are
slightly up at 20 outstanding issues compared to 19 last month.

I haven't been able to find availability on DLAPiper's end so the process of
finalizing the draft of the updated bylaws seems to be on hold for now.

19 Oct 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are down at
19 outstanding issues compared to 22 last month.

The process of bylaws review is almost done. There's one last bit of reviewing
the indemnity provisions that should be done by early next month.

21 Sep 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues compared to last month.

Prompted by Akka's transition to Business Source License 1.1 we started the
process of advising the projects affected by this disruptive change (notably
Apache Flink). The details can be found in LEGAL-619.

The process of bylaws review is almost done. There's one last bit of reviewing
the indemnity provisions that should be done by early next month.

17 Aug 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues compared to last month.

We finally kicked off the process of by-laws reviews with DLAPiper. We expect
the updated draft to be available within weeks for the board review.

20 Jul 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues compared to last month.

We finally kicked off the process of by-laws reviews with DLAPiper. We expect
the updated draft to be available in a month for the board review.

15 Jun 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues compared to last month.

There hasn't been much else happening aside from us working with DLAPiper on
reviewing our by-laws.

ApacheCON A/V rental contract agreement was reviewed and a few suggestions
made.

18 May 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat at
22 outstanding issues compared to last month.

There hasn't been much else happening aside from us engaging with DLAPiper
around reviewing our by-laws.

Thanks to sebb we've been closing issues around our ECCN and release policies
and processes with a number of INFRA JIRAs and direct patches resulting from
that.

20 Apr 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are
slightly up to 22 from 20 outstanding issues compared to last month.

There hasn't been much else happening aside from renewed interest in reviewing
our by-laws in general and around particular language that may not be as
relevant in 2022 as it was back in 1999. I will reach out to DLA Piper folks
to see what is feasible.

Thanks to sebb we've been reviewing our ECCN policies and processes with a
number of INFRA JIRAs and direct patches resulting from that.

16 Mar 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat
with 20 outstanding issues compared to last month.

Personally, I have been consumed by reacting to global events and wasn't able
to dedicate much time at all to the committee this month. I apologize for
that. However, I did keep an eye on all incoming legal traffic and luckily
there wasn't anything that required committee's attention. At least not on the
reactive side. Really hope that the coming month will be easier.

16 Feb 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are
slightly up to 20 from 17 outstanding issues compared to last month.

Committee worked on helping prepare a set of responses to various US
government officials and agencies regarding log4j security vulnerability.

We have established a formal relationship with Gwyn Firth Murray Matau Legal
Group and now have an extra resource to go to in case we need a formal legal
opinion or help. We followed a standard ASF engagement model: our contract
includes a certain number of pro-bono hours and we have negotiated a very
reasonable rate on top of that.

We reviewed an SOW agreement from a vendor providing us with D&I services.

19 Jan 2022 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. After resolving a handful of LEGAL issues, we are flat
with 17 outstanding issues compared to last month.

The biggest area of focus for the committee has been the fallout from log4j
vulnerability and reaction to it by various government and commercial
entities. We have spent some time working with the members of the security
team in preparation for the The White House meeting and also responding to the
official government inquiries.

Our friends at DLA Piper recommended that we explore relationship with the
Matau Legal Group to augment the number of pro-bono legal help available to
us. The conversation has started but nothing to report back yet.

Some of our members have expressed interest in signing the Lifter agreement at
the PMC/Foundation level with Tidelift. The consensus on the committee side so
far has been that we shouldn't be doing that at that level, however
individuals may choose to do so. Since the discussion was no longer a legal one
it was moved to the ComDev.

15 Dec 2021 [Roman Shaposhnik]

It's been an uneventful month. Committee members and others have taken good
care of responding to and resolving issues. We have fewer open issues than
last month (15). There is nothing that requires board attention. There's been
some discussions around Javadoc licensing, if 3rd parties need a NOTICE file
and some release policy tweaks.

17 Nov 2021 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. We've resolved quite a few issues and are flat with 17
outstanding issues compared to last month.

We've discussed and reviewed a small tweak to the Release Policy and accepted
a change clarifying the role of unreleased artifacts distributed to the
developer community.

20 Oct 2021 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. We've resolved quite a few issues and are up to 17 from
the 16 that were unresolved last month.

We are working on extending the circle of Legal firms that can help us. More
details on potential candidates in the private section.

We provided advice to one of the PMCs on how to engage with TU Berlin research
group around supporting European Research Council proposal that would include
and Apache project.

We received an unsolicited report evaluating ASF's performance from the
Muellners Inc and determined it to be non-actionable from the ASF's legal
point of view. Muellners Inc may decide to proceed with the dissemination of
the report (and further actions) regardless of not receiving any feedback from
us.

15 Sep 2021 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. We've resolved quite a few issues and are down to 16 from
the 18 that were unresolved last month.

Roman has been traveling and under a lot of additional pressure from $DAYJOB
which limits the amount of time available to push on some of the outstanding
ASF LEGAL issues. This is expected to improve greatly in the 2nd half of Oct.

18 Aug 2021 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. We've resolved quite a few issues and are down to 18 from
the 19 that were unresolved last month.

We started working (again!) on expanding the pool of pro-bono legal options
available to us.

21 Jul 2021 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. We've resolved quite a few issues and are down to 19 from
the 26 that were unresolved last month.

Work on simplifying our approach to ECCN filings is slowly progressing. We now
have additional recommendations published by Linux Foundation and are in
active discussions with their legal team on the details:
https://www.linuxfoundation.org/blog/understanding-us-export-controls-and-open-source-projects-2021-update/

16 Jun 2021 [Roman Shaposhnik]

Past month has been pretty calm. Committee members took good care of resolving
most issues on time. We're currently slightly up at 26 unresolved issues.

One notable discussion that took place was that of revisiting our approach to
ECCN filings. The ECCN tracking page https://www.apache.org/licenses/exports/
was expected to be updated with a different layout but the effort seems to
have stalled for now. There's not immediate need for us to change anything
around ECCN, but it would be nice to resolve this in the coming months.

19 May 2021 [Roman Shaposhnik]

It's been a little busier this month with several discussions on a wide range
of topics, including a couple that come up frequently. Committee members took
good care of resolving these in time. We're resolved several outstanding
issues and currently down to 24 unresolved issues.

There has been discussions on gradle jars in source releases (LEGAL-570),
changes in elastic search licensing, the LGPL dependency chardet (LEGAL-572),
and clarifying the naming of 3rd party licenses that add additional
incompatible clauses to the Apache license. Release and distribution policies
has been updated and made more explicit, clarifying the use of Category B
licensed items and jars containing compiled code in source releases. (In both
cases, they cannot be included in source releases.)

21 Apr 2021 [Roman Shaposhnik]

One more pretty uneventful month: we've had a regular amount of usual requests
flowing through LEGAL JIRA and legal-discuss. Committee members took good care
of resolving most of these in time. We've cleared the queue quite a bit and
are currently down to 25 unresolved LEGAL JIRAs.

Thanks to Justin we've settled on a language clarifying our positions on
modified Apache Licenses and how, while allowed, they should clearly be
distanced from Apache License itself.

Finally, there's work underway to attempt a split between a formal legal
policy on binary releases and a community FAQ. Hopefully this will help to
clarify it for our communities but it'll require use of contracting resources
that INFRA has suggested.

17 Mar 2021 [Roman Shaposhnik]

A report was expected, but not received

17 Feb 2021 [Roman Shaposhnik / Roy]

One more pretty uneventful month: we've had a regular amount of usual requests
flowing through LEGAL JIRA and legal-discuss. Committee members took good care
of resolving most of these in time. We're slightly up at 35 unresolved issues
this month.

There has been some discussion about adding language clarifying our positions
on modified Apache Licenses and how, while allowed, they should clearly be
distanced from Apache License itself.

20 Jan 2021 [Roman Shaposhnik]

A report was expected, but not received

16 Dec 2020 [Roman Shaposhnik / Sander]

One more pretty uneventful month: we've had a regular amount of usual requests
flowing through LEGAL JIRA and legal-discuss. Committee members took good care
of resolving most of these in time. We're steady at 29 unresolved issues this
month.

The only three things worth noting are LEGAL-516 and a review of our bylaws.

Justin and I will be finally bringing LEGAL-516 home by the end of 2020. It
has remained open long enough and is clearly stalling.

DLAPiper is still slow to re-engage -- I'm hoping Mark will have more time
available for us before the end of the year.

18 Nov 2020 [Roman Shaposhnik / Sam]

One more pretty uneventful month: we've had a regular amount of usual requests
flowing through LEGAL JIRA and legal-discuss. Committee members took good care
of resolving most of these in time. We're steady at 29 unresolved issues this
month.

The only three things worth noting are LEGAL-516 and a review of our bylaws.

LEGAL-516 is clearly stalling at this point and as per suggestion from Justin,
I feel we need to resolve it once and for all by the end of the month -- it
has been outstanding for way too long.

DLAPiper is still slow to re-engage -- I'm hoping Mark will have more time
available for us before the end of the year.

21 Oct 2020 [Roman Shaposhnik / Patricia]

One more pretty uneventful month: we've had a regular amount of usual requests
flowing through LEGAL JIRA and legal-discuss. Committee members took good care
of resolving most of these in time. We're steady at 29 unresolved issues this
month.

The only three things worth noting are LEGAL-516, GitHub Actions and a final
commitment from DLAPiper to a timeline for review of our bylaws.

LEGAL-516 which has been dragging for way too long and at this point it feels
like stalling. I think we're past the point where we can expect NVIDIA to come
back and do the right things. My recommendation to the IPMC and board is to
declare a firm deadline (perhaps next board meeting) by which we will have a
ruling on how to proceed.

GitHub Actions AKA LEGAL-537 is an exciting new development where we entered
into an agreement with GitHub that allows a much more immediate consumption of
ASF software through GitHub Actions mechanism.

Finally, DLAPiper is now committed to do a final bylaws review by the November
board meeting deadline. Mark's availability was sadly affected by the
California wildfires in the month of Sep and early October.

16 Sep 2020 [Roman Shaposhnik / Craig]

This, again, was one of the most uneventful months on record (summer time
perhaps?): we've had a regular amount of usual requests flowing through LEGAL
JIRA and legal-discuss. Committee members took good care of resolving most of
these in time. We're up 2 (to 29), unresolved issues this month.

The only worthy event was that we finally got an agreement from DLAPiper to do
a pro-bono full review of our by-laws. This is great timing giving the vote
that is expected to happen on changing the gender pronouns.

19 Aug 2020 [Roman Shaposhnik / Patricia]

This was one of the most uneventful months on record (summer time perhaps?):
we've had a regular amount of usual requests flowing through LEGAL JIRA and
legal-discuss. Hen and the rest of the volunteers took a good care of
resolving most of these in time. We're up 1 (to 27), unresolved issues this
month.

Fun fact of the month: we've received our first legit request in Russian:
LEGAL-534

15 Jul 2020 [Roman Shaposhnik / Craig]

For the past month we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're up 2 (to 26), unresolved
issues this month.

We received Hen's resignation from two of his positions: VP Jakarta EE and
Assist VP Legal. Hen's contributions to this committee (and to the foundation
in general!) have been vital to the day-to-day operations but also to the more
strategic questions around ASF's general stance on various licensing and legal
issues. In short, we wouldn't be in nearly as good of a shape without Hen
around. We all eagerly await him coming back at some point! In the meantime
we're looking for volunteers to fill his position and hope to have this
resolved by the next month's board meeting.

Discussion around MXNet release compliance is still ongoing in LEGAL-515 and
LEGAL-516. Currently the ball is in the PPMC's court and we would recommend
Incubator following up in a few weeks on the progress.

There's been a fruitful discussion around binary distribution channels
culminating with Justin's proposal of a policy update:
https://lists.apache.org/thread.html/r0db43d4124a1d09354e4dcebed2e5d78b311fcd16ca25d489ee03a7f%40%3Cgeneral.incubator.apache.org%3E

Progress on requesting DLA Piper help with review of the bylaws have been
slow. The reason for the slowness is surprising and somewhat embarrassing at
the same time: it appears that DLA MX has issues with email sent through my
GMail account. This has been noticed and fixed.

Thanks to KAM we've got our DMCA Designated Agent Directory - Renewal done.

17 Jun 2020

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software Foundation
 (ASF) expects to better serve its purpose through the periodic update
 of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee whose
 membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following contributor be
 added as a Legal Affairs Committee member:

 Justin Mclean <jmclean@apache.org>

 Special Order 7C, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

17 Jun 2020 [Roman Shaposhnik / Roy]

For the past month we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're up 2 (to 24), unresolved
issues this month.

In the previous report, we've alerted the board about LEGAL-515. At this point
it seems that the MXNet PPMC and the Incubator are fully on top of this issue
and are trying to make it right.

Re-started binary distribution channels work based on the 'prior art' from the
Incubator:
https://cwiki.apache.org/confluence/display/INCUBATOR/Distribution+Guidelines

Had a conversation with DLA Piper regarding recent charges relating to
services that go beyond their pro-bono offer to us. Overall, it was a very
constructive discussion. Still it may behove the board to act on a recent
thread titled 'Rethinking our approach for procuring day-to-day legal services
for the ASF'

TechTarget's reporter has requested an hour meeting to clarify our position on
ICLAs, CCLAs and SGAs.

20 May 2020 [Roman Shaposhnik / Patricia]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're up 1 (to 22), unresolved
issues this month.

We received a request for an affidavit, but after extensive discussions within
legal committee (with participation of DLA Piper folks) we've concluded that
it is not in our best interest to respond at this time.

I would like to draw board's attention to the discussion on LEGAL-515. It
appears that the current binary convenience artifacts published by MXNet are
in violation of ASF's release policy. So far we've advised the PMC to work
through the issues, but it isn't clear whether they are willing to do so.

ASF has appeared on the following docket
https://dm.epiq11.com/case/broadvision/claims however after further review it
was established that we have never had any commercial relationship with
BroadVision and as such there's no reason to do anything.

Due to recent global events, progress on various binary distribution channels
that ASF controls is slow, but it is still on my radar.

15 Apr 2020 [Roman Shaposhnik / Shane]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're up 1 (to 21),
unresolved issues this month.

Henri Yandell (in his VP Jakarta EE Relations capacity) closed the loop with
Eclipse Foundation around relationship between ASF and Eclipse. There are no
further actions required at this time.

We received request for classification of the newly minted "Mulan PSL v2"
license (LEGAL-513). This license originated in China and what makes it
unusual is that the canonical text is in Chinese. It has already been
approved by OSI. So far the consensus is that it is very close to the
original ALv2 license and thus can be added to the Cat A. Our final decision
is expected in a week or so.

We have received an affidavit request for details on how Apache License
applies to the projects we govern and what are the ramifications for the
contributors and downstream consumers. We're working on this request and
expect the work to continue for the next week or so.

Due to recent global events, progress on  various binary distribution
channels that ASF controls is slow, but it is still on my radar.

18 Mar 2020 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're down 2 (to 20),
unresolved issues this month.

Henri Yandell has indicated that he may want to step in to replace Mark
Struberg as VP Jakarta EE Relations. With renewed involvement, hopefully we
can finalize discussions with the Eclipse Foundation.

Due to recent global events, progress on  various binary distribution
channels that ASF controls is slow, but it is still on my radar.

DLA Piper started to review our by-laws.

We reviewed (and approved with modifications) an Associated Partner contract
text from the KNX Association (LEGAL-509) and also Bylaws of the OPC
Foundation
(LEGAL-508).

19 Feb 2020 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're up 1 (to 22), unresolved
issues this month.

John D. Ament has indicated that he may want to step in to replace Mark
Struberg as VP Jakarta EE Relations. With renewed involvement, hopefully we
can finalize discussions with the Eclipse Foundation

We were contacted by Technology Enforcement Division (Bureau of Competition)
from the Federal Trade Commission of the United States Government and offered
to participate in a study of "market participants" in the cloud services
industry. We had to decline on account that we are not, in fact, a market
participant.

I started collecting background information on various binary distribution
channels that ASF controls in preparation for a more comprehensive discussion
on the subject.

15 Jan 2020 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're down 3 (to 21),
unresolved issues this month.

I tried to contact VP Jakarta EE Relations (Mark Struberg) but failed to get a
response. I will be proposing that we start an official search for a
replacement on members@ (it also, unfortunately, means there has been no
progress with Eclipse foundation so far).

We had a good discussion about clarifying some of the patent implications
around Apache License v2 and ultimately decided to refrain from updating the
FAQ.

There was a discussion around updating the appendix of the canonical Apache
License v2 text with the guidelines around the text of the licensing itself
and how the use of "Apache License" brand needs to be respected if the text of
the license gets amended/updated. Ultimately the decision is to go with the
documentation update for now and let the canonical text of the license stay as
it is.

18 Dec 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're up 4 to 24, unresolved
issues this month.

Sadly, there has been no progress with Eclipse foundation mainly because lack
of time on our end with key volunteers (Roman and Mark Struberg) we will try
to do better next month.

I had a call with Qualcomm clarifying some of the ramifications of the patent
clause in the Apache License. Based on the discussion, I'll be proposing
additions to our legal FAQ soon.

20 Nov 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're dow 2 to 20, unresolved
issues this month.

Sadly, there has been no progress with Eclipse foundation mainly because lack
of time on our end with key volunteers (Roman and Mark Struberg) we will try
to do better next month.

Two noteworthy discussions are around LEGAL-488 and LEGAL-489 where we are
trying to figure out how to help NetBeans community in particular (and anyone
in business of build end-to-end end-user facing project at ASF be able to
ship their binaries based on modularization framework available in modern
JREs).

16 Oct 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're slightly up 2 to 22,
unresolved issues this month.

Our work with Eclipse foundation continues mainly around formalizing our
current relationship, but also discovery of prior ASF participation in JSR
Expert Group. See VP Jakarta report for more details. This month Mark Struberg
indicated that he has been able to commit to coming up with a proposal on next
steps. This is understandable given the volunteer nature of our committee, but
it does make Eclipse Foundation a tad frustrated with ASF. We will keep an eye
on the situation and hopefully will resolve it in the coming month.

We handled two spurious DMCA takedown notices (the originating legal counsel
was confused about relationship between ASF and how its products are used by
3d parties).

We reviewed and approved contract for the D&I committee between ASF and
Bitergia.

We clarified SLA expectations of the Committee over
at https://www.apache.org/legal/#communications

18 Sep 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're down 2 to 20, unresolved
issues this month.

Our work with Eclipse foundation continues mainly around formalizing our
current relationship, but also discovery of prior ASF participation in JSR
Expert Group. See VP Jakarta report for more details.

Senior Vice President, Intellectual Property at one of the corporate
contributors to a major ASF project reached out for clarifications on early
(pre 2009) contributions to a few ASF projects and we've provided required
 guidance.

At ApacheCON in Las Vegas we met with a few ASF sponsors during a scheduled
luncheon and answered their questions around IP management and licensing
policies within ASF. We also discussed potential opportunities and
challenges for new projects coming into the incubator.

21 Aug 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're down 1 to 22, unresolved
issues this month.

We have finally submitted Legal sections of the ASF annual report.

We have finalized our recommendations for how ASF may decide to engage with
Eclipse Jakarta EE Platform.

We continue to evaluate additional options for counsel to augment the work of
DLA Piper. We expect to have an update on this in a month or two. Mishi
Choudhary from SFLC is looking into refreshing the relationship with us. In
additional to that we also had Cliff Allen reaching out offering his help.

17 Jul 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. We're up 3 to 23, unresolved
issues this month.

We have received our first official DMCA takedown notice and acted
accordingly. The party who submitted the notice considers matter to be
resolved now. The material that had to be taken down consisted of 3 emails
available via mail-archives.apache.org. We are currently in the process of
formalizing a check-list/policy of actions to be taken should the next DMCA
takedown notice arrive.

We have provided guidance to the Incubator PMC around relaxing release policy
for podlings.

We are continue the work with Jakarta EE VP around implications of Eclipse
Foundation Jakarta EE paperwork.

We continue to evaluate additional options for counsel to augment the work of
DLA Piper. We expect to have an update on this in a month or two. Mishi
Choudhary from SFLC is looking into refreshing the relationship with us. In
additional to that we also had Cliff Allen reaching out offering his help.

Legal section of the ASF yearly report has been submitted to Sally

19 Jun 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time.
(we're steady at 20, unresolved issues this month).

We have worked with DLA Piper and Linux foundation on formulating our official
position around DoC's Huawei Entity List ruling:
https://blogs.apache.org/foundation/entry/statement-by-the-apache-software and
also greatly clarified our our EAR page:
https://www.apache.org/licenses/exports/

We've completed review of the JetBrains sponsorship agreement and clarified
the implications of JetBrains licensing to committers@.

Thanks to Hen we now have our official P&C mailing list setup. The subscribers
are strictly limited to:
* board-private@apache.org (which is limited to the 9 board members)
* All active ASF counsel (Mark Radcliffe currently, unless we determine SFLC
 are still active)
* ASF Legal VP, ASF Data Privacy VP, ASF Assistant Legal VP

We have completed the legal review of the Eclipse Foundation Jakarta paperwork
and expect to hand it over to Jakarta VP once Mark is approved for his role
this month.

We started to evaluate additional options for counsel to augment the work of
DLA Piper. We expect to have an update on this in a month or two. Mishi
Choudhary from SFLC is looking into refreshing the relationship with us. In
additional to that we also had Cliff Allen reaching out offering his help. We
expected to make more progress on evaluating these individuals and/or
organizations, but unfortunately the ammount of urgent activity this month
prevented us from making progress.

15 May 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
good care of resolving most of these in time.
(we're down 4, from 24 to 20, open issues this month).

Thanks to Hen we're closing the loop on rationalizing our mailing lists
infrastructure and are about to create our P&C list.

We're at the final stretch with reviewing JetBrains sponsorship agreement and
should have a final signoff from DLA Piper by the end of this week.

Jakarta VP discussion is going on and when the VP Jakarta role is created
whoever ends up in that role will be signing the agreement with Eclipse
Foundation.

We started to evaluate additional options for counsel to augment the work of
DLA Piper. We expect to have an update on this in a month or two. Mishi
Choudhary from SFLC is looking into refreshing the relationship with us.

We had Facebook and Uber reach out to us for help with detailed understanding
of our licensing practices. The meetings are being set up and we will report
back on the result.

17 Apr 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time. (we're down 5, from 24 to 19,
open issues this month).

We approved Jakarta TCK contracts that would allow ASF to officially join
Eclipse Foundation activities around Eclipse Jakarta EE Platform.

Hen continued with his updates/clarifications on the website overhauling the
overall menu systems for the legal matters.

Discussion around clarifying the scope and purpose of legal mailing lists and
also creating a privileged mailing list re-surfaced again. This time we have
much more consensus at least around how to proceed with privileged one.

We reviewed DataStax sponsorship agreement for ApacheCon and in general
started to question how deep into contract reviews should Legal Affairs
committee really go (remember: we're NOT trained lawyers).

@Jim: Work with Roman to close out VP Jakarta action item

20 Mar 2019 [Roman Shaposhnik]

For the past months we've had a regular amount of usual requests flowing
through LEGAL JIRA and legal-discuss. Hen and the rest of the volunteers took
a good care of resolving most of these in time.
(we're down 4, from 28 to 24, open issues this month).

Kudos to Hen for leading a few cleanup/clarifications efforts, most notably in
private/foundation/legal SVN and web properties of legal committee available
under https://www.apache.org/legal Also, Hen contributed quite a bit to the 5
year plan with details available at:
https://issues.apache.org/jira/projects/LEGAL/issues/LEGAL-422

Discussions around evolving our binary release policies continued on
legal-discuss and general@incubator with several data points for a potential
proposal emerging, but with no clear indication for how and when the process
will converge. This may require a board level feedback on how important it is
for us to spend significant resources on pursuing this.

Discussion around clarifying the scope and purpose of legal mailing lists and
also creating a privileged mailing list re-surfaced again. This time we have
much more consensus at least around how to proceed with privileged one.

We finalizing publishing of our IRS filings for the 2016/2017 as per request
of Martin Michlmayr. It is now available under:
https://www.apache.org/foundation/records/

20 Feb 2019 [Roman Shaposhnik]

We've had a lot of discussion on legal-discuss and general@incubator
converging the topic of projects publishing software outside of Apache
infrastructure. We don't believe this is currently clear.

JIRA issues continue to move along (we're down 4, from 28 to 24, open issues
this month).

Henri has offered up some initial brainstorming on our part of the 5 year
plan, the board are very welcome to offer their own thoughts:
https://issues.apache.org/jira/projects/LEGAL/issues/LEGAL-422

Martin Michlmayr reported that we have not published our IRS filings since the
2015/2016 year. Roman has acquired the PDF for the latest filing and is about
to publish it (with ample heads up given to the rest of the board members in
the past few weeks).

16 Jan 2019 [Roman Shaposhnik]

Legal Affairs committee for the past month has been mostly business as usual
with an average number of LEGAL jiras coming in and requiring our attention.
Assistant V.P., Legal Affairs and other members of a legal committee have been
doing excellent job at triaging legal JIRAs and making sure we make progress
on addressing our backlog. We are currently at 28 open (compared to 24 last
month) JIRAs  with the oldest dating back to Jan 2017.

While we seem to be keeping on top of day-to-day issues that come up, it must
be noted that JIRA count is creeping a bit up and a few things that were
expected to be resolved in the month of December and put to rest (e.g. mailing
list structure, binary releases and CCLAs) are still lingering. Hopefully the
month of January will see us getting a few of those across the finish line (I
hope to have a bit more time available to dedicate to making a dent in those).

19 Dec 2018 [Roman Shaposhnik]

Legal Affairs committee for the past month has been mostly business as usual
with an average number of LEGAL jiras coming in and requiring our attention.
Assistant V.P., Legal Affairs and other members of a legal committee have been
doing excellent job at triaging legal JIRAs and making sure we make progress
on addressing our backlog. We are currently at 24 open (compared to 22 last
month) JIRAs  with the oldest dating back to Jan 2017.

VP Brand Management did a really great job keeping committee posted on latest
developments around Common Clause and also keeping our pro-bono counsel in the
loop. There's currently no updates to be shared aside from what is already
reflected on: https://issues.apache.org/jira/browse/LEGAL-402

There's been an active discussion among Legal Committee members about what
configuration of mailing lists and aliases which would best satisfy the goal
of rigorously upholding attorney client privilege.  Consensus on the best
course of action has not yet emerged.

Another useful discussion around official status of convenience binary
releases in the foundation appears to have converged and we hope to suggest
documentation updates based on its results.

21 Nov 2018 [Roman Shaposhnik]

I would like to request board's attention on the CCLA discussion that's been
simmering for a month or so now. There are no other issues that require board
attention at the moment.

Legal Affairs committee for the past month has been mostly business as usual
with an average number of LEGAL jiras coming in and requiring our attention.
Once again, Assistant V.P., Legal Affairs has been doing excellent job at
triaging legal JIRAs and making sure we make progress on addressing our
backlog. We are currently at 22 open JIRAs with the oldest dating back to Jan
2017.

Mark Radcliffe arranged for a meeting with the Intellectual Property Counsel of
a major US corporation that was focused on educating them on the evolution
of Apache License and general ASF's policies around patent trolling.

I've been approached by members of the Silicon Valley VC community involved in
Common Clause discussions seeking to build more of a relationship with ASF.
The initial conversation went well and I expect them to follow up on a
legal-discuss mailing list.

@Board review CCLA discussion on legal-internal and provide input as appropriate

17 Oct 2018 [Roman Shaposhnik / Brett]

There are currently no known legal issues that would require board's
attention.

The transition from Chris to Roman & Henry has been completed this month with
Henry driving much needed work on grooming the backlog of the LEGAL JIRAs and
working on the ones that started to get a little stale.

As part of the transition we had a con call with Mark Radcliffe and David
Gross from DLA Piper with Roman and Chris present from the ASF side. Mark
mostly elaborated on the current state of things but also reiterated a few
points that resulted in legal-discuss thread around ICLA vs CCLA policies.

We see usual amount (roughly a couple per week) of Q&A happening on the legal
mailing list and LEGAL jira.

Roman and Henri have been assigned to lead "ASF Services - Legal" section in
the 5 years plan.

19 Sep 2018 [Chris Mattmann / Phil]

 We're moving ahead with the plan proposed last month:
 1. Create an Assistant VP, Legal position and nominate Henri
 Yandell
  to this position.

 2. Appoint Roman Shaposhnik to a position of Vice President, Legal
 Affairs

Both resolutions have been submitted as separate items for the board
consideration. Huge kudos go to Chris for ensuring smooth transition
and making himself available until the end of 2018.

We see usual amount (roughly a couple per week) of Q&A happening
on the legal mailing list and LEGAL jira. All of these are being
handled with great support from Hen Yandell and others on the Legal
discuss list.

Chris is still working with VP, Infra and the office of Data Privacy
to draft a data privacy plan and set of updates to the ASF mailing
list archival removal policy owned by the infra team.

The only big in-bound item requiring us to formulate an externally
visible response this month is a request from a European Commission
in a Case M.8994 "MICROSOFT / GITHUB" This is being handled in a
timely manner but may require involvement of our legal counsel.

15 Aug 2018 [Chris Mattmann / Roman]

This month I am announcing a transition plan that will round out this calendar
year. I have been in discussion with two ASF members both of which are
interested in transitioning to the VP, Legal role, and both members of the
Legal Committee.

I suggest to the Board the following plan of action:

1. Create an Assistant VP, Legal position. Just as we have an Assistant
 Secretary, Legal issues are rising to the point where having a named
 Assistant VP just makes sense to me and there is definitely interest.

2. The person I am considering nominating for Board consideration for VP,
 Legal becomes available near the end of the calendar year. I recommend
 appointing Assistant VP, Legal before then, at next month's meeting, and
 then ensuring a smooth transition by replacing me in the December 2018
 board meeting with my successor.

Outside of the above, legal questions are getting answers due to an influx of
great support from Hen Yandell and others on the Legal discuss list.

Besides that, VP, Legal is working with VP, Infra and the office of Data
Privacy to draft a data privacy plan and set of updates to the ASF mailing
list archival removal policy owned by the infra team. We are not done yet,
though some progress will be reported in the VP, Data Privacy report this
month.

18 Jul 2018 [Chris Mattmann / Shane]

The traditional legal questions are continuing to be answered on legal-discuss
primarily by members of the community and Legal Committee. These include
questions surrounding what licenses projects can use; how documentation can be
licensed, and so forth.

A big theme over the past month e.g., see LEGAL-383 [1] for an example, is to
have legal input on constructing a data privacy policy for GDPR. VP, Infra has
been involved and we are working with DLA piper and over the last week I
received a long set of privileged guidance that I need to share with VP, Infra
regarding the next steps to take in creating Apache's privacy policy.

What became clear is that the creation of such a policy both a) should not be
limited to GDPR, and likely applies to DCMA and other related privacy
concerns; b) the process is in its own right a separate body of work from
strictly legal concerns; and c) it makes sense to create an officer position
responsible for managing this in tracking with industry, academia, and other
non-profits where data privacy is a big deal. The result is a resolution for
Board consideration to create a separate VP, Data Privacy officer position
reporting to the Board to manage our strategy. Initially Chris, our current
VP, Legal is proposed to staff it, but a replacement will be recruited and
presented for consideration before the end of the CY.

In the meanwhile, Legal, Infra, and data privacy will work hand in hand to
deliver the ASF's policy in this area.



[1] https://issues.apache.org/jira/browse/LEGAL-383

20 Jun 2018 [Chris Mattmann / Rich]

VP, Infra has provided a draft policy for GDPR that we are currently
reviewing. Progress has been slow but I expect in the next month or two to get
something finalized and posted regarding it. Most of the policy shifts the
operational day to day to infra, and appoints VP, Legal as a Data Privacy
officer for strategic review.

Given this, and also our DMCA policy which is extremely similar, I approached
the Board privately about considering the appointment of a VP, Data Privacy,
initially staffed by VP, Legal (me), but after six months, staffed by a new
volunteer, providing an opportunity for growth. It makes sense during this
time and I am willing to commit to doing so, but after six months I won't be
able to fulfill both positions and during that time, considering the wealth of
people chiming in w.r.t things like GDPR and other issues, I think finding
such a volunteer would not prove difficult. So, I specifically request that
the Board consider this officer appointment publicly in next month's meeting -
based on private positive feedback so far.

Discussions on the legal-discuss list are consistently answered in a timely
fashion, mostly by other contributors to the committee and the list.

16 May 2018 [Chris Mattmann / Roman]

Overall a very quiet month.

The Legal Affairs committee responded to an inquiry from the Infrastructure
administrator regarding allowing the capability of PMCs to set the repo:status
information in GitHub through our GitBox tooling. Legal saw no issue with
this.

A discussion surrounding examples of components that have undergone
relicensing from GPL to ALv2 was run to ground with useful help from various
members of the legal committee to the inquirer.

18 Apr 2018 [Chris Mattmann / Bertrand]

A question arose about the redistribution of OpenJDK in Apache projects.
Legal committee members and others on the mailing list provided advice
advising that doing so violates Apache legal policy regarding Category-X
dependencies. The project was informed and moved forward and will not be
redistributing OpenJDK.

A handful of questions about the EU’s GDPR initiative arose including one from
our VP, Infra. After discussions, VP Legal and VP Infra agreed that VP, Infra
will draft a short policy document, and then review with VP, Legal and
eventually post that policy on a public Apache web page. Likely we will employ
a similar tactic as we do with DCMA policy by having a “registered agent”
concept.

A discussion surrounding whether a modified version of the Apache license is
still “the Apache license” arose, and guidance was provided that modifications
to the license, along with naming rights for the license, necessitate changing
the license name if modifying it.

Questions surrounding Software Grants and associated materials provided with
them continue to be ongoing with ASF Secretary and ASF projects. VP, Legal has
Referred the matter to the ASF Secretary for resolution.

21 Mar 2018 [Chris Mattmann]

Despite my original intention to step down, I had a change of heart
and desire to continue as VP, Legal for the near future. I will be
looking over the next 6-12 months for an appropriate candidate if
one emerges to train in the role so there is a smooth transition
when the time is right. Thanks to those who sent words of encouragement
to continue on.

Not a busy month but there were a handful of issues to report on.
In LEGAL-363 [1] we are disussing the use of CC-BY-4.0 HTML and CSS
in Example code. Discussions are ongoing, but based on precedent
this will likely be disallowed.

A question surrounding ASF, copyleft and container images, includes
ongoing discussion about the ability for projects to publish
"official" Apache container releases. Guidance from Legal at this
point is that the ASF only releases source code, and our policy
officially covers that. However, the ASF does allow for binary or
"convenience" artifacts, as unofficial artifacts released by the
PMC. It would seem that Docker containers fall into this area, and
so Legal is unlikely to provide any specific approvals, etc., and
we do not see this as outside of the existing approach to dealing
with binary / convenience artifacts. Guidance was provided to check
with infra regarding the ability to publish to DockerHub.

The committee answered a question regarding an external project
already licensed under the ALv2 and whether it made sense to a)
fork the project; and b) if so, bring the project into the ASF via
the Incubator. Legal committee recommended that the upstream project
determine the situation surrounding the copyright for the existing
code first before continuing the discussion surrounding Apache
incubation. The resolution was provided in LEGAL-367 [2].

Discussion is ongoing in reference to the inclusion of documentation
produced by the Open Grid Forum (OGF) within an Apache project. The
documentation is licensed using the OGF license. The discussion in
LEGAL-369 [3] led to the creation of LEGAL-372 [4] in which their
is a request to categorize the OGF license. That classification is
critical to determine how to proceed in LEGAL-369.

One of our podlings requested a definitive ruling regarding the
necssity of including a list of 3rd party dependencies accompanying
software grants from upstream IP holders. Legal does not believe
these are required, though in the recent past, a company did provide
such a list along with a grant, and Legal saw no problem with its
inclusion. However, the ASF secretary and the podling mentors for
the project in question do not believe that the list is a requirement
- and Legal agrees. The discussion is close to resolution in LEGAL-374
[5].

Finally, a question was quickly answered regarding the use of Jetty
in Apache projects in LEGAL-375 [6].

[1] https://issues.apache.org/jira/browse/LEGAL-363
[2] https://issues.apache.org/jira/browse/LEGAL-367
[3] https://issues.apache.org/jira/browse/LEGAL-369
[4] https://issues.apache.org/jira/browse/LEGAL-372
[5] https://issues.apache.org/jira/browse/LEGAL-374
[6] https://issues.apache.org/jira/browse/LEGAL-375

21 Feb 2018 [Chris Mattmann]

A question regarding the Java Unit of Measure specification JSR-275 version
0.9.3 arose since it was used in versions of two ASF projects: Tika and SIS.
In reading the license for the project, a determination was made that the
dependency is Category-X as described in LEGAL-360 [1]. As described in the
issue, newer versions of SIS use the BSD licensed version of this dependency,
and Tika's master branch now uses this as well. As far as the committee is
concerned, this issue is resolved. The Category-X list on the Legal/Resolved
page should be updated by the meeting or shortly thereafter to reflect this.

In LEGAL-363 [2] a committee proposes to use CC-BY-4.0 HTML and CSS in example
code. A contributor correctly noted that CC-BY-4.0 is Category-B. Discussion
is ongoing with the latest note regarding inclusion in binary form being
acceptable if the HTML and CSS can be packaged that way.

A series of discussions regarding the role of Trademarks and Brand as they
relate to the Legal committee occured as part of the Five Year vision Board
discussion that is ongoing, related to the 5 year budget planning activity.
These discussions led to a number of specific actions taking place.

First, a resolution was dicussed and originally posted in this agenda for
consideration by the Board that made clear that the Legal committee should be
the only committee interacting with our counsel at the ASF.  There were a few
concerns related to the resolution and it became clear that its inclusion at
this point in time was premature.

The Legal Committee recommends that the Board make clear at some future date
either the explicit delegation of Legal authority to speak with counsel to the
Brand committee (and its role in Trademarks) or identify that in fact Brand
(and Trademarks) is part of Legal overall.

As part of this discovery process into the relationship between Legal and
Brand/Trademarks, VP, Legal met with two lawyers - one external offering
(potentially volunteer) help - and also a meeting with our pro bono counsel to
receive recommendations about managing our Trademark portfolio. Both of these
meetings generated quite a bit of notes which were summarized and passed along
to trademarks@, operations@ and board@.

Please note a resolution to cull the members of the Legal Affairs committee
to those that responded to my opt-in request earlier to legal-internal@ and
to those actively participating. I am also proposing to add Shane Curcuru and
Mark Thomas to the committee - both - as members of the Brand Committee and
Trademarks are involved in Legal issues and having them vested as full members
of the Legal committee makes sense in this regard. I have consulted with both
of them prior to including the resolution.

Finally, I am making the announcement that I will be stepping down from the
position of VP, Legal after the upcoming Apache members meeting. Thank you for
the opportunity to be VP Legal. I plan on filing one last report last month
before officially resigning.


[1] https://issues.apache.org/jira/browse/LEGAL-360
[2] https://issues.apache.org/jira/browse/LEGAL-363

17 Jan 2018 [Chris Mattmann]

The monthly was pretty quiet, as expected since it included the Winter
holidays for many.

Discussion surrounding ECCNs for Cassandra and Kafka was initiated in
LEGAL-358 [1]. Apparently the page for a.o/licenses/exports/ did not include
entries for those projects. So far the Apache Cassandra PMC has responded with
the required updates to the page but we are still waiting for the Apache Kafka
PMC to reply. David Nalley suggested we may want to revisit our policies for
recording ECCNs. Legal advises the Board that the relevant committee
(Security? Infra?) may want to consider this.

A question regarding commercial use and attribution of ASF software was raised
and replied to by members of the Legal committee and list.

Two active threads regarding the proper location of attributions and notices
(LICENSE or NOTICE files) continues on the legal-discuss list.  No definitive
conclusions have been arrived at, but the discussions have proven quite
valuable to those participating.

[1] https://issues.apache.org/jira/browse/LEGAL-358

20 Dec 2017 [Chris Mattmann]

Over the last month, activity slowed down a bit.

The Committee provided guidance regarding how best to include Apache license
headers in source code repositories, as explained in LEGAL-346 [1].

A contributor brought a question to the Legal PMC regarding whether or not UML
models may themselves be produced under the ALv2. The committee provided
guidance that ALv2 is allowed not just for code, but for data and models as
well, as indicated in LEGAL-351 [2].

An ASF project was concerned about the use of a dependency licensed under the
JSON-lib license, and per guidance provided in the cited thread (LEGAL-349
[3]), the project decided that the particular dependency needed to be replaced
with an alternative.

Another dependency related question, this time whether or not a dependency
licensed under BSD-3 with nuclear clause could be distributed along with an
Apache project was resolved in LEGAL-304 [4].

The EPL 2.0 license was added to Category-B in LEGAL-335 [5].


[1] https://issues.apache.org/jira/browse/LEGAL-346
[2] https://issues.apache.org/jira/browse/LEGAL-351
[3] https://issues.apache.org/jira/browse/LEGAL-349
[4] https://issues.apache.org/jira/browse/LEGAL-304
[5] https://issues.apache.org/jira/browse/LEGAL-335

15 Nov 2017 [Chris Mattmann]

The month began with discussion surrounding fair use of files used
in our projects, e.g., open image files, or scans of text from the
web. Though no broad policy updates emerged, the parties in discussion
received the feedback needed from the Legal committee to move on
with their efforts as described in LEGAL-331 [1] and LEGAL-332 [2].

A new top level project (TLP) wanted Legal's opinion in the
construction of its new website as to whether or not design files
licensed commercially (and not under the ALv2) would affect their
use on the website. Legal provided guidance that this was acceptable
in this specific case, but further requests similar to this would
need to be evaluated on their own merits. More information on the
discussion can be found in [3] and in LEGAL-341 [4].

An ASF and Legal Committee member raised discussion surrounding
replacing our CLA with DCO+ALv2 as described in [5]. Several other
members chimed in and the overall consensus was that our ICLAs are
working out just fine since they are a direct pre-requisite to
having ASF accounts and thus there is a community benefit of having
an ICLA on file should contributors be invited as committers or PMC
members to ASF projects.

The question of what metrics can be recorded in ASF projects w.r.t.
downloads and user information related to them incepted a spirited
discussion. Pointers were made to infra policy and infra members
including the Infra Admin provided guidance in the thread.


[1] https://issues.apache.org/jira/browse/LEGAL-331
[2] https://issues.apache.org/jira/browse/LEGAL-332
[3] https://s.apache.org/YwMN
[4] https://issues.apache.org/jira/browse/LEGAL-341
[5] https://s.apache.org/0NzX

18 Oct 2017 [Chris Mattmann]

This month, I began an effort to cull membership to our legal-internal
list which was at 84 members, and is currently at 15 members. The
criteria for inclusion in the culling was that the membership of
the list consist of the Legal PMC, Legal VP, our pro bono counsel,
and the criteria was expanded to include ASF directors & officers
who “opted in”, and three ASF members who had been longtime Legal
contributors who requested to opt-in as well.

Shortly after the last Board meeting on 9/22/17, Facebook made a
decision to relicense the React.js framework to the MIT license
[1]. This opened up the ability for its inclusion in Apache projects.
In particular, the initial LEGAL-319 [2] issue raised by Joan Touzet
for the use of React in the Apache CouchDB project and moreover for
all Apache projects was resolved and the library can be used with
React version 16+.

There were questions surrounding the ability to import the entire
VCS history of donated software that was previously licensed under
GPLv3, per LEGAL-331 [3].  Per the discussion in that issue, there
is not a problem with importing that history, however, the important
thing is to go through the provenance of the code once Imported,
and make sure that the code that the PMC releases complies with our
legal and release policies and dependency guidance per the
legal/resolved page.  A side issue arose out of this discussion
relating to whether or not images included in said prior VCS history
that were imported were useable under fair use, as specified in
LEGAL-332 [4]. The answer to that question per Legal policy is that
such use is disallowed as outlined in the comments of LEGAL-332.

A spirited discussion was raised regarding the terms of use of the
Central repository and whether they were incompatible with the
Apache License, version 2 [5]. The recommendation from Legal is
that the ASF does not have concerns about PMCs using the Central
repo as an unofficial distribution channel relating to ASF products.
Any concerns about the use of downstream unofficial distribution
channels for ASF code should be brought up with the owners of those
channels specifically.

The Universal Permissive License 1.0 was added to the Category A
list [6].


[1] https://s.apache.org/1XaT
[2] https://issues.apache.org/jira/browse/LEGAL-319
[3] https://issues.apache.org/jira/browse/LEGAL-331
[4] https://issues.apache.org/jira/browse/LEGAL-332
[5] https://issues.apache.org/jira/browse/LEGAL-333
[6] https://issues.apache.org/jira/browse/LEGAL-326

Shane points out that while the use of Maven central may not be a legal issue, it could very well be a foundation issue. This will be pursued on other lists.

20 Sep 2017 [Chris Mattmann]

Facebook decided against changing the license of the React.js
framework [1] and as such React.js is not useable in any Apache
projects per Legal's original guidance and transition period.
Projects should have no dependencies on React.js. Questions should be
directed to legal-discuss@ and/or to the LEGAL JIRA system [2].

Eclipse released the Eclipse Public License v2.0, and a discussion
thread was raised wondering whether Apache legal had any comment.
At this point in time, there are no comments, and there has not be
a classification of EPLv2.0 in the Apache legal/resolved.html
classification system.

There was some confusion regarding a software grant from an external
company regarding an explicit list of third party dependencies
identified in the regular grant form. Confusion about the grant,
and information about the project is described in LEGAL-327 [3].
The resolution to this issue was that Legal told the project to go
ahead and accept the software grant and then in the future to work
with the upstream donating entity to remove such information from
future grants.

Additional conversation surrounding LEGAL-327 and Legal's role in
Incubator software grants, etc., led to the development and addition
of information on the Whimsy Roster Chart for VP, Legal [4]. The
additional information describes the process for interacting with
VP Legal, our Pro Bono Counsel and the mailing lists surrounding
them.

Other traditional legal questions (about whether License X can be
included in project Y, etc.) are being answered slowly and usually
in the order received.


[1] https://s.apache.org/k3Aj
[2] https://issues.apache.org/jira/browse/LEGAL
[3] https://issues.apache.org/jira/browse/LEGAL-327
[4] https://whimsy.apache.org/roster/orgchart/vp-legal

16 Aug 2017 [Chris Mattmann]

A handful of issues highlight the report this month.

First, Facebook changed the license on RocksDB to dual-licensed
ALv2 and GPLv2 [1]. As such Legal has updated the Legal/resolved
page [2] to reflect this. Despite this specific reclassification
for RocksDB, many Facebook developed projects are still licensed
under the BSD+patents license, and as such several ASF projects
using Facebook dependencies such as BigTop have questions related
to the Facebook BSD+patents license Category-X classification. For
example, BigTop was concerned about packaging code that was licensed
under BSD+patents. Legal's recommendation is not to include such
code in Apache products as described in LEGAL-322 [3].

The discussion on RocksDB evolved into a discussion of another
popular webapp framework developed by Facebook, ReactJS [4]. Several
ASF projects use React including (but not limited to), CouchDB,
Superset (in the Incubator [5]), and other projects. If ReactJS
continues under the BSD+patents license, Legal's opinion has not
changed, and the license itself is now disallowed in ASF projects.
There is an open GitHub issue and ongoing discussion at Facebook
considering changing the license [4] initially driven by a question
from one of the Apache CouchDB PMC members.

In other news, VP Legal has agreed to take on a role as DCMA agent
for the ASF as described in LEGAL-164 [6].

Other major discussion was surrounding if binary artifacts are
officially part of a release, as asked in LEGAL-323 [7]. Clarification
from Legal is that source code is the only artifact that is actually
released by a PMC, and that existing requirements as specified on
[1] are sufficient, so documentation will not be updated.

A question asking for confirmation that 4-clause BSD being is in
category-X was confirmed.

[1] https://s.apache.org/XWzg
[2] https://www.apache.org/legal/resolved.html
[3] https://issues.apache.org/jira/browse/LEGAL-322
[4] https://s.apache.org/yFHp
[5] https://issues.apache.org/jira/browse/LEGAL-320
[6] https://issues.apache.org/jira/browse/LEGAL-164
[7] https://issues.apache.org/jira/browse/LEGAL-323

19 Jul 2017 [Chris Mattmann]

The top level item to report this month is the movement of Facebook's
BSD+patents license to Category-X as documented in LEGAL-303 [1].
We provided a similar transition period as was given during the
JSON license decision arrived at earlier.  The decision has caused
much discussion on Reddit, Hacker News, and there have been a handful
of news articles published about it. Legal requests that discussion
occur on the legal-discuss@a.o list for any follow-ups and there
have been a few already (e.g., from Hadoop, and other projects).

Other legal questions are being answered as quickly as possible.
There have been a few decisions related to the use of data to train
models in Apache projects.  In LEGAL-313 [2], we decided to disallow
use of the Amazon Fine Food Reviews Dataset in Apache Projects,
whereas in LEGAL-309 [3] we decided to allow use of the Universal
Dependencies (UD) datasets to train models for Apache OpenNLP whereas
in LEGAL-317 [4] we affirmed prior discussion that OntoNotes corpus
data and LDC data are not useable in Apache projects.

Ongoing discussion also revolves around the use of system dependencies,
e.g., autoconf generated header files as in LEGAL-300 [5], and header
files licensed under LGPL in LEGAL-316 [6].

Another question raised this month is Legal's opinion on the
collection of usage statistics during running/execution of ASF
products, e.g., collecting anonymous usage data when code is running.
Discussion is ongoing.

In LEGAL-164 [7] the issue of Apache deriving a DCMA Safe Harbor policy
was revisited by Kevin McGrail. Discussion is ongoing.

[1] https://issues.apache.org/jira/browse/LEGAL-303
[2] https://issues.apache.org/jira/browse/LEGAL-313
[3] https://issues.apache.org/jira/browse/LEGAL-309
[4] https://issues.apache.org/jira/browse/LEGAL-317
[5] https://issues.apache.org/jira/browse/LEGAL-300
[6] https://issues.apache.org/jira/browse/LEGAL-316
[7] https://issues.apache.org/jira/browse/LEGAL-164

21 Jun 2017

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following contributor be
 added as a Legal Affairs Committee member:

 Roman Shaposhnik <rvs@apache.org>

 Special Order 7H, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

21 Jun 2017 [Chris Mattmann]

There have been a variety of license related questions, some policy
related questions that added a license to Category-X on our resolved
page, an issue related to a separate project on Github using a
license it dubbed "Modified Apache 2.0 License", and an issue related
to whether or not a project is able to use training data licensed
under various licenses to produce new ALv2 NLP models trained on
that data. There were also questions regarding if an ASF project
could build code generation tools that were used to generate non
ALv2 and/or permissively licensed code (e.g., GPL). And finally
there was a question regarding using sample data licensed under CC0
/ Public Domain as unit testing/acceptance testing data in one of
our projects.

In addition, there was a request from the IPMC to absolve it from
the requirement of performing/managing IP clearances for projects.
Legal has decided that the IPMC is the correct place for these
clearances to continue.

In the past month, the grace period for removing software using the
JSON license from Apache products has expired, and Legal notified
PMCs of this expiration.

A PMC was found to be rerouting release oriented user data to an
external third party site. The ASF Infra Admin and infra stepped
in, along with others to rectify this situation by the ASF taking
control of the third party site domain, and working with the PMC
to make sure everything is happening on ASF servers. Legal has no
concerns with this resolution.

Legal is proposing the addition of a new member to its committee
via resolution.

More information on relevant tickets to this report is provided
below.

* LEGAL-303 RocksDB Integrations
* LEGAL-313 Use of CC0: Public
Domain License data
* LEGAL-310 Handling of IP Clearance for
non-incubating projects
* Re: JRuby bundling LGPL prior to version
9.1.9.0

17 May 2017 [Marvin Humphrey]

A report was expected, but not received

19 Apr 2017 [Marvin Humphrey / Mark]

The business of addressing straightforward licensing inquiries continues as
usual.

It may be time to review our ECCN procedures.  Some inquiries have gone
unanswered and some out-of-date documentation has been flagged.

15 Mar 2017 [Marvin Humphrey]

After considerable debate, the ACE license has been added to "Category
A".  It is a BSD-style license with extra verbiage describing the ACE
project's history; no concerns have been voiced that the extra verbiage
materially changes the meaning of the license.

An earlier recommendation resolving a complex licensing issue with the
Incubator podling MADlib was reaffirmed.

27 Feb 2017

Change the Apache Vice President of Legal Affairs

 WHEREAS, the Board of Directors heretofore appointed Jim Jagielski to
 the office of Vice President, Legal Affairs, and

 WHEREAS, the Board of Directors is in receipt of the resignation of
 Jim Jagielski from the office of Vice President, Legal Affairs, and

 WHEREAS, Jim Jagielski has recommended Marvin Humphrey as the
 successor to the post;

 NOW, THEREFORE, BE IT RESOLVED, that Jim Jagielski is relieved and
 discharged from the duties and responsibilities of the office of Vice
 President, Legal Affairs, and

 BE IT FURTHER RESOLVED, that Marvin Humphrey be and hereby is
 appointed to the office of Vice President, Legal Affairs, to serve in
 accordance with and subject to the direction of the Board of Directors
 and the Bylaws of the Foundation until death, resignation, retirement,
 removal or disqualification, or until a successor is appointed.

 Special Order 7E, Change the Apache Vice President of Legal
 Affairs, was approved by Unanimous Vote of the directors
 present.

27 Feb 2017 [Jim Jagielski]

Some discussions regarding whether or not a project can depend on a
codebase with a non-OSI/FSF approved license currently not in the Cat-A
classification. My opinion is that we want our software to be used and
consumed with as little fuss and muss as possible, and a dependency on a
non-OSI approved license is a detriment to that philosophy. Also, it
implies that the ASF is in the business of determining what is, and is
not, OSD compliant. My point in that regard is that that is NOT the ASF's
job; it is clearly one of the key functions of OSI, and always has been.
This is somewhat of a "hard-line" approach, and the board should be
aware of this.

It appears that this is not a popular point-of-view and that others
disagree. I cannot in good conscious agree with a decision and
an action in which we, basically, become authorities on what does
and what does not comply with the OSD. As such, I tender my resignation
and ask the board to assign a replacement at this meeting.

18 Jan 2017 [Jim Jagielski]

Our reclassification of the JSON License to CatX received quite
a bit of external notice, from entries on LWN to Richard Fontana's
"7 notable legal developments" article[1].

Nothing requiring board attention at this time.

1. https://opensource.com/article/17/1/yearbook-7-notable-legal-developments-2016

21 Dec 2016 [Jim Jagielski]

Clarification and decision on JSON License, with mandate
provided to projects regarding usage of said artifacts.

No other issues requiring board attention.

16 Nov 2016 [Jim Jagielski]

During the last month, 2 items of note were discussed and resolved.
First was the categorization of the JSON "Don't Be Evil" license
and the other was related to the NetBeans Incubation Proposal.
Regarding the former, it was decided that the JSON license,
not, by definition, being an "open source license" (since it is
not approved by OSI) is, in fact, CatX. Regarding the latter,
the difference between hard and soft depedencies were further
clarified.

No issues requiring board attention.

19 Oct 2016 [Jim Jagielski]

Nothing requiring board attention at this time.

Jim confirms that he plans to continue on in the Legal Affairs role.

21 Sep 2016 [Jim Jagielski]

Kudos to Henri Yandell for working towards clearing out the Legal
JIRA issues.

Some clarifications regarding SGAs, CCLAs and iCLAS but otherwise
nothing of further significance to report.

Nothing requiring board attention at this time.

17 Aug 2016 [Jim Jagielski]

Nothing requiring board attention at this time.

20 Jul 2016 [Jim Jagielski]

There has been an ongoing discussion regarding the usage of Github repos as
the "official" source of ASF project codebases (source code), and the
requirements, conditions, issues and concerns there-of.

Speaking as the VP of Legal Affairs, I am quite happy with how this is handled
via the MATT "experiment", but there is concern that this is not sufficient
(ie: projects are not quite satisfied with it and would prefer the unfiltered
and unencumbered full Github process) as well as the "costs" of supporting
this effort as it relates to Infra- structure resources.

We have also been made aware of an external patent troll case which is related
to one of our projects; The PMC has been contacted
but, as of this date, no response has been forth-coming. I plan to bug them
again this week.

At present there are no issues requiring board attention.

15 Jun 2016 [Jim Jagielski]

Some discussions regarding license compatibility, specifically
related to OpenSSL dependency, and the official release process.

No issues requiring board attention.

18 May 2016 [Jim Jagielski]

Nothing to report this month.

20 Apr 2016 [Jim Jagielski]

JIRA issues continue to be addressed with support from the
entire team. I have had some emails related to questions about
our iCLAs and CCLAs regarding clarification of intent. Have had
issues related to scheduling for one specific entity
to address their questions and concerns.

No issues requiring board attention.

16 Mar 2016 [Jim Jagielski]

Confirmed with counsel that our bylaws, and our usage and interpretation
regarding majority, are correct and require no change. Specifically,
Section 3.9 of the bylaws tracks the relevant Delaware law (Section 215).
The bylaws take the traditional approach to voting that once you have a
quorum, the action of the members is determined by a vote of the members
present. For example, a "majority" is a majority of votes cast (where
one can ignore Abstain, ie: "more Yes than No"). 2/3rds is handled the
same way. Once we have a quorum, the action *of the quorum* is an action
of the membership.

There are no issues requiring board attention.

17 Feb 2016 [Jim Jagielski]

Contacted legal counsel regarding bylaws clarification and possible
editing, if required; currently still in process.

No issues requiring board attention at this time.

20 Jan 2016 [Jim Jagielski]

Relatively slow month. Some minor questions asked and answered on
the legal lists. Currently working a just-recently-discovered license
non- compliance issue related to a fork of one of our projects. Our
pro-bono counsel has been contacted regarding review of our bylaws, and
proposed changes (if necessary) to clarify how to apply "two-thirds
majority" when counting votes. As a reminder, currently we use the
'two thirds of cast votes' majority interpretation.

16 Dec 2015

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following contributor be
 added as a Legal Affairs Committee member:

    Marvin Humphrey <marvin@apache.org>

 Special Order 7B, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

16 Dec 2015 [Jim Jagielski]

As noted in last month's report, the official ASF release policy was
ratified and published, and can be found at:

 https://www.apache.org/legal/release-policy.html

Thanks to all who helped.

On a non-legal list, someone asked about the possibility of submitting
a modified SGA. They were asked to refer the question to the legal lists
but, as of this writing, I have not seen the query.

There are no items requiring board attention.

18 Nov 2015 [Jim Jagielski]

A busy month for me personally, which has affected the timing of
some Legal Affairs items. Of primary importance is that I am
letting the board know that post-meeting, my plan is to officially
accept the draft release policy (http://www.apache.org/dev/release-draft.html).
I also anticipate increased legal activity around the proposed
version control policy as well.

We received a request for immediate takedown of an email message on
one of the Tomcat mailing lists; it was not approved since it does not
fall within the exceptional circumstances criteria in:

 http://www.apache.org/foundation/public-archives.html

We also received another subpoena this month, this one directed to Ross
and related to "Data Engine Technologies LLC vs IBM" (6:13-cv-00859-LED).
A copy of the above was provided to Ross. I am awaiting direction from Ross
on how he wishes to respond.

21 Oct 2015 [Jim Jagielski]

A formal ASF Release Policy has been drafted and it is in the process of
being reviewed. My expectation is to make it official within a month's
timeframe. Many thanks to Marvin Humphrey for his work in this effort.

JIRA tickets continue to be closed.

I will be working with our legal counsel regarding the proposed
Bylaws update regarding the 2/3rds majority question.

No issues requiring board attention.

16 Sep 2015 [Jim Jagielski]

A formal ASF Release Policy has been drafted; it is in the process of being
reviewed. In addition, clarification on the ASF's non-release licensing
policy has also been discussed and clarified on the legal-discuss@
mailing list.

JIRA tickets continue to be closed.

Our legal council was engaged to help us with drafting a set of
emails; the pertinent matter has since been closed.

No issues requiring board attention.

19 Aug 2015 [Jim Jagielski]

Will provide a verbal report.

Jim provided a verbal report.

Open JIRA count is down significantly, due in a large part to the efforts of Henri Yandell.

Special order 7G and the Discussion Items will cover actions being taken to restore order to the legal discuss mailing list.

15 Jul 2015 [Jim Jagielski]

Nothing requiring board attention.

17 Jun 2015 [Jim Jagielski]

An active month, as measured by mailing list and JIRA activity, but nothing
that requires board attention or action at this time.

20 May 2015 [Jim Jagielski]

JIRA issues continue to be tracked and closed as appropriate; special
thanks goes to Henri Yandell. Some discussions but nothing requiring
board attention at this time.

22 Apr 2015 [Jim Jagielski]

The draft of the privacy policy is still being reviewed; the DMCA policy
is (still) being drafted. Numerous JIRA items have been closed. A dis-
cussion regarding online submission of (i)CLAs has started, in cooperation
with the Operations team.

The question of whether or not the ASF could use Github as the canonical and
official repo for any ASF project was asked: the decision of VP Legal is
that the unavailability of the push logs from Github results in an increased
risk to our developers and end-users, and would make the consumption of, or
leverage of, ASF projects by end-users a more difficult proposition due to
the ASF not being able to completely and independently verify and perform
the required IP provenance of our released code. A blog post and/or JIRA
ticket, to further make this policy decision more known, is likely.

No issues requiring board attention at this time.

18 Mar 2015 [Jim Jagielski]

There has been some discussion regarding adding a formal DMCA and
privacy policy to complement our existing mailing list policy. A draft
of the privacy policy is available and is being reviewed, and a DMCA
policy is being drafted.

No issues requiring board attention at this time.

18 Feb 2015 [Jim Jagielski]

The ASF was subpoenaed to provide documents and testimony related to
U.S. Patent No. 6,691,302. I provided URLs for our mailing list archive
and our release archive and provided testimony related to our release
guidelines and procedures, especially as related to Apache httpd, mod_perl
and ApacheJserv.

No items requiring board attention at this time.

21 Jan 2015 [Jim Jagielski]

There was some discussion regarding cleaning-up our external documentation,
regarding 3rd party license capability and ensuring that people are directed
to the latest official policies; This effort is in the process of being
completed.

JIRA-based issues are being handled as required.

Nothing at this time for board action.

17 Dec 2014 [Jim Jagielski]

I presented at the Practicing Law Institute (PLI) last week during
their "Open Source" training session; my topic was related to open
source communities. There were also other topics regarding patents,
ethics, etc that were useful and interesting.

Nothing at this time for board action.

19 Nov 2014 [Jim Jagielski]

A few questions regarding usage of the Apache iCLA and external licenses
were asked and answered. I will be speaking at the PLI Open Source and Free
Software 2014 event in San Francisco on Dec. 10th. Discussions regarding
the TCK issues have been rebooted.

No issues requiring board attention or action at this time.

15 Oct 2014 [Jim Jagielski]

A relatively typical month with no issues or actions required by the board.

No progress on the TCK issue.

17 Sep 2014 [Jim Jagielski]

A relatively typical month with no issues or actions required by the board.

One item of note was discussed during the last 4 weeks. It was the
recurring thread regarding modifying the CLAs for cases where there
is no copyright (the typical example is code from/by US Federal
Government employees). It was explained that (1) this has already
been addressed, both by the ASF and several government agencies that
such modification is not required and (2) regardless of whether copyright
exists within the US or not, it doesn't affect its existence outside
of the US, and the CLAs are designed to be valid in the larger, world-wide
arena. This should likely become a FAQ (if it isn't already).

20 Aug 2014 [Jim Jagielski]

A relatively typical month with no issues or actions required by the board.

Two issues of note have popped up during the last few weeks, and the intent
is to reach consensus and closure in short order. The 1st has to do with
the exclusivity requirement of the Apple App Store, and how it affects
official distribution of Apache software via that vehicle. The second is a
relatively recent thread regarding an individual taking ASF code and simply
relicensing it, and whether that is legal or not. It has been explained
that as long as the conditions of the ALv2 are followed, relicensing is
allowed.

16 Jul 2014 [Jim Jagielski]

Nothing of note to report.

18 Jun 2014 [Jim Jagielski]

Most of the activity the last month has been in discussions related
to the legal and ASF-wide policy aspects related to our release
process. One interesting "topic" of the discussion is who "owns"
the release policy; for the time being, this is still being considered
a Legal Affairs discussion, at least.

Due to the relatively low-turnout, quorum-wise, of last month's members
meeting, there has also been discussion around the reason for a required
quorum, how it is (or should be) counted, and the sections of the bylaws
which could (or should) be altered to reflect any changes. At present,
there are no recommendations to be provided to the board.

Overall, there are no issues requiring board attention or concern.

21 May 2014 [Jim Jagielski]

Nothing of note to report this month. Work on TCK clarification and
iCLA "compatibility" with "public domain" software and the US government
are ongoing.

16 Apr 2014 [Jim Jagielski]

Due to a new pluggable transparent mechanism allowing users to store
certain columns in RDBMS in an encrypted form, Apache Cayenne was
required to classify themselves in order to compliant with US export
regulations.  Unfortunately, the ASF crypto page has been "outdated"
for awhile concerning the new process; I advised them to continue with
the old process but I will work on updating the page to reflect the
current required (and hopefully more streamlined) process.

There was a long, but useful thread regarding the iCLA and its applicability
with non-copyrighted material (usually since the creator is a US government
employee). The end-result is the general consensus that this is a non-
issue.

JIRA questions are being handled in a timely fashion.

No open issues requiring board attention.

19 Mar 2014 [Jim Jagielski]

Somewhat slow but steady stream of posts with the one regarding "why is LGPL
on the Not Allowed List" receiving the honor of most posts. There is nothing
that requires board attention at this time

19 Feb 2014 [Jim Jagielski]

Relatively slow but steady month. No progress yet on Creative Commons
(CC-BY 4.0) issue. Geir has offered to help regarding conversations
with Oracle related to TCK access (renewals as well as new ones).
We are operating under the understanding that we still can test against
expired TCKs in the meantime.

15 Jan 2014 [Jim Jagielski]

The discussion regarding the suitability of Creative Commons CC-BY 4.0 as a
Category A license is still on hold as we await the availability of the CC
General Counsel. FWIW, this issue can be seen as a continuation of, or
offshoot of, https://issues.apache.org/jira/browse/LEGAL-167.

Mark Thomas proposed a directed question regarding the ability for ASF PMCs
to continue to use, and validate against, expired TCKs. Upon reading the TCK
agreement, Section 10.3 appears to explicitly allow for such continued use
assuming we abide by all other conditions of the agreement, which does not
appear to be an issue. I have asked for our pro-bono legal counsel to verify
and comment. So far, we have not rec'd a response, so we are continuing to
act based on our understanding that such continued use is OK.

18 Dec 2013 [Jim Jagielski]

The transition from Sam as VP Legal to myself is progressing smoothly.
Once again, Thanks to Sam for his work in the this role the many years.

There was a spirited but enlightening discussion regarding the suitable
of Creative Commons CC-BY 4.0 as a Category A license (as related to
usability with, and capability with, the ALv2). It was agreed that the
discussion had reached the end of its usefullness without further feedback
or guidance by Creative Commons, as to their intents behind the license
and how it relates to commercial redistribution. We are reaching out to
the CC General Counsel for further information; due to her unavailability
while attending a conference/seminar, I don't anticipate an update until
January. FWIW, this issue can be seen as a continuation of, or offshoot of,
https://issues.apache.org/jira/browse/LEGAL-167.

Mark Thomas proposed a directed question regarding the ability for
ASF PMCs to continue to use, and validate against, expired TCKs. Upon
reading the TCK agreement, Section 10.3 appears to explicitly allow for
such continued use assuming we abide by all other conditions of the
agreement, which does not appear to be an issue. I have asked for our
pro-bono legal counsel to verify and comment.

20 Nov 2013

Change the Apache Vice President of Legal Affairs

 WHEREAS, the Board of Directors heretofore appointed Sam Ruby to the
 office of Vice President, Legal Affairs, and

 WHEREAS, the Board of Directors is in receipt of the resignation of
 Sam Ruby from the office of Vice President, Legal Affairs, and

 WHEREAS, Sam Ruby has recommended Jim Jagielski as the successor to
 the post;

 NOW, THEREFORE, BE IT RESOLVED, that Sam Ruby is relieved and
 discharged from the duties and responsibilities of the office of Vice
 President, Legal Affairs, and

 BE IT FURTHER RESOLVED, that Jim Jagielski be and hereby is appointed
 to the office of Vice President, Legal Affairs, to serve in
 accordance with and subject to the direction of the Board of
 Directors and the Bylaws of the Foundation until death, resignation,
 retirement, removal or disqualification, or until a successor is
 appointed.

 Special Order 7B, Change the Apache Vice President of Legal
 Affairs, was approved by Unanimous Vote of the directors
 present.

20 Nov 2013 [Sam Ruby]

There was a request to classify CC-BY as a category A license, in support
of a W3C HTML WG experiment.  As no ASF projects are known to be affected
by this experiment, this request was resolved as Not A Problem.  In the
process, the entire Third Party Licensing Policy was called into question.
I thank everybody who helped resolve this.

Notable other discussions:

ODC-By was approved for use by VXQuery.

Distribution by ASF PMCs of ASF Projects as iOS Applications is stalled by an
Apple imposed requirement that precludes other distributions.

After over five years as VP, Legal Affairs I have decided to step down and
recommend Jim Jagielski as my replacement.

16 Oct 2013 [Sam Ruby]

A report was expected, but not received

18 Sep 2013 [Sam Ruby]

A report was expected, but not received

21 Aug 2013 [Sam Ruby]

Relatively routine month, nothing requiring board attention.  Thanks go out to
Jim Jagielski for monitoring the lists while I was on vacation.

Notable discussions:

By an overwhelming vote, the Legal Affairs Committee declined to add a
requirement for a copyright notice in source headers.  In theory this should
have unblocked the short form header discussion (LEGAL-172), but for the
moment it seems to have derailed it instead.  Hopefully this will restart
soon.

There is interest by Cordova and others to distribute code via Apple's App
Store.  At the moment this is waiting on somebody to do the work to find and
take a first pass at analyzing what the terms and conditions would be.

Clerezza wishes to allow users to use Virtuoso JDBC libraries.  These
libraries are made available under a GPL license with a special exception for
JDBC usage.  As it turns out Clerezza does not intend to distribute these
libraries, so there is no concern.

Apache Commons would like to distribute some sample CSV files from the US
government -- files without an obvious copyright.  As there is contact
information provided on the website, the best approach would be to ask for
clarification.

17 Jul 2013 [Sam Ruby]

Busy month.

Carry overs from last month:

* Issue 144: (short version of license headers)
 Despite the previously approved license header not having a copyright
 statement, we have a single individual strongly opposed to approving any new
 versions unless a copyright header is included in every source file that
 contains a license header.  A large number of people have expressed
 strong opposition to any requirement for copyright header to be added to
 every source file.  Sadly, I don't see anybody changing their mind on this
 matter, so this will need to proceed to a vote (the first time I recall this
 happening since I took this position)

* Issue 167 (CC-By license)

 Barring any additional discussion, this license will be moved from Category
 A to Category B.

Notable new discussions:

* Our previous agreements for access to various TCKs has expired, and Oracle
 has provided a new agreement.  This new agreement is not consistent with
 the 2002 side-letter we received from Sun:

 http://jakarta.apache.org/site/sideletter.pdf

 This matter was referred to the SFLC, and they provided this feedback on our
 behalf to Oracle.  Oracle has not yet responded.

* I've forwarded on a review the current the ECCN process to the SFLC to
 see if there needs to be any updates.

* The SFLC is collecting data for a response to the Teradata request made
 to the Hive PMC (see last month's Hive board report for details).

* Whether or not it is permissible to distribute third party binaries which
 are made available under a license that permits distribution but has
 a field of use restriction, a requirement to pay attorney's fees, and
 a requirement to pass on restrictions.

* Similar discussion over shipping in source form third party code that
 fixes a JavaDoc security problem, where the license limited how that
 source could be used.  This request was withdrawn as other, better,
 alternatives were found.

* As the Maven report indicates, the project is currently not complying with
 license header requirements as applied to their test data, but is working on
 building a plan to correct this over time.  Kudos to the Maven PMC for both
 catching this and to committing to build a plan to bring Maven releases into
 compliance.

19 Jun 2013

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following contributor be
 added as a Legal Affairs Committee member:

    Chris Mattmann <mattmann@apache.org>

 Special Order 7E, Update Legal Affairs Committee Membership,
 was approved with 8 votes in favor; Chris Mattman abstained.

19 Jun 2013 [Sam Ruby]

There are two topics of interest this month:

https://issues.apache.org/jira/browse/LEGAL-167:

 During what was originally a routine evaluation of a new version of
 the CC-By license, some restrictions that previously went unnoticed
 in that license were identified.

https://issues.apache.org/jira/browse/LEGAL-114:

 During discussion of a request to reduce the size of legal
 boilerplate accompanying files contained in distributions of Apache
 products, suggestions were made to add a copyright notice.

My request is that discussions regarding the latter matter be referred
to the Legal Affairs committee.

15 May 2013 [Sam Ruby]

Relatively quiet month.  Nothing requiring board attention.

Longest thread involved determining what constitutes a source release.
Impetus was a desire to include third party fonts in svn.  Conclusion was
that these particular fonts were made available under a Category B license
so that they could be made available, but were not the "preferred form for
making modifications" so could not be considered source.

After determining a small number of issues that need to be worked before we
consider signing a new TCK license with Oracle, I had Dan Kulp introduce Aaron
Williamson of the SFLC to discuss these issues with Oracle on our behalf.

Daniel relayed that the agreement expired last year. Update: we got Oracle to create a new agreement and we passed this off to our lawyers, and we identified 5 issues. At this point it is in the lawyers hands. Hopefully by the June board meeting, we will have more information. Action Dan to forward on email to Roy

17 Apr 2013 [Sam Ruby]

Activity is up this month.  Nothing requiring board attention.  Two
highlights:

 * Some general and some specific discussion on takedown notices.  No
   policy changes have been made to date.

 * Review of the TCK contract is proceeding slowly.  We likely will be
   passing the comments received past the SFLC and back to Oracle this
   month.

Takedown requests per DMCA should be sent to VP, Legal Affairs. More discussion on legal internal. Technically the TCK contract has expired but neither side is interested in abandoning the contract.

20 Mar 2013 [Sam Ruby]

A report was expected, but not received

20 Feb 2013 [Sam Ruby]

Extremely quiet month.  Only discussion of note is once best summarized by
Roy's statement: "Obey the license and follow the golden rule".

Upcoming: I plan to spend some time looking into the JCP TCK issues.

16 Jan 2013 [Sam Ruby]

List traffic is up, but remains constructive.

Key topics include license headers, not allowing modification of our
grant agreements, and avoiding adoption or use of Category X licenses
in Apache code.

Export requirements is not resolved; Santuario and Wookie accepted the
recommendation to submit a notification, now Subversion has questions.
I'll keep pinging the SFLC.

19 Dec 2012 [Sam Ruby]

Nothing requiring board attention.  Notable events this month:

A PMC was notified of an alleged ADA violation - the PMC in question seems
to be pursuing this appropriately.

Wookie continues to wait for a potential change to the ASF policy
regarding security notifications.  This hasn't happened, and I don't
recommend that they wait for something that may not happen.  See
comment on this month's Wookie report.  Also:
https://issues.apache.org/jira/browse/LEGAL-148

Trying to find a way forward with Mark Thomas and Daniel Kulp
regarding TCKs.  Nothing to report just yet.

21 Nov 2012 [Sam Ruby]

A fairly quiet month -- both in terms of the number of threads and the
length/"temperature" of each -- nothing to concern the board.  Most topics
concern license compatibility questions.

Aaron Williamson of the SFLC indicated that he will try to get a preliminary
answer to the crypto question by the end of the month.

I've started to work again with Daniel Kulp and Mark Thomas regarding the TCK
issue.  One way or another we should try to wrap this up early next year.

17 Oct 2012

A report was expected, but not received

19 Sep 2012

A report was expected, but not received

15 Aug 2012

A report was expected, but not received

25 Jul 2012

A report was expected, but not received

20 Jun 2012

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following contributor be
 added as a Legal Affairs Committee member:

     Kevan Miller <kevan@apache.org>

 Special Order 7C, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

20 Jun 2012 [Sam Ruby]

A healthy amount of discussion, both in terms of volume and demeanor, occurred
this month.  Notable amongst the normal backdrop of discussions concerning
licenses, notices, and trademarks:

* We are asking the board to add Kevan Miller to the Legal Affairs Committee,
 a board resolution to this affect appears later in the agenda.

* Amazon US expressed an interest in entering Apache OpenOffice into their
 store.  The SFLC is reviewing the contract that Amazon provided.

* Our agreement with Oracle for access to TCKs is expiring, and a legal
 review has been requested.

16 May 2012 [Sam Ruby]

Exceptionally quiet month, only three JIRA showed any notable activity, and no
discussions meriting board attention occurred.

18 Apr 2012 [Sam Ruby]

Once again, we have had a more normal level of activity, with the majority of
discussions being anchored by a handful (more precisely: six) JIRA tickets.

One notable discussion: we confirmed that if PMCs determine that a codebase
has a single author and there is an ICLA in place for that work that they can
allow it to be committed.

21 Mar 2012 [Sam Ruby]

DLA Piper LLP's engagement letter has been signed and filed.  It looks like we
are settling quickly to a split where DLA Piper handles Trademarks affairs,
which means that I likely will treat the SFLC as primary for all other legal
matters.  Of course, this is just the 'default', individual circumstances can
influence this on a case by case basis.

Discussions that the board should be aware of:

 Adobe's RTMP specification license (LEGAL-120).  Not clear yet whether it is
 something we need to worry about, whether or not it amounts to a Field of
 Use restriction.  If the latter, it appears that our intended use is not one
 that would be permitted.

 Aggregation of GPL dictionaries with Apache Open Office was approved
 (LEGAL-117)

 The Army initially determined the Apache License, version 2.0 was
 incompatible with the Antideficiency Act.  They later determined that this
 was not something they needed to worry about.

 Multiple separate conversations about contributions that were previously
 made available elsewhere.  Two easy cases: smallish and self contained
 single author code bases need nothing more than an ICLA from that
 contributor; established projects with multiple contributors need either a
 Software Grant or documentation that identifies how the accepting [P]PMC
 came to the conclusion that all of the contributors have been identified and
 that they have given their approval.  Additionally, larger code bases or
 code bases with multiple contributors will also have to be verified as free
 of unacceptable dependencies.  Ultimately, this may lead to a major update
 to the so-called "Short Form" for Intellectual Property Clearance at the
 Incubator.

All in all, this was an active month in that there were quite a number of
other threads.  Overall these were largely without controversy, and no board
action is required at this time.

15 Feb 2012 [Sam Ruby]

Active month on JIRA and the mailing lists.  No issues for the board.  An
example of the longest thread: Are license headers really mandatory in every
source file?

We have received an offer from DLA Piper's to represent the ASF for
intellectual property and international tax matters.  Their engagement
letter is under final review, and should be signed shortly.

24 Jan 2012 [Sam Ruby]

Mailing list has returned back to quieter times, with the focus being
on JIRA entries.  One such JIRA issue merits calling out:

Legal-177: Aggregation of GPL dictionaries with Apache Open Office is likely
to be approved by the time of this board meeting.

21 Dec 2011 [Sam Ruby]

Most of the productive work of the committee continues via JIRA.  One
item I would specifically call to attention involves the Apache OpenOffice
project shipping GPL dictionaries:

 https://issues.apache.org/jira/browse/LEGAL-117

There was a significant abuse of the legal-internal mailing list.  That
has since quieted down.  Repeated abuses will not be tolerated, and will
result in the individual in question being unsubscribed.  Such an action
will not affect any read-only access that the individual may have via
the web archives, nor even their ability to post - it simply will be the
case that such posts will need to be individually moderated in.

16 Nov 2011 [Sam Ruby]

Much of the activity this month was focused on JIRA: 6 issues created, 5
issues resolved/closed, and 5 others made progress.  Most of the issues
deal with policy questions with respect to license compatibility: i.e.,
questions of the form "is it OK for an ASF project to depend on code made
available under license X?"

Notable discussions:

 ooo wishes to continue to use, maintain, and distribute GPL'ed build
 scripts for the time being; I've asked to see a plan to migrate to
 something else.  If there is a credible plan, I will likely approve a
 time limited transition during incubation.

 Discussion about a user withdrawing permission to include a patch, the
 response to this question was to try to accommodate that request if
 possible.

We discussed the ASF policy of not developing, hosting, and distributing code, even build scripts, under the GPL. Further discussion on this matter is to go to the legal discuss mailing list.

Larry indicated that he will no longer serve as the ASF attorney.

26 Oct 2011 [Sam Ruby]

Typical month with nothing that requires board attention.  Most of
the discussion concerns either OO.o or trademarks (or both).

Notable threads: there was a request to modify the CCLA for NSA, but
ultimately the NSA decided they could sign the CCLA that we have.
There was also a discussion about allowing corporations to opt in to
have their CCLAs listed publicly.  The latter discussion seems to have
died down.

21 Sep 2011 [Sam Ruby]

Back to being a more quiet month.  Longest public threads deal with the ooo
podling exploring under what conditions an ICLA is necessary, and I see no
issues coming out of that thread.

17 Aug 2011 [Sam Ruby]

Largely a quiet month, with most activity related to the recent Open
Office.org donation.  Nothing requiring board action.

Noteworthy discussions:

One concerned the need for IP clearance of code previously developed elsewhere
under an Apache License.  We reminded them of the terms stated in the ICLA and
the traditional Apache position that all contributions are voluntary.  In this
case, the ball is in the Maven PMC's court to determine if they wish to
proceed, and if so, whether they will seek a Software Grant or some sort of
exception.  Thanks go out to Roy for helping in this discussion.

Another concerned the categorization of the Creative Commons Attribution 3.0
Unported license.  We have yet to find consensus on a categorization.  I asked
for specifics as to the module in question, and have yet to hear back.

Finally, there was a discussion about the confusion between Copyright
assignments as some non-ASF projects require and Copyright Licenses which the
ASF requires.  No action has yet been taken.

20 Jul 2011 [Sam Ruby]

Production of documents for the Oracle subpoena is proceeding.

Similar status exists for Google's informal request on the same case.  As
discussed, we are proceeding without requiring a formal subpoena.  At the
present time, Aaron is waiting on some some input from Geir.

We have had one violation of confidentiality where an attorney's email was
forwarded to legal-internal without prior permission.  I've taken steps to
ensure that this does not reoccur.

How to deal with confidentiality is a common theme these days.  Larry Rosen
met privately via teleconfererence to discuss in non-specific terms how to
deal with code that remediates patent infringement concerns.  Larry is also
investigating the current status of the W3C Patent Advisory Group policy.

We have had a request from the defendants in a TQP Development LLC vs Capital
Group Companies complaint.  Larry Rosen and Mark Thomas are following up.
Until we have a published policy on confidentiality that handles these kinds
of discussions, these discussions are generally happening off-list.

Larry continues to work the OpenOffice.org trademark assignment from Oracle,
with input from others.

Karen Sandler has left the SFLC. Aaron Williamson and Justin Colannino will
continue to support the ASF.

15 Jun 2011 [Sam Ruby]

Busy month; major items include responding to the Oracle subpoena and
receiving a software grant from Oracle for OpenOffice.org.  Larry is leading
discussions concerning transferring the associated trademarks.

Aaron is leading the response to the subpoena.  He has produced an initial set
of documents and is still evaluating more, including from board-private.  Whom
we choose to disclose this information to beyond what we are legally required
to do is up to us, and the subject of a sometimes heated debate.

There are clear signs of animosity between some of the participants on legal
internal, and that is inhibiting the use of the mailing list for discussions.
I am taking steps to correct this.

Additionally, we have gotten a similar request for information from Google.
Instead of pursuing a subpoena they have simply made a request.  As we were
not the ones that required Oracle to issue a subpoena, we can simply provide
the requested information or require Google to provide a subpoena.  My
recommendation is that we simply provide the information.

Sadly, Larry has reported that i4i prevailed over Microsoft and the standard
of "clear and convincing" evidence remains the standard of proof required to
invalidate a patent.

Other discussions include Travel/Medical insurance for conference attendees
and how PMCs are to deal with patent claims.

19 May 2011 [Sam Ruby]

The big news is that we received a subpoena from Oracle to supply documents
that may relate to their ongoing litigation with Google.  The SFLC has been
chosen to coordinate the response to this request.  An extension request has
been made and granted.

Next to that, the longest thread on the legal-discuss mailing list involved
a law student trying to get us to provide interpretations in response to
licensing questions.  I'm pleased to report that everybody at the ASF
responded appropriately with suggestions ranging from "get a lawyer" to "go
read a book".

Other threads include historical data relating to various ongoing trademark
issues.

20 Apr 2011 [Sam Ruby]

More discussion than recent months; nothing requiring board attention.

Most significant (both in terms of volume of discussion and in terms of
relevance) is that the ASF legal web site was updated to clarify that ASF
projects may have purely optional dependencies that are not enabled by
default on codebases made available under licenses such as the LGPL.

16 Mar 2011 [Sam Ruby]

Continues to be quiet with no board level issues.

Resolved an issue which allows Derby to proceed with releasing an
implementation of JDBC 4.1.  Some progress has been made on coming to
consensus on releasing a product with optional dependencies, but it is
awaiting somebody to create a suitable patch.

Reviewed Subversion's discussions with WANDisco over trademark compliance.
In general, trademark discussions are trending down.

We continue to get the occasional random request for legal advice for projects
outside of the ASF.  Generally these requests are from individuals.  We
continue to decline to provide such advice.

16 Feb 2011

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following contributor be
 added as a Legal Affairs Committee member:

    Jennifer O'Neill

 This resolution was approved unanimously by roll call vote.

16 Feb 2011 [Sam Ruby]

Another exceedingly quiet month.  No issues for the board.  Primary
activities:

* Larry continues to shepherd the Amicus Brief in Microsoft vs i4i.  Karen
 Sandler also participated.

* Legal review and approval of the efforts to resolve the Subversion/WANdisco
 trademark issues.

* We decided to invite Jennifer O'Neill to participate in the Legal Affairs
 committee.  See resolution 7A in the agenda.

* General support in response to requests from the VP, Brand Management.

* Exploration of Jenkins coming to the ASF.  Feedback was universally
 positive.  It will be up to the developers of Jenkins to decide whether or
 not they wish to pursue this.

* Fielded miscellaneous questions, such as BSD license usage by podlings and
 the conditions under which a project may move externally.

19 Jan 2011 [Sam Ruby]

Discussions even quieter than last month, mostly in support of Trademark
discussions.  Nothing requiring board attention.

A minor revision of the Amicus Brief in support of Microsoft v. i4i re:
burden of proof in invaliding trademarks is in process.  Larry Rosen
continues to lead this effort.

15 Dec 2010 [Sam Ruby]

Extremely quiet month.  No board level issues.

Most of the effort this month went into support for the Branding and JCP VP's.

We have three unrelated efforts where the owners of projects have expressed
an interest in allowing projects here at the ASF based on their work, but
aren't quite in a position where they can sign a CCLA.  We need to work
through the details.

One routine Crypto Notice question was fielded by Larry.

Karen supported Jim with the preparation of the EA contract.

As expected, we haven't spent any of the legal budget so far this year; my
position remains that it makes sense to carry this line item forward as an
authorization to spend without requiring board review.

17 Nov 2010 [Sam Ruby]

Three JIRAs created, zero closed.  Mostly this has been a steady state
(similar number being opened and closed), will watch to see if this is an
anomaly or if we will start to accumulate a backlog.

Larry and Karen fielded some trademark questions.  I'm not seeing any signs
that the split between Branding and Legal Affairs is causing any confusion
(it had in the past).

Miscellaneous discussions include JXTA/JXSE (which uses and older version of
the Apache License) and Fair-use data in SVN.

Much discussion regarding Harmony and the state of the JCP, one concrete
outcome of that was a blog posting entitled "Read Beyond the Headers".

I've not proceeded as promised on expanding the Legal Affairs committee or
documenting processes, mostly due to travel and lack of time.  I still
intend to follow through on this.

Legal Affairs approved of the signing of the agreement with Google regarding
Apache Extras.

20 Oct 2010 [Sam Ruby]

We signed onto the amicus brief to Microsoft's petition to the US Supreme
Court in the Microsoft v. I4I case which was prepared by the EFF.  Special
thanks to Larry for bringing this to our attention and driving this issue.
Based on everything I have seen, our participation has been well received.

As the board has decided not to pursue establishing a General Counsel at this
time, I plan to start the process of documenting the various roles and
responsibilities.  During this process, I will be looking to expand
participation in the Legal Affairs Committee.

Three JIRA issues opened, and three closed this month.  Most significant, JIRA
issue 80 (NTLM Inclusion) was approved.  This previously had been a board
action item.

We've received a request from the TAC to write/review a waiver of medical
liability.

Larry and Sam have been participating in discussions relating to the JCP
contract dispute.  Nothing specific to report at this time.

The Legal Affairs Committee also continues to support the work of the VP of
Brand Management.

22 Sep 2010 [Sam Ruby]

 Progress is being made on addressing the two board level action items:

 https://issues.apache.org/jira/browse/LEGAL-80
 https://issues.apache.org/jira/browse/XALANJ-2438

Microsoft recently filed a petition for certiorari in the US Supreme Court in
the Microsoft v. I4I case.  Larry is pursuing additional information.  The
likely outcome is that we should express our support for Microsoft's petition.

Mozilla has release a draft alpha of MPL 2, which is intended to be Apache
License, Version 2.0 compatible.

Pursuant to our discussion in the F2F board meeting, Larry has put out a call
for additional attorney volunteers.  None of the people identified so far have
participated in legal-discuss to date, which is a bit of a concern, but nobody
has been ruled out.

Absent a General Counsel, we still have the potential problem of "lawyer
shopping".  I'm looking to identity concrete cases of problems when it occurs.
None have been identified since the F2F :-)

Meanwhile, we should be able to mitigate this somewhat by limiting access to
multiple lawyers to the Officers that routinely would have need to access such
resources.  I believe that would be President; VP, Brand Management; and VP,
Legal Affairs.

18 Aug 2010

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software Foundation
 (ASF) expects to better serve its purpose through the periodic update
 of its membership; and

 WHEREAS, the Legal Affairs Committee is a Executive Committee
 whose membership must be approved by Board resolution; and

 WHEREAS, the Board is in receipt of Henri Yandell's resignation
 as a member of the Legal Affairs Committee,

 NOW, THEREFORE, BE IT RESOLVED, that the following ASF member be
 removed from the list of Legal Affairs Committee members:

     Henri Yandell <bayard@apache.org>

 Unanimous approval by roll call vote.

18 Aug 2010 [Sam Ruby]

Exceptionally quiet month, with the exception of one resolution on
today's agenda.

Routine matters dealing with license headers, trademark due diligence,
incorporating public domain code, and verifying that a specific patent is
covered by our license/Jira/ICLA/CCLA processes.

We reaffirmed that we will not accept custom CCLAs from corporations that
are inclined to treat our agreement as a template.

We have begun to discuss the subject of appointing a General Council.

On the subject of Henri's resignation, he will be sorely missed.  It is no
secret that he was a large part of what effectively is a very small community.

Approved by general consent.

21 Jul 2010 [Sam Ruby]

A quiet couple of months.  3 JIRA's opened, 3 closed (one new, two old).

Routine questions just as JSON license, IP clearance, and trademark issues
were discussed.  Nothing meriting board attention.

Larry has suggested that the ASF name a General Counsel, and volunteered for
the task.  I support both suggestions.  Should we adopt the suggestion, a
separate Legal Affairs VP may no longer be needed - we can either retire the
position or simply name the same individual that to that role.

I suggest that we take that up when we name other Executive officers.

16 Jun 2010 [Sam Ruby]

No report this month, next month Sam will provide a report covering the two months.

19 May 2010 [Sam Ruby]

More active than previous months, but still mostly quiet activity.  Two new
JIRA issues, 5 JIRA issues closed, one other JIRA issue worked.  No issues
for the board.

Significant activity supporting Brand Management as it relates to Trademark
Law.  Division of labor between the two efforts seems clear and no conflicts
to report.

Some discussion on what patents would be licensed to the ASF as a result of
contributions covered by ICLAs and CCLAs.  No clarifications resulted from
this discussion.

21 Apr 2010 [Sam Ruby]

Verbal report.

Even more quiet than normal. Only 1 new JIRA, only one other JIRA worked. There appears to be a number of efforts outside of the ASF to come up with a common CLA form.

17 Mar 2010 [Sam Ruby]

Light month.  Two issues closed, two others discussed, and no issues opened.

Larry Rosen signed on behalf of the ASF a petition to the American Law
Institute to release their "Principles of Law of Software Contracts" for free
for review of the constituencies that care about it.

Discussion about documenting a more fine grained organization of the Legal
Affairs committee started and looks likely to peter out.

Initial planning work has begun to increase trademark coordination between the
ASF and Eclipse, impetus being the fact that there are unrelated projects
named Apache Scout and Eclipse Scout. Everything appears cordial.

Initial work has begun at the Mozilla foundation on a revision of the MPL.
One goal of the revision is to make it more obviously one-way compatible
(i.e., allowing Apache Licensed artifacts can be included in MPL licensed code
bases).  The ASF supports this goal.

Yahoo! donated its Trademark registration for the Traffic Server to the ASF.

17 Feb 2010

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software Foundation
 (ASF) expects to better serve its purpose through the periodic update
 of its membership; and

 WHEREAS, the Legal Affairs Committee is a Executive Committee
 whose membership must be approved by Board resolution; and

 WHEREAS, the Board is in receipt of Robert Burrell Donkin's resignation
 as a member of the Legal Affairs Committee,

 NOW, THEREFORE, BE IT RESOLVED, that the following ASF member be
 removed from the list of Legal Affairs Committee members:

     Robert Burrell Donkin <rdonkin@apache.org>

 Special Order 7E, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

17 Feb 2010 [Sam Ruby]

In contrast to last month's blitz, this month saw 3 new JIRAs created and 5
others actively worked on.

We had a lengthy discussion on the advisability of reading patents.

I need to work on getting the XAP incubator site clearly marked as shut down.

I am recommending that the same budget that was present in the FY2009-2010 for
legal expenses be present in the FY2010-2011.  The amount in $2,500.

Trademark discussions continue to bleed over into legal mailing lists, but
this is not a problem, in fact I will suggest that it is less of a problem
now that Trademarks is separately called out from PRC, and Trademarks clearly
have a legal aspect.  In other words, the owner is clear, and Legal plays
a supporting role.

20 Jan 2010 [Sam Ruby]

JIRA: 6 closed, 13 worked on, 0 opened; mostly during a blitz by Henri on
19 December (Thanks Henri!).

Discussions of note:

* Moving Copyright notices (a.k.a. dealing with an uncooperative donor)

* Public Domain (primarily example code)

16 Dec 2009 [Sam Ruby]

All activity this month fairly routine: one new JIRA opened, one closed, and
progress on 5 others.  Assisted the new VP, Brand Management; am monitoring
one potential IP Clearance / Pedigree issue in a Incubator podling.  On the
latter, I'm satisfied that the PPMC is taking the appropriate steps.

18 Nov 2009 [Sam Ruby]

Things are running smoothly, a few items that the board may wish to be aware
of and/or directly participate in:

1) Working with Sonatype to determine how best enable their company to succeed
while preserving the ASF's right to enforce a Trademark on the term Maven.

2) Debate on the suitability of the OWFa specification license within the ASF.
At the moment, this discussion is hypothetical, as the ASF has no codebases
intending to implement specifications under such licenses.  This may become
relevant as this license is being proposed for consideration by the W3C.

3) Early discussions on how to deal with individuals that continue to misuse
our trademarks even after repeated requests.  One result of this discussion
can be found as resolution 7A on today's meeting agenda.

4) ASF Corporation status was renewed by Jim.

5) Richard Hall is coordinating access to the OSGi CT.

21 Oct 2009

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software Foundation
 (ASF) expects to better serve its purpose through the periodic update
 of its membership; and

 WHEREAS, the Legal Affairs Committee is a Executive Committee
 whose membership must be approved by Board resolution; and

 WHEREAS, the Board is in receipt of Niclas Hedhman's resignation as a
 member of the Legal Affairs Committee,

 NOW, THEREFORE, BE IT RESOLVED, that the following ASF member be
 removed from the list of Legal Affairs Committee members:

     Niclas Hedhman        <niclas@apache.org>

 Special Order 7I, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

21 Oct 2009 [Sam Ruby]

Very uneventful month.  One issue created, two discussed.  Mostly dealing with
topics like Artistic and CC-SA licensed materials for tutorials and test data
(e.g., metal Olympics table).

Additionally, the Legal PMC participated in trademark license discussions (in
support of the PRC), and reviewed responses to the EU (in support of the VP,
JCP).

The Legal Affairs Committee is OK with WSRP4J releasing and graduating.

I'd like to thank Niclas Hedhman for his positive contributions during his
membership in the Legal Affairs Committee.  He will be missed.

23 Sep 2009 [Sam Ruby]

Active month (on the order of 4 dozen unique threads), but relatively free
of controversy; certainly nothing requiring board attention.  Most of the
actionable items are occurring on JIRA, with four items created, three closed,
one reopened, and forward progress on four others.

Notable discussions:

Licensing of the feather logo under ALv2 (on request from the PRC), the
recommendation is to (continue?) to license such under the ALv2.

LGPL behind an isolation layer (current position: we will allow the dependency,
but not the ASF distribution of the software)

Received a trademark infringement concern on one of our incubating projects,
I am pursuing it with the podling in question.

Progress is slow but has resumed on resolving the WebCollage and WSRP4J
licensing issue.

19 Aug 2009 [Sam Ruby]

The only issue that merits board attention is the licensing of trademarks.  My
understanding remains that beyond ensuring that the way we license our
trademarks is legal, all policy decisions in this area are the purview of the
PRC.  I've tried to reinforce this a number of times, mostly unsuccessfully.

Very active month, most of it centered around JIRA issues.  By my count, 8
issues were opened and 7 closed; forward progress was made on 18 others.  As a
general rule, this is progressing without controversy; the only issues that
merit highlighting as a potential for a broader review is issue 26 (LICENSE
and NOTICE in SVN) and issue 34 (release voting procedures).

The Legal Affairs Committee provided significant input to Geir's impending
responses to various DOJ and EC requests, and intends to support Geir in
every way.  See the JCP report for more details.

It is hard to characterize the remainder of discussions, they ranged from the
relative merits of the Apache License vs [L]GPL, how to deal with non-ASF
licensed code in JIRA, combining the Apache License with other licenses
ranging from public domain to MPL, and IP clearance.

Sam reiterated his intent to forcibly eject trademark issues off of the legal lists.

15 Jul 2009

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution; and

 WHEREAS, the Legal Affairs Committee is in receipt of William
 Rowe Jr's resignation.

 NOW, THEREFORE, BE IT RESOLVED, that the following ASF member be
 removed as a Legal Affairs Committee member:

    William Rowe Jr <wrowe@apache.org>

 Special Order 7B, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

15 Jul 2009 [Sam Ruby]

At the present time, I don't see any issues needing board attention.

Exceedingly quiet month.  There was a question about the autoconf license
which was addressed by pointing to the resolved list.  There was a discussion
about the license of research papers posted on web sites, which didn't reach a
conclusion.

There were discussions about the Pope's position on Patents, and on the
use of Apache 2.0 by University with patents (the latter was taken off-list).

Jansi (non-ASF tool) is licensed under Apache License with optional dependency on
LGPL, and this kicked off the predictable discussions.  I continue to believe
that such discussions will continue with people taking extreme positions
until and unless such questions are grounded in a tangible request by a PMC
(or podling), at which point I am confident that pragmatism will win.

There were two legal internal discussions that did not result in any concrete
actions being taken.

I'd like to thank Bill Rowe for his positive contributions during his
membership in the Legal Affairs Committee.  He will be missed.

17 Jun 2009

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution; and

 WHEREAS, the Legal Affairs Committee is in receipt of Roy
 Fielding's resignation.

 NOW, THEREFORE, BE IT RESOLVED, that the following ASF members be
 added as Legal Affairs Committee members:

    Niclas Hedhman <niclas@hedhman.org>
    Lawrence Rosen <lrosen@rosenlaw.com>

 BE IT FURTHER RESOLVED, that the following ASF member be removed
 as a Legal Affairs Committee member:

    Roy Fielding <fielding@gbiv.com>

 Special Order 7E, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

17 Jun 2009 [Sam Ruby]

Summary:

* In general, things appear to be progressing smoothly, though I think I see
 the first signs of things that might end up falling through the cracks.
 Will continue to monitor.  See items marked with a (*)

* While I am quite comfortable with the split between the PRC and Legal(and
 Incubator, for that matter) on trademarks, the topic of trademark selection
 and enforcement continues to pop up.  As long as nobody raises any concerns
 about the discussions and no decisions are reached exclusively on legal
 mailing lists, I'm OK with it.

Details:

Larry extended the time (for 6 months) in which the ASF must respond to the
PTO before the SpamAssassin Trademark becomes effective.  He can not proceed
until the website is corrected.

PHP license approved as category A.

GPLv3 license identified as category X.  Statements by the FSF indicating
that the ASF license is "compatible" with GPLv3 was, as predicted, a cause
of confusion.

Pivot decided to continue with their plans to host their Flex BlazeDB demo
outside of the ASF infrastructure given that that code has a dependency on
GPLv3 licensed code.

Henri noted some "dodgy" code in Checkstyle (specifically some Sun specific
Swing code).  The code is available under BSD with 'no nuclear facility'
clause. (*)

General discussion (without providing any legal advice) occurred in response
to a question about establishing another open source non-profit.

We discussed using JIRA for tracking ICLAs.  It wasn't clear what benefit
that provided.

A general question on "reciprocity" with respect to section 5 of our license
was answered.  No change to the license is planned.  The author of the
dictionary in question agreed to provide a copy under the Apache License.

Extensive discussion about improving the release process documentation.
Patches expected to be forthcoming. (*)

CUP Parser Generator license a.k.a. "Standard ML of New Jersey" was reviewed
and thought to be Category A. (*)

General discussion on what 'required notices' meant.  Unsurprisingly, the
answer was 'notices that are required' :-)

A question about using Apache CXF in a GPL licensed codebase was answered by
pointing the ASF and FSF faqs.

General discussion on trademarks (IMHO, bordering on PRC's responsibility,
but as no decisions were made, no harm)

Lengthy discussion (without concrete results) on tagging release candidates
and Java.

A question about ECCN exports was answered by pointing to the web page
describing our export licenses.

A question about binary PDF documents in a release for Apache Stonehenge was
answered.  It involved README vs NOTICE and Copyright vs Trademark
considerations.  Developing more general education and posting it on our
website would be helpful in this area.

General question on the trademark-ability of greek letters.  Delta airlines
seem to have done so.

A question on how we view the Day spec license was asked, without attracting
an answer (*).  It doesn't directly affect Jackrabbit, as Day has a CCLA on
file.

Question (motivated by VCL, but applies to a number of ASF projects) on
whether or not we intend to trademark names that were in use prior to
donation to the ASF.

A few com.sun.* APIs seem to have found their way into effectively becoming
part of standards.  Notes were shared on how to deal with this.

Microsoft Limited Public License was categorized as "X" as it has a field of
use clause.

A TM was added to the Tomcat logo.  Another case that properly is something
the PRC should be concerned with.  When this discussion moved onto the ASF
feather logo, Larry did request that this be continued at the PRC.

PDFBox wishes to include some CJK fonts which are licensed in a way that
does not permit modification.  As it doesn't affect the ability for us to
release our code under our license, this license is thought to be category
B.

Active discussion (incomplete) on copyright and trademark of hosting of
research papers on our site.

Larry dealt with a DMCA notice that was misdirected towards the ASF.

20 May 2009 [Sam Ruby]

No report submitted.

15 Apr 2009 [Sam Ruby]

Another quiet month.  Nothing requiring board attention.  Summary of mailing
list discussions:

ASF Business (topic on first line, summary of resolution on next line):
 Is it OK for Maven to have an optional dependency on svnkit (GPL)?
   - withdrawn
 How does one bring a JSON plugin into the ASF?
   - referred to http://incubator.apache.org/ip-clearance/index.html
 What's the policy on copyright headers (for Pivot)
   - referred to http://www.apache.org/legal/src-headers.html
 Shindig is considering a logo contest question, any advice?
   - a pointer to a related effort (Solr) was provided
 Is it OK to copy Sun JDK source code (GPLv2) into an ASF project?
   - no
 Do donation include trademarks (for VCL)?
   - ask the contributor (NCSU) to make this more explicit
 Is a grant required for a large contribution?
   - No, a ICLA/CCLA is sufficient, but if the contribution is truly large,
     Incubator IP clearance is required.
 Continuing discussion of OASIS OpenCSD XSDs...
   - Tuscany project is proceeding treating these artifacts as read only.

External questions:
 Do forks of ASF projects need to publish source?
   - no
 Follow on: what does prominent notice mean?
   - ask a lawyer
 Know any good IP lawyers? (Not a follow-on)
   - we don't provide such recommendations.

18 Mar 2009 [Sam Ruby]

Active month, nothing requiring board attention beyond a passing mention of
staffing.  Summary:

internal:
 LGPL optional library for testing CouchDB (OK)
 DOM4J (BSD style license, accepted)
 JSR 173 license (replaced with an ALv2 equiv)
 Protocol Buffer License (verified as BSD)
 Unicode data license (ICU: OK)
 MSV license (category X: due to FOU)
 License Headers question (dealing with BSD)
 Question as to when CCLAs are required (QPid)
 OASIS license of XSDs (not separately licensed?)
 OLIO fragment cache license (MIT)
 ICLA required for student under contract? (wouldn't hurt)
 Use of Prolog (the language) (OK)
 Abstract question on documentation (need specifics)

outside:
 Permission to reuse our CLA form itself (granted!)
 Question as to whether the ECCN "conveys" to commercial users (answer:
   exemption may not apply - consult a lawyer)
 General question as to whether ASF code can be sublicensed commercially
   (can and does)
 Hypothetical Discussion between Bruce Perens and Larry Rosen (over my head)

Referred elsewhere:
 Two separate potential violation of an ASF Trademark (to PRC)
 Advice for book authors (to PRC)
 IP-clearance question (to incubator)

18 Feb 2009 [Sam Ruby]

While traffic has picked up from last month, absolutely none of it should be
of any concern to the board.  Brief summary:

 * General questions on public domain and fair use
 * A question about a previously approved license (zlib/libpng)
 * Two questions on IP clearance, one quick and one more involved, both
   forwarded to the incubator
 * A JSR spec contained obsolete licensing terms (Geir quickly dove in)
 * An inquiry on trademark considerations, including the project logo and the
   ASF feather from committers on an ASF project working on a book.
 * An internal discussion on open letters.

The list also attracts questions from users.  While it is not something that
we are set up to do (or, in fact, a service we intend to provide), it has not
proven to be a problem in practice.  Discussions of this nature from the past
month:

 * Request for advice on a project desiring to use the Apache License and
   depend on code licensed under the GPL.
 * A webapp developer asked a question about the MySQL license
 * A developer of an application on sourceforge asked about how to structure
   his LICENSE file given that his project is based on an ASF project
 * A general question about defensive publication as a way to protect against
   patent trolls.
 * A general question on internal use of Apache projects

Sam confirmed that an open list was not a problem at this time, and noted that he is pleased with the sharing of the load; while Henri and Larry take on bigger shares than most (thanks!), nobody dominates and plenty of people contribute..

21 Jan 2009 [Sam Ruby]

Very quiet month, nothing requiring board attention.  Highlights:

Naming discussion on JSecurity.  Probably would not have given approval to
that name in the first place, but given that the name has been in use for
four years without an issue being raised, there isn't consensus on requiring
a change.  That being said the naming discussion was an inevitable bikeshed.

Discussion of whether a given W3C license was category 'B' or 'X'.  Given that
the code in question was dual licensed with BSD, the question was moot.

A discussion about a different W3C license and the policy of not allowing
non-OSS code in SVN wandered off into nowhere as hypothetical discussions are
want to do.  There was a similar discussion about PDF CJK fonts, and it
appears that the direction there will be to dynamically download the data vs
polluting SVN.

A question about dealing with the US Government was handled by Larry off-list.

17 Dec 2008 [Sam Ruby]

Most significant thread has the unfortunate subject line of
"use of proprietary binaries".  I say unfortunate, as it is unduly
prejudicial.  The essence of the pragmatism behind "category B" is to
identify artifacts whose licenses, while different than our own, don't
affect the ability of us developing our code under our license.  As long
as the dependency is clearly marked and we are not distributing these
artifacts, we should be good.  Related questions such as whether such
artifacts can be checked into SVN, etc. should be examined in terms of
infrastructure burden and potential to increase confusion, and not excluded
as a blanket matter of policy.

The context for the above is optional external APIs and compliance test
suites.  While we would all love for these to be open, that's not a
requirement.  The line in the sand is whether or not usage of such affects
our ability to develop our code under our license.

By contrast, redistribution of PDF CJK fonts, for which the license clearly
states that the "contents of this file are not altered" was greeted warmly,
albeit with a separate discussion about patents.

Other threads:

Does working on Sun RI automatically "contaminate" developer, and preclude
them from working on ASF project?  Answer: not in general, though specific
PMCs may have specific rules in place depending on the nature of the project.

Lenya website redesign - ensuring that the contributions are under the
appropriate license.

Obtaining licenses for testing purposes - original question dealt with
WebSphere, but wondered off to TCKs.

Branding question ("AskApache") referred to PRC.

Continued discussion about Google Analytics.  No consensus that there is
a clear issue yet.

A naming question for JSecurity lead to the inevitable bikeshedding...

People are encouraged to follow up on the first issue on legal-discuss.

19 Nov 2008 [Sam Ruby]

It would be helpful to obtain a Notice of Allowance from Robyn in order to
pursue registering the SpamAssassin Trademark.

Sebastian Bazley updated the mailbox drop information on CCLAs to reflect our
Wells Fargo lockbox.

Discussed documenting privacy policies w.r.t. Google analytics and
interpreting "internal use" as our project mailing lists.  Parallel discussion
occurred on site-dev.

Advised Facelets to preserve NOTICEs and not to modify copyright claims
in files that they copy.

Jira item created for documenting the process for choosing names for ASF
projects.  Looks promising.

Once again, a discussion of making section 5 of the Apache License, Version
2.0 more explicit via mailing list messages surfaced.  Thankfully, it died
quickly.  My feeling is that what we have works for us for now, and shouldn't
be changed unless there is a specific issue.

A company offered Lucene access to archived blog data.  There was a discussion
concerning us hosting a copy of this, but this made some people uncomfortable
w.r.t. potential copyright violations.

Discussed w3c's copyright-documents-19990405.html.  Overall doesn't look
open source friendly, but we may be open to further discussion of checkin
of unmodified sources with appropriate documentation.

Reviewed Oracle's proposed revised JSR301 draft license

15 Oct 2008 [Sam Ruby]

4 JIRA requests opened, 3 closed; all related to how to deal with "one off"
licenses.

Continuing discussions on Google Analytics and legal options related to the
JCK impasse.

Otherwise, a pretty quiet month.

17 Sep 2008 [Sam Ruby]

Things continue to run smoothly.  I'm pleased with the number of active
participants.

An abstract question was asked about an ability to commit to a project given
exposure to prior ideas from a previous employer.  In general, such a
situation causes us no major concerns, though the situation may vary based on
the specific projects and specific employers in question.

PDFBox was originally BSD licensed and obtained software grants from all of
the primary authors.  A question was asked regarding small contributions from
people who they are no longer able contact.  Given the size of the
contributions in question, the original license, and the fact that reasonable
efforts were made to locate such people, it was determined that this was not a
concern.

A FAQ was added that older versions of Apache software licensed under Apache
Software License 1.0 are still licensed as such.

Creative Commons Share-Alike Attribution version 3.0 license has been
approved, provided the materials in question are unmodified.  Previously, only
the 2.5 version had been approved.

A JIRA was opened on documenting release voting procedures.  No owner.

Larry helped resolve an issue where a company wished to rewrite our CCLA.
Our policy is that we don't accept modified ICLAs or CCLAs.

SyntaxHighlighter (LGPL) was approved for use on people.apache.org pages.

Nobody seems to know the licensing status of BEA's StAX implementation, so
most projects are simply routing around it.

Larry has volunteered to register SpamAssassin trademarks.  Given that the PRC
and the SA PMCs are OK with this, if the board approves the expenditure, I'll
tell him to proceed.

David Crossley has produced a first draft of a project naming document.  He's
been on the list for over a year, and starting in July of this year has picked
up his participation.

Routine copyright/notice questions from Felix, CouchDB, JAMES and the Incubator.

RSA's implementation of MD4/MD5 says one thing in their licensing headers and
a quite different thing on their IETF IPR statement.  I think we are covered,
but we still need to settle how to document this properly.

Bluesky inquired about moving away from some (unspecified) C++ Standard
library implementation to STLPORT, presumably for licensing reasons.
Everything I have heard to date indicates that we would be comfortable with
either implementation.

Google Analytics continues to be explored.  Justin expressed an opinion that,
while a bit stronger than I recall the board expressing, is one that I'm quite
pleased and comfortable with: namely that we start from a presumption of data
of this type being open to all, and work backwards from there -- making closed
only what we must.

A discussion has just started on the legal implications of contests involving
prizes.  If the prizes themselves are donated, and are substantial, we may
have to consider such as targeted donations.

20 Aug 2008 [Sam Ruby]

While comments were made on a half-dozen or so JIRA issues, none were either
created or closed this month.  I believe that this process is working
smoothly, and does not warrant board attention.

Notable discussions that occurred during this month:

As reported elsewhere, Microsoft clarified their position on their Open
Specification Promise.  As near as I can tell, everybody feels that this
completely resolves the issues surrounding the upcoming OOXML support by POI.

The division of labor between the PRC, the incubator, and the Legal Affairs
Committee continues to confuse people.  My understanding is that the PRC is
responsible for enforcing our claim to names, the incubator is responsible for
IP clearance (including names), and the Legal Affairs Committee helps respond
to claims made against the ASF.

A GPL license question surfaced -- this started out with Xapian which is
licensed under GPL v2 and confusion over what the FSF claims of
"compatibility" with the Apache License means. Eventually this discussion
wandered off into the territory of hypotheticals.  GPL v2 remains on the ASF's
restricted list (a.k.a. Category "X").

By contrast, syntax highlighter (licensed under the LGPL) was approved for the
limited purposes of non-essential enhancement of online documentation.

There was a brief discussion on "blanket" grants and "commit by proxy".  This
was resolved by citing the relevant sections of the ICLA which has explicit
provisions for the enablement of submitting code on behalf of a third party.

There was a brief discussion as to whether an ICLA sufficient when a person
may have been exposed to ideas and alternate implementations from a previous
employer.  Our position is yes.  Individual PMCs are welcome to set a higher
bar for themselves.

A permathread re-erupted: when are Apache License Headers needed?  The general
guidance is that they should be added whenever practical, but only where
practical.

There is an ongoing discussion about notice requirements when code is reused
from other projects.

Jim asked if the board should request a status update regarding the 3rd party license policy. Sam indicated that this was not necessary based on the areas of consensus already are published on the web site, and the items being worked appear in JIRA. No action was taken.

16 Jul 2008 [Sam Ruby]

Resolved issues:

* Documentation about the Legal Affairs Committee has been added to
 the web site (primary source: board resolutions)

* Cobertura reports can be included in Apache distributions

* Yahoo! DomainKeys Patent License Agreement v1.2 does not
 raise any concerns.

Significant Discussions:

* Permathread about policy issue about shipping LGPL jars reoccurred.
 again this month.

* We are Revisiting whether or not there should be a JIRA checkbox concerning
 whether or not there should be a "Grant license to the ASF" checkbox
 and what the default should be.

Other:

* Received another inquiry from the owners of the Abator trademark.

A brief discussion was had concerning ASF committers and members participating as Expert Witnesses. This is a decision that only the individual in question can make for themselves, but if there is any concern that there might involve an ASF vulnerability, then the individual is requested to include the ASF's legal VP and counsel in the discussion.

25 Jun 2008 [Sam Ruby]

Another month with little controversy.

At this point /legal/resolved.html contains the bulk of the content
from the draft 3party text upon which there is wide consensus.  This includes
the discussion of category 'A', 'B', and 'X' licenses.  Henri has a real
talent for proposing text upon which people can find common ground.

The wiki that was previously set up at my request is not seeing much use.
Relevant documents that were previously there (as well as on
people.apache.org home directories) have been migrated to the website
proper.

A JIRA area has been established for tracking legal issues, and this has
resulted in a lot of activity and issues moving to closure.

Two major areas of future focus:

Nearer term is a sincere desire in a number of areas to be more proactive
about obtaining suitable licenses for potential patents.  This has caused
problems as patent licensing issues are not as clear cut as copyright or
trademark issues.  I'm comfortable having the Legal Affairs Committee making
the call that, for example, WSRP4J and POI pose acceptable risks for the
foundation, and downstream help PMCs mitigate those risks should these
assessments prove to be unfounded.

Longer term, clarifying and documenting the various notice requirements
(NOTICE, LICENSE, README) needs attention.

21 May 2008 [Sam Ruby]

A fairly quiet month.

The iBATOR trademark infringement issue seems to have been resolved
satisfactorily.

Glassfish has now corrected the license issue with prior versions of
their product (as of the last board report, they had only addressed
the latest version).

Andy Oliver is continuing to work quietly with myself and ASF council
to see if we can identify and resolve his concerns with the Microsoft
funding of Sourcesense to implement OOXML.

WSRP4J appears to be in a roughly analogous place.  There are no known
actively enforced patents by either IBM or WebCollege that apply to
this code, but a desire to preemptively and proactively get a
license agreement.

As indicated in the incubator report, nobody on the Legal Affairs
Committee has expressed any concern with the changes proposed by Roy
for the procedures for IP Clearance.

Questions on compatibility with various licenses continue to pop up
from time to time.

No questions on third party licensing issues arose during the past
month.

16 Apr 2008

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following ASF member be
 added as a Legal Affairs Committee member:

    Craig Russell <craig.russell@sun.com>

 Special order 7A, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote of the directors present.

16 Apr 2008 [Sam Ruby]

Sun has restored Apache License headers to the Jasper code with
Glassfish V3.  Craig Russell was instrumental in making this happen.
I feel this issue is now closed.

In related news, the Legal Affairs Commitee voted to add Craig to the
committee, and it appears as resolution 7A on today's agenda.  From time
to time, I see a number of smaller items that come up on the legal
mailing lists go unaddressed.  I intend to continue to pursue expanding
the Legal Affairs Committee membership.

We received more information on the trademark concern, and this has
resulted in Apache iBATIS beginning the process of renaming Apache
iBATIS Abator to Apache iBATIS iBATOR.

The Legal Affairs committee participated in a number of JCP and Harmony
related discussions.  This is already adequately covered by the report
from the VP of JCP.

The third party licensing policy continues to remain a draft and despite
not being made into a policy, is still useful as a set of guidelines and
hasn't prevented us from making meaningful progress on actual requests
from podlings and PMCs, such as the request as to how Buildr is to treat
dependencies covered under the Ruby license.

There has been discussion regarding WSRP with respect to patents.
While it isn't clear that there is a patent that reads on WSRP, but a
member of the portals PMC sent a request inquiring as to how certain
patents would be licensed by IBM and Web Collage.  Upon review, the
consensus seems to be that the agreement presented to us by Web Collage
is not sufficient for our needs.

POI has a situation where a committer has stated his intent to
revert commits which were made several months ago based on a feeling
that there may be patents which read on the code in question.

Portions of the legal site are in flux, and meta discussion as to when
and who can update the site occur from time to time.  This is normal
and healthy.

19 Mar 2008 [Sam Ruby]

The third party draft has been a significant distraction.  This document
serves a quite useful purpose -- as a guide.  Shortly after this month's
board meeting, I plan to publish a short document describing how it
is useful as a guide and identifying a few places where hard distinctions
it attempts to make are overreaching and will not (yet) be enforced.

Meanwhile, focus will return to concrete, tangible, and near-term
decisions.  The first two of which which will be resolved this week
deal with code licensed for use "in the creation of products supporting
the Unicode Standard" and an optional LGPL "deployer" distributed in
source form.

Other activities:
 * WSRP4J is looking into potential patent claims
 * Ongoing crypto notice work
 * Discussion on maintenance of the year on copyright notices
 * Question as to whether we would allow projects to dual license (answer: no)
 * Discussion of various open specification pledges, particularly Microsoft's
 * OSGI bundle requirements will require ServiceMix to create, maintain, and
   distribute a small amount of CDDL licensed descriptions.
 * Continuing confusion over the split between the NOTICE and LICENSE files,
   this needs to be dealt with by the Legal Affairs Committee
 * Fielded a question from a non-profit that wanted to base their license
   off of ours.
 * A growing list of open legal questions, mostly related to third party
   licensing.
 * Glassfish still hasn't restored the Apache License headers to Jasper
   files, despite some encouraging words that they were going to.  Yet
   another letter was sent to Simon Phipps and the legal contact at Sun
   he provided me with.

20 Feb 2008

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following ASF member be
 added as a Legal Affairs Committee member:

    Henri Yandell <bayard@apache.org>

 Special order 7D, Update Legal Affairs Committee Membership,
 was approved by Unanimous Vote.

20 Feb 2008 [Sam Ruby]

Last month, I mentioned a potential trademark infringment issue that was
brought to our attention.  I contacted the individual requesting more
information, and have not heard back.  Until I hear more, I have no
plans of pursing this further.

Sun continues to ignore our request that the licence headers be restored
on the portions of Glassfish.  I have sent a third request (the first
was in September) that Sun follow the FSF's recommendations on this matter.
If Sun continues to drag their feed on this matter, it is time to explore
other options to get Sun to comply.

While this work has been ongoing for some time, this month there has
been a marked uptick in the export classification activities and general
awareness of these ECCN related issues.

Most of the efforts of this month were on trying to refine the ASF's
Third Party Licensing policy, primarily by attempting to create an
informal poll.  I seeded this with three hypothetical positions, and
mostly people were divided into two camps.  One camp didn't see much
of a dividing line between the first two positions, but clearly saw
position three as distinct and reacted negatively towards it.  The
other saw little difference between positions two and three, but reacted
equally negatively to position 1 as the first camp did to position 3.

A bare minimum that I believe that we can achieve ready consensus on is
a policy that all sofware developed at the ASF from here on is to be licensed
under the Apache License, Version 2.0, and that we will take no actions
that limit our ability to distribute our software under this license.
Roy has indicated that this may not have been the policy in the distant
past, but as near as I can tell, it has been the way that we have been
operating for quite some time now, hence the conclusion that this should
be able to readily gain consensus.

One world view is that that bare minimum is not enough.  One can argue
that it makes little sense if our software is licensed under a pragmatic
license if that sofware is entangled with dependencies that effectively
eliminate all the pragmatic aspects of our license.

The other world view is that our software is, well, soft; i.e., maleable.
Our licensees are welcome to modify, combine, and optionally contribute
back to our code bases.  Furthermore, no matter how hard we try, our
licensees are operate under a variety of different constraints or have a
differing interpretations of license compatibility.

Choosing between these two world views is difficult; but given that the
former can only be executed if there are ample exceptions for "system" or
"soft" dependencies -- concepts that are both undefinable and all too open
to gaming -- clearly the latter is easiest to understand and administer.
Or there is a belief that a "spec" from an industry consortia and with
no independent implementations somehow makes copyright and patent issues
less relevant.  In any case, add to all this the evident divide, and the
first world view becomes not only harder to understand and administer,
it becomes absolutely unworkable.  Simply put, an excemption for "system"
dependencies that is based on a "I'll know it when I see it" policy doesn't
work if a substantial portion of the people who may be drawn upon to express
an opinion on the subject simply don't believe that any such distinction is
either necessary or even makes sense as a policy.

Therefore it appears that the only workable policy is one where we continue
to require PMCs to compile a comprehensive set of LICENSEs to accompany each
of our releases so that our licensees can make an informed decision.  That,
and perhaps to we can increase our efforts to educate PMCs as to the effects
such dependencies have on community size.

While this approach is workable, it is one that may be difficult to reverse.
Hence, a slow and cautious approach is warranted.  Should there be any
as of yet unexpressed feedback, now would be a good time to provide it.

I have reviewed the minutes for the meetings of 2005/06/22 and 2007/03/28
establishing the VP of Legal Affairs and the Legal Affairs Committee
respectively, and believe that no board resolution and/or explicit approval
is required for the Legal Affairs Committee to proceed on this matter.

Approved by General Consent.

16 Jan 2008 [Sam Ruby]

The requested FAQ additions have been completed and posted.  These
additions did attract quite a few comments of support, and everybody had
more than ample time to comment.  I've seen no negative fallout as of yet
of these additions.  I mention this because these additions were initially
controversial, but my impression is that over time some of the participants
simply got less vocal rather than converted.

Jason Schultz has left his staff attorney position at the EFF.  Fred von
Lohmann of the EFF has agreed to support us in his place.

We have been informed of a potential tradmark infringment issue.  I shoud
have more details by the next meeting.

There is a backlog of items that need to be addressed, preferably in
parallel rather than serially.  Rather than waste report time on what
I perceive to be the biggest item, namely competing the Third Party
Licensing policy, time permitting, I've added a discussion item in the
hopes that we can come to a quick consensus on the approach.  If quick
consensus isn't achievable here, then the hope is that this will serve
as a heads up so that the interested parties can participate in the
discussion on legal-discuss.

Other items in the backlog:
 Third Party Licensing:
   Minor update to to add OSOA as category A
   Additional updates to cover notices of optional dependencies (log4cxx, apr)
   Need a policy on whether depencencies on Ruby Gems are permissable (Buildr)
 WSRP4J licensing issues (Portals)
 Fork FAQ

Request was made that legal/status be updated.

Approved by General Consent.

19 Dec 2007 [Sam Ruby]

No report submitted.

14 Nov 2007

A report was expected, but not received

17 Oct 2007 [Sam Ruby]

After an extended quiet period, I thought I would collect up a
few updates to the website, but that re-awoke the discussion.
What's cool is that this time around, there actually are more
people than Doug actually proposing actual wording.  I'm
convinced that we are continuing to make forward progress.

Backlog of items include following up with Sun on following the
licensing terms for Jasper, and a "fork FAQ".

Approved by General Consent.

19 Sep 2007

Relatively quiet (and short) month.

I believe that we are making progress on the Y! proposed additions to the
FAQ, and should be able to close shortly.  Short summary of the key issue:
while the ASF as a whole does not confer any official status to
"subprojects", this proposed FAQ would officially recognize that a PMC
may, in fact, produce a number of independent "products".

Simon Phipps forwarded to me a writeup by the FSF on how to retain
appropriate copyright headers on works derived from non-GPL codebases
and incorporated into GPL codebases.  I posted this link on
legal-internal, and it didn't provoke any objections, so I asked
Simon to follow these instructions on the Jasper/Glassfish code.  I
will follow up to ensure that this is done.

29 Aug 2007 [Sam Ruby]

* Continuing to work on Yahoo! patent scope FAQ.
* Updated web page concerning Apache License and GPL compatibility
* Updated 3rd party policy, resolving Geronimo and MyFaces issue
* Participated in two call with ASF council regarding JCK/FOU issue
* Continuing to work with Sun over ASF license code issues in Glassfish

My goal continues to be to delegate more of this.  If necessary,
I will recruit more people onto the legal committee in order to
make this happen.

Approved by General Consent.

18 Jul 2007

Change the Apache Vice President of Legal Affairs

 WHEREAS, the Board of Directors heretofore appointed
 Cliff Schmidt to the office of Vice President, Legal Affairs,
 and

 WHEREAS, the Board of Directors is in receipt of the resignation
 of Cliff Schmidt from the office of Vice President, Legal
 Affairs, and

 WHEREAS, the Legal Affairs Committee has recommended Sam Ruby as
 the successor to the post;

 NOW, THEREFORE, BE IT RESOLVED, that Cliff Schmidt is relieved
 and discharged from the duties and responsibilities of the office
 of Vice President, Legal Affairs, and

 BE IT FURTHER RESOLVED, that Sam Ruby be and hereby is appointed
 to the office of Vice President, Legal Affairs, to serve in
 accordance with and subject to the direction of the Board of
 Directors and the Bylaws of the Foundation until death,
 resignation, retirement, removal or disqualification, or until a
 successor is appointed.

 Special order 7F, Change the Apache Vice President of Legal Affairs, was
 approved by Unanimous Vote.

18 Jul 2007

Update Legal Affairs Committee Membership

 WHEREAS, the Legal Affairs Committee of The Apache Software
 Foundation (ASF) expects to better serve its purpose through the
 periodic update of its membership; and

 WHEREAS, the Legal Affairs Committee is an Executive Committee
 whose membership must be approved by Board resolution.

 NOW, THEREFORE, BE IT RESOLVED, that the following ASF member be
 added as a Legal Affairs Committee members:
    Sam Ruby <rubys@apache.org>

 Special order 7E, Update Legal Affairs Committee Membership, was
 approved by Unanimous Vote.

18 Jul 2007 [Cliff Schmidt / Henning]

As mentioned in last month's report, I wish to resign as VP of Legal
Affairs.  The Legal Affairs Committee has discussed possible
replacements over the last month and have reached consensus on Sam
Ruby, who is not currently on the committee.  Therefore, I have
prepared two resolutions for the board to vote on: one to add Sam to
the committee (being a board/executive committee) and one to have him
replace me as VP.

There are no other issues requring board attention this month.

Approved by General Consent.

20 Jun 2007 [Cliff Schmidt / Greg]

On May 31st, the FSF released its "last call draft" of the
GPLv3.  In this draft and its associated press releases, the
FSF prominently states that there is no longer a concern
about the Apache License being "incompatible" with the GPLv3.
The compatibility issue is describing whether they see a
problem with an Apache-Licensed component being included
within a larger GPLv3-licensed work.  This is what they no
longer see a problem with.  Of course, there would still be
much concern and debate about the licensing restrictions of a
larger Apache-Licensed work that included a GPLv3-licensed
component.

The only other issue to report is that the legal affairs
committee has been up and running for well over a month.  In
fact, I coordinated approval of the FSF's proposed GPLv3
wording with the committee (although sadly didn't plan far
enough advance to coordinate this report).  I will soon be
asking the committee for nominations and an election of a
new VP of Legal Affairs, with a proposed resolution before
the Board by next month's meeting.

Approved by General Consent.

16 May 2007 [Cliff]

No report.

25 Apr 2007 [Cliff]

As I mentioned in my post to the board@ list shortly after last Board
meeting, the FSF's third discussion draft of GPLv3 included a note
that GPLv3 would not be compatible with the Apache License due to the
indemnification provision.  Both Larry Rosen and I have been in touch
with the FSF and SFLC and expect this statement of incompatibility
will soon be reversed without any change in the Apache License.

The Board approved my resolution to establish a Legal Affairs
Committee at last month's meeting.  However, I have been lame in
getting things started due to a shortage of available time in the last
few weeks.  I'll start getting the ball rolling this week.

Cliff indicated that, assuming the current "incompatibility" between GPLv3 and AL 2.0 is resolved, he does not foresee any further potential conflicts.

Approved by General Consent.

28 Mar 2007

Establish the Legal Affairs Committee

 WHEREAS, the Board of Directors deems it to be in the best
 interests of the Foundation and consistent with the
 Foundation's purpose to create an Executive Committee charged
 with establishing and managing legal policies based on the
 advice of legal counsel and the interests of the Foundation;
 and

 WHEREAS, the Board of Directors believes the existing office of
 Vice President of Legal Affairs will remain a valuable role
 within the Foundation and would benefit from the creation of such
 a committee.

 NOW, THEREFORE, BE IT RESOLVED, that an ASF Executive Committee,
 to be known as the "Legal Affairs Committee", be and hereby is
 established pursuant to the Bylaws of the Foundation; and be it
 further

 RESOLVED, that the Legal Affairs Committee be and hereby is
 responsible for establishing and managing legal policies based
 on the advice of legal counsel and the interests of the
 Foundation; and be it further

 RESOLVED, that the responsibilities of the Vice President of
 Legal Affairs shall henceforth include management of the Legal
 Affairs Committee as its chair; and be it further

 RESOLVED, that the persons listed immediately below be and
 hereby are appointed to serve as the initial members of the
 Legal Affairs Committee:

   Cliff Schmidt
   Davanum Srinivas
   Garrett Rooney
   Geir Magnusson
   Jim Jagielski
   Justin Erenkrantz
   Noel Bergman
   Robert Burrell Donkin
   Roy Fielding
   William Rowe

 Special Order 6C, Establish the Legal Affairs Committee,
 was approved by Unanimous Vote.

17 Jan 2007 [Cliff]

 The only issue to report this month is the patent license FAQ.
 Following the plan I suggested in October, I've taken the FAQ
 proposed by Doug and agreed to by Roy (which addresses the
 concern for consistency with Roy's public statements on the topic
 while he served as ASF Chairman) and asked our counsel to review
 and advise.  Barring any legal concerns from counsel, I recommend
 posting this FAQ.  Incidentally, the question part of the FAQ is
 nearly identical to the one proposed in our September meeting;
 however, the answer no longer has the problem raised by some
 directors (that it was attempting to answer more than the
 question).

20 Dec 2006 [Cliff]

 CLA UPDATE: I sent an update to legal-discuss last week to
     let everyone know that the plan is to publish a document
     that describes the original intention behind some of the
     ambiguities in the CLA and then to discuss the idea of
     a new version.  Roy has agreed to write the "original
     intention" doc based on what statements he had made about
     the CLA's interpretation while he was ASF chair.

 GPLv3 COMPATIBILITY: The SFLC contacted me about the latest
     proposed changes to the patent licensing in the next
     draft of GPLv3.  I am reviewing now to ensure these
     changes would still allow Apache-Licensed works to be
     included in GPLv3-licensed works.

 STANDARDS LICENSING: I reviewed the BPEL specification patent
     licenses for Apache ODE.  The licenses would not be
     acceptable by the ASF; however, there do not currently
     appear to be any patents to license.  So, I see no problem
     with ODE implementing the BPEL spec.  Another spec reviewed
     was the Yahoo-submitted IETF RFC on DomainKeys.  Noel
     submitted this to legal-internal by Noel for review during
     ApacheCon US.  I reviewed and commented on it there; while
     not ideal, it appears reasonable and should not hold back
     our development.  My analyses for both BPEL and DomainKeys
     was approved by our legal counsel on legal-internal.

15 Nov 2006 [Cliff]

 Cliff reported that work is continuing on the "crypto export"
 clarifications for use within the ASF. Also being worked on
 is the standards licensing. Cliff noted that SenderID is
 covered under the Open Specification promise, and therefore
 removes any restrictions on use.

25 Oct 2006 [Cliff]

 Cliff reported that during ApacheCon, the CCLA issue was further
 discussed with many people, especially Roy and Doug Cutting. Both
 Roy and Doug were happy with the approach taken and Roy committed
 to "writing up" what his intents were with the CCLA, so that
 misinterpretation of the letter and spirit of the CCLA no longer
 exists.

 Cliff indicated his desire to create a sort of Legal Committee,
 similar to the PRC or Security Team, to allow for a wider
 range of volunteers to help with the various legal issues and
 questions still being worked on. His hope is also that this
 will provide an opportunity for him to resign from the VP of
 Legal Affairs position after a period of time.

 Cliff reported that a number of Universities and Colleges have
 contacted him regarding their own efforts in creating suitable
 licenses for their open source educational software. Cliff
 suggested that the ASF possible provide feedback and insights
 regarding our experiences with the AL as well as the iCLA and
 CCLAs.

20 Sep 2006 [Cliff]

 CRYPTO EXPORT DOCS: This work has been complete for over a
     month and projects are now starting to use the docs/process.
     At this stage it still requires me to work closely with the
     project to ensure they understand the docs, but the system
     is working.  This will scale better as the docs are improved
     through experience.

 STANDARDS LICENSING: The standards patent covenant that I have
     mentioned giving feedback on over the last couple reports
     was made public about one week ago: the Microsoft "Open
     Specification Promise".  While it is not perfect, I
     believe it should not block PMCs wishing to implement
     covered specifications.

 USPTO/OSDL's OSAPA: The Open Source As Prior Art initiative
     met in Portland, OR, last week for two days.  I was able
     to join the group for the second day to learn a little
     about what is being planned.  Will follow-up with email
     to board@.

 THIRD-PARTY LICENSING POLICY: Haven't gotten to this yet, but
     hoping to make minor revisions and make enforcement
     approach clear in doc (as described in previous reports)
     and then call it final, and ideally have it included in
     same email to committers as alerts on src header and
     crypto docs.  (No change since last month)

 OSS PROJECT CODE MOVED TO ASF: When an incubating project's
     initial code base is submitted to the ASF, our CLA
     requires that "work that is not Your original creation"
     must be submitted "separately from any Contribution,
     identifying the complete details of its source and...
     conspicuously marking the work as "Submitted on behalf of
     a third-party: [named here]".  This presents a problem
     when the code base is an existing OSS project with
     intermingled IP from various sources.  One solution I've
     seen in the past is for the multiple authors to jointly
     sign the same grant; however, due to a few problems with
     this approach, I've worked with one set of initial
     contributors to create a script that uses svn blame/log
     and a mapping file (svn id or a rev # --> legal owner) to
     output an exhaustive set of annotations to satisfy this
     requirement.

 PATENT LICENSING IN CCLAS: I am late on getting this report
     done.  I'm still having discussions with our lawyers and
     other members of the open source community on a daily /
     weekly basis.  The goals of the report are to detail the
     ambiguities in the patent language of the current CCLA
     and to suggest that the board consider options, such as
     specific clarifications, revisions, and supplementary
     processes.  These can be discussed at today's meeting if
     the board wishes; in addition, Doug Cutting would like the
     board to consider an FAQ to address some aspect of the
     CCLA's ambiguity.

 Cliff also reported that he will commit to having the
 3rd Party issues complete by ApacheCon Austin.

16 Aug 2006 [Cliff]

 LICENSING HEADER: About to move the deadline back to Nov 1st
     due to my slowness in getting out an email to committers@
     pointing to new policy.  However, many projects are
     already switching over from pointers on legal-discuss.

 CRYPTO EXPORT DOCS: Lots of work with APR and especially
     James on fine-tuning the format for the email reports and
     web page.  Have updated the docs to reflect this.  Pretty
     much done now -- just need to include this on the
     committers@ email (see above re: license header).

 THIRD-PARTY LICENSING POLICY: Haven't gotten to this yet, but
     hoping to make minor revisions and make enforcement
     approach clear in doc (as described in previous reports)
     and then call it final, and ideally have it included in
     same email to committers as alerts on src header and
     crypto docs.  (No change since last month)

 PATENT LICENSING IN CCLAS: I've continued to do some
     research and have some discussions with various companies
     and other open source organizations on this topic. I
     still hope to have a report comparing the options by the
     end of this month.

 STANDARDS LICENSING: A large software company will be soon
     be releasing a new patent license (actually a promise
     not to sue), under which several specifications will be
     covered.  Much of our feedback has been incorporated
     into the latest draft.  I expect we will be satisfied
     with the final result (TBA this month).

19 Jul 2006 [Cliff]

 LEGAL HOME PAGE: Have created new legal home page with links
     to docs relevant for users and committers.  Also posting
     and linking to these legal reports for interested
     committers to track progress.  Please let me know if
     there are any concerns about this.  Will publicize the
     legal home page and its links on Friday in email to
     committers@.

 LICENSING HEADER: The final version is now posted, linked
     from the new legal web page: apache.org/legal.  Email to
     committers will go out on Friday.

 CRYPTO EXPORT DOCS: A nearly final version of this is posted
     including a lengthy FAQ from various dev-list
     discussions.  Last step is to work with dreid on project-
     specific RDF files that build final required web page.
     Hoping to have this also done and in email to committers
     on Friday.

 THIRD-PARTY LICENSING POLICY: Haven't gotten to this yet, but
     hoping to make minor revisions and make enforcement
     approach clear in doc (as described in previous reports)
     and then call it final, and ideally have it included in
     same email to committers as alerts on src header and
     crypto docs.

 PATENT LICENSING IN CCLAS: I've tried to keep the board
     aware enough of this discussion over the last 2-3 months
     to jump in as any director sees fit; however, recent
     discussions on board@ lead me to believe that I should
     request this to become an item of new business, rather
     than wait for another director to inquire more about it.
     I suggest a brief conversation on the topic today,
     followed by a more detailed presentation of the concerns
     of each side of the issue at some point in the near
     future.

 SFLC LETTER ON ODF: After clarifying with SFLC that we did
     not want their letter to represent an "Apache position"
     on ODF nor did we want our name used in any PR on the
     subject, I agreed to the text of their letter.  Since
     publishing the letter several weeks ago, they appear to
     have honored my requests completely.

 STANDARDS LICENSING: I continue to have conversations with
     vendors on how they can improve the licensing of their
     essential patent claims for specifications that Apache
     would consider implementing.  I'm actually seeing some
     progress/willingness to revise from vendors.

27 Jun 2006 [Cliff]

 LICENSING HEADER: I sent a summary of the resolution passed
     at last month's meeting to the legal-discuss list and
     am compiling a short FAQ based on questions from that
     thread.  The summary and FAQ will be linked from a new
     apache.org/legal/ home page by the end of the week, and
     send a notification of the posting to committers@. I
     originally stated that the new header would need to be
     implemented on releases on or after August 1, 2006,
     but will push that date back one month, since I was slow
     to get this out to all committers.

 PATENT LICENSING IN CCLAS: There continues to be some degree
     of controversy over my statement on how the CCLA patent
     license should be interpreted.  I continue to state
     that the patents are licensed for both the contribution
     and combinations of the contribution with the continuing
     evolution of the project.  In other words, the ASF is
     not interested in contributions with strings attached
     (strings = restrictions on what it can be combined with).

 SFLC LETTER ON ODF: The SFLC has asked us to review a draft
     statement on the legal encumbrances of the OASIS ODF
     specification.  If we agree with the draft, they would
     like to issue a statement that they are representing the
     positions on two of their clients, the ASF and FSF.

24 May 2006 [Cliff]

  LICENSING HEADER: I have submitted a resolution for the
      Board's consideration to set a new policy for source
      code headers.  In brief, the headers will no longer
      include any copyright notice, only a licensing notice
      and a mention of the NOTICE file for copyright info.
      The NOTICE file will include the ASF's copyright notice,
      in addition to other required notices.  Copyright
      notices in third-party components distributed within ASF
      products will not be touched.

 CRYPTO EXPORT POLICY: I have posted a crypto policy at
      http://apache.org/dev/crypto.html.  The policy should
      answer most of our questions in this area, but will be
      gradually enhanced over time.

 GPLv3 COMPATIBILITY: After a close review of the first draft
      of GPLv3, I brought up potential incompatibility issues
      with the Apache License to the GPLv3 discussion committee
      that I serve on.  The FSF's counsel hopes these issues
      can be addressed in the next draft.  As I've said before,
      both the FSF and the SFLC continue to be unwavering in
      their dedication to ensure GPLv3 is compatible with Apache
      License v2.

 PATENT LICENSING IN CCLAS: I've spent a lot of time with
      one particular corporate legal staff lately with their
      questions of whether the CCLA implies that the set of all
      possible patent claims being licensed can be known at the
      time of contribution.  It's obvious why a corporation
      would want the answer to be affirmative; however, such an
      answer would not protect the project's work from patent
      infringement claims by a contributor regarding how their
      contribution is combined with other things.  It may be
      worth revising the (C)CLA language to make this more
      clear.

 ELECTRONICALLY SUBMITTED AGREEMENTS: Now allowed.  See the
      Secretary's report.

 LICENSING AUDITS: I work closely with the Eclipse Foundation's
      IP Manager, who continues to inform me of apparent
      inconsistencies and inaccuracies in the licensing of
      ASF products.  I've been asking PMCs to address these
      issues as they come up, but what we really need is an
      internal audit on each product to get these problems
      fixed.  Before we can do that, we need complete
      documentation on the things an audit should look for and
      how they should be corrected.  I will likely make this a
      priority for the "Docathon" at ApacheCon EU next month.

 THIRD-PARTY IP: Due to the issues above, I've neglected to
      make the few remaining changes to the draft licensing
      policy doc and publish the official version.  As I
      mentioned last month, I intend to tell PMCs that all new
      products MUST conform to the policy, but that all
      existing products that do not currently conform need to
      only take one action over the next six months: report
      where/how they are not conforming so that the practical
      impact of the policy can be better understood without
      yet requiring substantial changes.  The philosophy
      behind this "impact evaluation period" is that the
      policy was primarily intended to document the mostly
      unwritten rules today and to choose one rule when
      multiple exist across the ASF.  Now that I've cleared
      the license header and crypto issues off the high
      priority list, I hope to focus exclusively (as much as
      possible) on getting the 1.0 version out.

24 May 2006

Establish guidelines for handling copyright notices and license headers

   WHEREAS, the copyright of contributions to The Apache
   Software Foundation remains with the contribution's owner(s),
   but the copyright of the collective work in each Foundation
   release is owned by the Foundation,

   WHEREAS, each file within a Foundation release often includes
   contributions from multiple copyright owners,

   WHEREAS, the Foundation has observed that per-file attribution
   of authorship does not promote collaborative development,

   WHEREAS, inclusion of works that have not been directly
   submitted by the copyright owners to the Foundation for
   development does not present the same collaborative
   development issues and does not allow the owners to consider
   the Foundation's copyright notice policies;

   NOW, THEREFORE, BE IT RESOLVED that for the case of copyright
   notices in files contributed and licensed to The Apache
   Software Foundation, the copyright owner (or owner's agent)
   must either: remove such notices, move them to the NOTICE
   file associated with each applicable project release, or
   provide written permission for the Foundation to make such
   removal or relocation of the notices, and be it further

   RESOLVED, that each release shall include a NOTICE file for
   such copyright notices and other notices required to accompany
   the distribution, and be it further

   RESOLVED, that the NOTICE file shall begin with the following
   text, suitably modified to reflect the product name, version,
   and year(s) of distribution of the current and past releases:

     Apache [PRODUCT_NAME]
     Copyright [yyyy] The Apache Software Foundation

     This product includes software developed at
     The Apache Software Foundation (http://www.apache.org/).

   and be it further

   RESOLVED, that files licensed to The Apache Software
   Foundation shall be labeled with the following notice:

     Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information
     regarding copyright ownership.  The ASF licenses this file
     to you under the Apache License, Version 2.0 (the
     "License"); you may not use this file except in compliance
     with the License.  You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

     Unless required by applicable law or agreed to in writing,
     software distributed under the License is distributed on an
     "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
     KIND, either express or implied.  See the License for the
     specific language governing permissions and limitations
     under the License.

   and be it further

   RESOLVED, that for the case of works that have not been
   directly submitted by the copyright owners to the Foundation
   for development, the associated copyright notices for the work
   shall not be moved, removed, or modified.

 By Unanimous Vote, Special Order 6C, Establish guidelines for
 handling copyright notices and license headers, was Approved.

26 Apr 2006 [Cliff]

 Cliff reported that the 3rd Party License report will
 likely be officially released later on this month (April),
 at which point he will start on the Copyright/Header
 issues. Regarding the 3rd Party License report, it is
 fully expected that, even though discussed and reviewed,
 there will be further discussions upon release. The board's
 stand is that we should release it "as is" and retify
 things if required. All new projects will need to adhere
 to the policy; existing projects will be given time to
 bring their codebases up to policy standards.

 The board expressed their appreciation to Cliff for
 a Job Well Done.

15 Mar 2006 [Cliff]

 THIRD-PARTY IP: After nearly two months of review on the
      board@ list and one month of review by pmcs@, I've
      finally posted the latest draft of the third-party
      licensing policy to the legal-discuss list.  My goal
      is to get all new comments or concerns collected by
      the end of the month, and resolve all issues to get
      a final, official, v1.0 release in April.  I will
      also be trying to solicit user comments through the
      feather blog and a brief pointer sent to a few of
      the project user lists.  However, I would also like
      to explicitly verify that there is a consensus from
      the Board in support of the guiding principles*
      behind the policy and the resulting license criteria**.
   *http://people.apache.org/~cliffs/3party.html#principles
  **http://people.apache.org/~cliffs/3party.html#criteria

 LICENSING HEADER, ETC: Now that the third-party policy
      doc is out there, my next major project is to draft
      and get our counsel to approve a document that
      updates our source code licensing header,
      describes where to place copyright notices, various
      third-party licenses, explains how to deal with
      crypto export issues, and more.  Although I think it
      will be useful to our committers to have this all in
      one document, I won't hold up getting a resolution on
      the license header/copyright notice issue to wait for
      the rest of the document.

18 Jan 2006 [Cliff]

 GPLv3: I just finished attending the GPLv3 conference at MIT,
      during which the first "discussion draft" of the GPLv3
      was presented.  The most relevant news is that the current
      discussion draft includes a "License Compatibility"
      section that allows the inclusion of Apache-Licensed (v2.0)
      independent works within GPLv3-licensed programs.  This
      section may change within the next year, but it remains
      clear that Eben and RMS will continue to make this sort
      of compatibility with the Apache License a priority.  The
      other news is that I have accepted an invitation to
      represent the ASF on one the GPLv3 "discussion committees".

 THIRD-PARTY IP: I will be sending out a draft policy on third-
      party IP to the board@ list this Friday, January 20th.

  Cliff further reported that the Copyright Notice Policy
  was still being worked on, and will be finished some time
  after the completion of the 3rd Party License Policy
  Report.

21 Dec 2005 [Cliff Schmidt]

 PATENT ISSUES: I had a second meeting with Microsoft about
      possible improvements to the patent licenses that they
      have stated would apply to various WS specifications at
      OASIS.  Details can be found in my summary post to
      legal-internal on 6 Dec 05 (Message-Id:
      <81007DBD-EBD8-45DC-8A35-0FB8F4F3FC11@apache.org>.  I've
      since asked them about the possibility of issuing a
      Covenant not to enforce patent claims, similar to what they
      recently did for Office 2003 Reference Schemas.  No
      response on that one just yet.

 GPLv3 COMPATIBILITY: Eben Moglen and RMS have each personally
      asked that the ASF participate in the GPLv3 input/feedback
      process, primarily to help ensure compatibility between
      the GPL and Apache licenses.  I plan to attend the first
      GPLv3 conference at MIT in January for that purpose.

 THIRD-PARTY IP: After talking with 20+ ASF members at ApacheCon
      about a proposed licensing policy, I am now ready to float
      something formal by the membership.  The short version is
      that I believe we need to draw the licensing line at the
      ability for our users to redistribute all parts of an
      official ASF distribution under their own license, as long
      as it does not violate the copyright owner's license.  I'm
      working up a list of  how this would impact the top 30 OSI-
      approved licenses and a few others, but I can tell you it
      would exclude both the LGPL and the Sun Binary Code
      License, which is currently used in Apache James.

 LAME LIST: In prior reports I said I expected to have a policy
      written on crypto export and copyright notices.  I'm late
      on both.  I am now able to projects with the correct
      procedure for crypto, but I still need to get it formally
      documented.

16 Nov 2005 [Cliff Schmidt]

 SFLC: Justin and I had a kick-off meeting with Eben and two
      of his lawyers.  Justin and Greg are already working
      with one of them to handle any issues with our books
      and 501(c)(3) status.  Justin is the point person for
      this work and will be handling ongoing status in his
      Treasurer's report.

 BXA/CRYPTO: The Perl folks sent out the required notification
      for the mod_ssl stuff.  I've now taken their feedback and
      drafted a process document to run through counsel.  Jason
      has referred me to another EFF lawyer with more crypto
      export experience who has agreed to review it.

 COPYRIGHT NOTICS: Our counsel will be giving one final review
      on the copyright notice issue starting this Friday
      (during a monthly teleconference).  Should have something
      ready within one week after that.

 LGPL: I'm still waiting on feedback from Eben on my
      Java/LGPL position paper that I sent him last month. He
      wanted to refrain from giving me feedback until
      discussing the matter with the FSF. I expect to have
      something any day now, since that meeting should have
      recently happened.  I recommend we hold off any decision
      to allow distribution of LGPL components within non-
      incubating product JARs until getting this one last
      opinion from Eben and then bouncing it off the rest of
      our counsel.  However, I do not think we should have any
      legal concern about separately distributing the LGPL and
      ASF component that depends on it; both Jason and Larry
      have signed off on this question.

 THIRD-PARTY IP: In the process of working on a document to
      get us to a comprehensive policy on what third-party
      software we will distribute and how, I have created a
      little matrix to summarize the issues across the most
      common licenses of interest to the ASF today.  I will
      send this matrix to legal-discuss list today for
      discussion.  It might also be helpful for discussing
      how LGPL is similar and different from licenses like
      the CPL and CDDL.

 ASF LEGAL POLICY DOC: All these issues and more are being
      written to live within a series of ASF legal policy
      documents that I am hoping to have approved at or soon
      after ApacheCon.

 HOUSEKEEPING: I've created a new directory /foundation/legal/
      Board to include all Legal reports and approved
      resolutions with a README indicating that they are
      compiled there for convenience and with a pointer to
      the normative versions.

16 Nov 2005

LGPL resolution

 This was a placeholder for a potential resolution regarding
 the ASF Policy for Dependencies on LGPL code. No resolution was
 forthcoming.

26 Oct 2005 [Cliff Schmidt]

 ADDITIONAL COUNSEL: I have signed an agreement with Eben
    Moglen of the Software Freedom Law Center to have them
    offer the ASF pro bono legal services.  The first job
    will be to work with Justin on renewing our 501(c)(3)
    status and some of the thorny issues we need to resolve
    to get our books in order.

 BXA/CRYPTO: While I was working on a draft crypto policy,
    I was notified that the Perl PMC (and Tomcat?) may not
    have sent notification to the Bureau of Industry and
    Security (BIS, formerly known as BXA).  This has
    required me to try out specific guidance on these two
    projects, which will hopefully make the formal policy
    more robust.  I'm still working with the Perl and
    Tomcat PMCs to help solve their immediate issues.  Most
    of the relevant discussion has been cc'd to
    legal-internal.

 COPYRIGHT NOTICES: Last month I reported that I was getting
    general agreement from our counsel to move to a policy
    that requires only a licensing notice, but not a
    copyright notice at the top of each source file.  I
    regret to say that I have made very little progress on
    this issue since last month.  I'll have this ready for
    next board meeting.

 LGPL: Last month I reported that this issue needs to be
    addressed within the context of an overall policy stating
    what licenses are acceptable for ASF distributions to
    take dependencies on and distribute (see "Third Party IP"
    issue below).  Ten days ago, I sent Eben Moglen (in his
    role as general counsel for the FSF) a five-page document
    (including a developer-focused FAQ) on my interpretation
    of exactly what the LGPL allows and does not allow related
    to Java dependencies and distribution requirements.  He
    has not given me feedback on this yet, but has been
    talking about releasing a similar position paper on behalf
    of the FSF.

 THIRD-PARTY IP: Last month I reported that most of the
    licenses we thought we could sublicense under the Apache
    License (including the CPL) can really only be distributed
    under their own license.  So, we now need to figure out what
    makes a license okay to include in an Apache distribution.
    I've made very little progress on this in the last month, but
    I hope to have a policy written, discussed, and ready for
    approval by the December board meeting.

 ASF LEGAL POLICY DOC: Although I did not make as much progress
    as I'd hoped on the copyright notice and third-party IP
    issues over the last month, I did write up and outline for
    an overall legal policy doc to address these issues and
    others.  The outline (including a brief preview of where
    the document was probably headed) was sent to legal-discuss.

21 Sep 2005 [Cliff Schmidt]

 COPYRIGHT NOTICES: I have gotten Jason, Larry, Robyn, and
    even Eben Moglen to all agree that we should be fine
    with no copyright notice at the top of each source file,
    and instead just include a licensing notice similar to
    what Roy recently posted to the Board@ list.  The issue
    that isn't quite solved yet is the mechanics of ensuring
    any COPYRIGHT file or section of the NOTICE file is in
    sync with the CLAs and agreements from outside contributors.

 BXA/CRYPTO: I now have an understanding of the open source
    exception to the crypto export requirements.  I've read
    through the relevant docs at bxa.doc.gov, eff.org, and
    a legal opinion from McGlashan & Sarrail dated
    September 13, 2000, which I found in /foundation/Records/BXA.
    There was a minor (generally favorable) change to the
    TSU exception (the one that applies to open source) last
    December.  The bottom line is that there appears to be no
    problem with distributing source or binaries as long as we
    give appropriate notice to the BXA/BIS.  My next step is to
    get an updated opinion from Jason and publish guidelines to
    PMCs.

 LGPL: There's the legal requirements side of this issue and
    the policy side (as with so many things).  I believe I have
    already completed the due dilligence on the legal
    requirements side; however, during conversations with Eben
    Moglen I've found that he plans to publish a document that
    is explicit about the issues or non-issues with Java and
    the LGPL.  I will be sending him my view of these issues
    this week, which I hope will influence what ends up in his
    document.  On the policy side, we need to stop treating the
    LGPL differently from other licenses, and instead determine
    what our policy is for taking dependencies on and
    distributing third-party IP.

 THIRD-PARTY IP: Any time we bring in third-party IP that is
    not licensed under the Apache License, we have two choices:
    a) sublicense the work under the Apache License (if we have
    the rights to do so), or b) distribute the Apache product
    under each applicable license and make that clear to our
    users.  We've been trying to say we're only doing a) so far.
    However, in my view we are obviously not consistently doing
    this, nor do I think it is practical to do so.  So, I'm now
    thinking the best way to address issues of shipping CPL,
    MPL, CDDL, LGPL, etc. is to stop trying to sublicense them
    under the Apache License and instead create and implement
    a policy that allows us to distribute products that contain
    IP under some set of license terms (including terms outside
    the scope of the Apache License).

17 Aug 2005 [Cliff Schmidt]

 I've inserted slightly edited versions of the same MPL/NPL
 and LGPL resolutions, which were tabled last month.

 Since last month's meeting, I have:
   - confirmed with a second member of ASF's legal counsel
     that the proposed LGPL policy does not put our product
     licensing at risk;
   - posted and discussed the proposed LGPL policy on the
     legal-discuss list, where no new concerns were raised
     about the licensing ramifications; however there was
     concern raised by both outside lawyers and Apache
     committers that dependencies on LGPL libraries was not
     in the best interests of some Apache users;
   - engaged with representatives of the Mozilla Foundation
     to discuss the proposed MPL/NPL licensing policy.  While
     they have *not* yet formally indicated their agreement
     with our interpretation, they have not yet raised any
     new concerns.

 Future action items include resolving the BXA/crypto issue
 and investigating and proposing policies for the CPL, EPL,
 and CDDL licenses.

 Finally, one of my short-term objectives is to overhaul the
 legal STATUS file to reflect the current priorities and
 status.

17 Aug 2005

Allow product dependencies on LGPL-licensed libraries

 WHEREAS, some Project Management Committees (PMCs) within
 The Apache Software Foundation (ASF) expect to better serve
 their mission through the occasional dependency on existing
 LGPL-licensed libraries when no other practical alternative
 exists under terms covered by the Apache License, Version 2.0;
 and

 WHEREAS, research into the impact of distributing ASF products
 that depend on the presence of LGPL-licensed libraries
 indicates that the product licensing terms are not affected by
 such a dependency; and

 WHEREAS, the current ASF licensing policy discourages the
 distribution of intellectual property by the ASF under terms
 beyond those stated in the Apache License, Version 2.0.

 NOW, THEREFORE, BE IT RESOLVED, that PMCs may develop and
 distribute products that depend on the presence of
 LGPL-licensed libraries when no other practical alternative
 exists under terms covered by the Apache License, Version 2.0;
 and be it further

 RESOLVED, that PMCs will register such use of an LGPL-licensed
 library with the Vice President of Legal Affairs prior to the
 PMC's next regularly scheduled Board report, and in no case
 less than two weeks prior to the distribution of the
 applicable product(s); and be it further

 RESOLVED, that PMCs will continue to reevaluate whether a
 practical alternative exists under terms covered by the Apache
 License, Version 2.0, which could be substituted in place of
 the LGPL-licensed library; and be it further

 RESOLVED, that PMCs must continue to ensure that they do not
 distribute LGPL-licensed libraries or any other intellectual
 property that is only available under licenses with terms
 beyond those stated in the Apache License, Version 2.0.

 Special Order 6C, Allow product dependencies on LGPL-licensed
 libraries, was Tabled. The main discussion points were
 whether the permission of dependencies invalidated the
 spirit of the ASF and the Apache License. Discussion was
 to be continued on the Board mailing list.

17 Aug 2005

Allow redistribution of MPL- and NPL-licensed executables

 WHEREAS, some Project Management Committees (PMCs) within
 The Apache Software Foundation (ASF) expect to better serve
 their mission through the use and redistribution of the
 executable form of existing source code licensed under the
 Mozilla Public License (MPL) or Netscape Public License (NPL);
 and

 WHEREAS, it is the ASF's interpretation that the MPL and NPL
 licenses permit distribution of such executables under the
 terms of the Apache License, Version 2.0, provided the terms
 applicable to the associated source code have been complied
 with and that appropriate entries made in the ASF
 distribution's NOTICE file; and

 WHEREAS, the current ASF licensing policy discourages the
 distribution of intellectual property by the ASF under terms
 beyond those stated in the Apache License, Version 2.0.

 NOW, THEREFORE, BE IT RESOLVED, that PMCs may use and
 redistribute the executable form of existing source code
 licensed under the MPL 1.0, MPL 1.1, NPL 1.0, or NPL 1.1;
 and be it further

 RESOLVED, that PMCs must ensure such redistribution only
 occurs after appropriate entries have been made in the ASF
 distribution's NOTICE file and only if the PMC finds that
 the MPL/NPL terms applicable to the associated source code
 appear to have been satisfied.

 Special Order 6B, Allow redistribution of MPL- and NPL-licensed
 executables, was Approved by Unanimous Consent.

28 Jul 2005 [Cliff Schmidt]

 See Special Orders for two proposed resolutions.

 The first resolution allows PMCs to develop and distribute
 software that depends on the presence of LGPL-licensed
 libraries, *without* distributing the libraries themselves.
 After numerous discussions with the FSF, other LGPL licensors,
 and ASF counsel, Larry Rosen, it appears that such a policy
 should not impact the product licensing.  In order to allow
 PMCs to apply this policy to all useful LGPL-licensed
 libraries, the resolution does not require the PMCs to get
 an agreement from each copyright owner, but instead requires
 the PMC to register the use of the particular LGPL library
 with the VP of Legal Affairs.  See my post to the board@
 list for more details ("My recommendation for an ASF policy on
 the LGPL").

 The second resolution allows PMCs to redistribute MPL/NPL-
 licensed executables.  The key difference between the MPL/NPL
 and the LGPL regarding redistribution requirements is that the
 MPL/NPL allows redistribution under any license (provided that
 the distributor complies with the applicable terms of the
 MPL/NPL); the LGPL requires redistribution of either the source
 or executable of the library to be licensed only under the LGPL.

 While the MPL 1.0, MPL 1.1, NPL 1.0, and NPL 1.1 are nearly
 identical in their treatment of redistribution of executables,
 it is important to note that the NPL licenses are not OSI-
 approved, as they discriminate in favor of Netscape, weakening
 the terms that Netscape has to comply with relative to other
 users.  See my post to the board@ list for more details ("MPL/NPL
 Issue: My recommendation for an ASF policy on the MPL/NPL").

 NOTE: Larry Rosen has agreed with my analysis of the MPL/NPL
 licenses as described in the referenced post; however, yesterday
 he suggested that I confirm that Mitchell Baker also agrees
 (author of the licenses).  I have not yet received her response.
 This could be a reason to table this resolution.

28 Jul 2005

Allow redistribution of MPL- and NPL-licensed executables

 WHEREAS, some Project Management Committees (PMCs) within
 The Apache Software Foundation (ASF) expect to better serve
 their mission through the use and redistribution of existing
 software executables that are licensed under the Mozilla Public
 License (MPL) or Netscape Public License (NPL); and

 WHEREAS, research into the impact of distributing MPL- and
 NPL-licensed executables indicated that such distribution
 is allowed under the terms of the Apache License, Version 2.0,
 only if specific entries made in the NOTICE file and if the
 associated source code complies with the applicable terms of
 the MPL/NPL; and

 WHEREAS, the current ASF licensing policy continues to require
 all intellectual property distributed by the ASF be licensed
 under the Apache License, Version 2.0.

 NOW, THEREFORE, BE IT RESOLVED, that PMCs may use and
 redistribute software executables that are licensed under the
 MPL 1.0, MPL 1.1, NPL 1.0, or NPL 1.1; and be it further

 RESOLVED, that PMCs must ensure such redistribution only occurs
 after entries are made in the associated product's NOTICE file
 in compliance with the terms of the MPL/NPL, and that the
 associated source code also complies with the applicable terms
 of the MPL/NPL.

 Resolution 6F was tabled with general consent.  Questions arose
 why MPL 1.0 was not ok before.  It is suggested to get feedback
 from Mitchel Baker.

 Action Item: Review earlier arguments why MPL 1.0 was not ok.

28 Jul 2005

Allow product dependencies on LGPL-licensed libraries

 WHEREAS, some Project Management Committees (PMCs) within
 The Apache Software Foundation (ASF) expect to better serve
 their mission through the use of existing LGPL-licensed
 libraries as a product dependency; and

 WHEREAS, research into the impact of distributing ASF products
 that depend on the presence of LGPL-licensed libraries has
 indicated that the product licensing terms are not affected by
 such a dependency; and

 WHEREAS, the current ASF licensing policy continues to require
 all intellectual property distributed by the ASF be licensed
 under the Apache License, Version 2.0.

 NOW, THEREFORE, BE IT RESOLVED, that PMCs may develop and
 distribute products that depend on the presence of
 LGPL-licensed libraries; and be it further

 RESOLVED, that PMCs will register such use of an LGPL-licensed
 library with the Vice President of Legal Affairs prior to the
 PMC's next regularly scheduled Board report, and in no case
 less than one week prior to the distribution of the applicable
 product(s); and be it further

 RESOLVED, that PMCs must continue to ensure they do not
 distribute LGPL-licensed libraries or any other intellectual
 property that cannot be strictly licensed under the Apache
 License, Version 2.0.

 Discussion occurred that raised questions: Is the FSF position
 public?  Will downstream users be comfortable with this?  The
 conclusion was to give 3rd parties time to react to this
 proposed resolution prior to voting on it.  Resolution 6E
 was tabled with general consent.

22 Jun 2005

Endorsement of MPL for dependencies

 WHEREAS, the Netscape/Mozilla Public Licenses are software licenses
 created to explicitly allow redistribution of products, licensed using
 these licenses, in commercially, non-open source products; and

 WHEREAS, the Netscape/Mozilla Public Licenses requires changes to
 NPL/MPL-ed code to be made available to the public under the same
 license; and

 WHEREAS, the Cocoon and XML Graphics Program Management Committee wish
 to include Rhino, an NPL-licensed product, in their products (Batik and
 Cocoon); and

 WHEREAS, Rhino will be included as-is inside said products, and no
 changes will be made to the Rhino source code.

 NOW, THEREFORE, BE IT RESOLVED, that the Apache Software Foundation
 endorses the NPL/MPL license as an appropriate license for code
 libraries that are redistributed, unchanged, with ASF products.

 Special Order C, Endorsement of MPL for dependencies, was tabled.

22 Jun 2005

Appoint a Vice President of Legal Affairs

 WHEREAS, the Board of Directors deems it to be in the best
 interests of the Foundation and consistent with the
 Foundation's purpose to appoint an officer responsible
 for legal affairs, including but not limited to streamlining
 communication between the Foundation's Project Management
 Committees, legal counsel, the Board and other parties
 pertaining to legal issues.

 NOW, THEREFORE, BE IT RESOLVED that the office of
 "Vice President of Legal Affairs" be and hereby created,
 the person holding such office to serve at the direction
 of the Board of Directors, and to have primary responsibility
 of coordinating the Foundation's legal counsel pertaining to
 legal issues; and be it further

 RESOLVED, that Cliff Schmidt be and hereby is appointed to
 the office of Vice President of Legal Affairs, to serve in
 accordance with and subject to the direction of the Board
 of Directors and the Bylaws of the Foundation until death,
 resignation, retirement, removal or disqualification, or
 until a successor is appointed.

 By Unanimous Vote, Cliff Schmidt was appointed as VP of
 Legal Affairs.

14 Nov 2004

Approve new version of Corporate CLA

 Still a placeholder.  For information, the version we'll vote on
 will be:

   https://svn.apache.org/repos/asf/infrastructure/site/trunk/docs/licenses/proposed/cla-corporate.txt

 Special Order C, Approve new version of Corporate CLA, was tabled.
 However, it was noted that the proposed Corporate CLA was accepted
 but not ratified.

14 Nov 2004

Affirm Intent to Own Copyright to all ASF Distributions

  WHEREAS, the Board of Directors deems it to be in the best
  interests of the Foundation and consistent with the
  Foundation's purpose that the Foundation receives assignment
  of copyright of all contributions to the Foundation

  NOW, THEREFORE, BE IT RESOLVED, that the Board of Directors
  does affirm that ownership of copyright by the ASF is in the
  best interest of the Foundation, and will work to create
  documentation and agreements for contributors to the ASF
  incorporating this basic principle.

 Special Order B, Affirm Intent to Own Copyright to all ASF
 Distributions, was tabled.

20 Oct 2004

Affirm Intent to Own Copyright to all ASF Distributions

 WHEREAS, the Board of Directors deems it to be in the best
 interests of the Foundation and consistent with the
 Foundation's purpose that the Foundation receives assignment
 of copyright of all contributions to the Foundation

 NOW, THEREFORE, BE IT RESOLVED, that the Board of Directors does
 affirm that ownership of copyright by the ASF is in the best interest of
 the Foundation, and will work to create documentation  and agreements
 for contributors to the ASF incorporating this basic principle.

 The above resolution created some discussion, not on the
 basic principles, but on how it would affect the current
 impact on new and proposed projects. In particular, such basic
 questions as whether this meant that any and all
 new projects would have to be "delayed for inclusion" until
 the legal ramifications of owning copyright and how it
 affects the current codebase of all ASF projects.  A vote
 was held on whether the ASF should, for the short time being,
 continue "business as usual" regarding the form and wording
 of the ASF Copyright statement as well as accepting new
 projects, codebases and contributions, until such time that
 these questions are answered to satisfaction.  A vote of Yea
 was for continuing "business as usual;" Nay was for holding
 off until the questions have been answered.

     Yea: Brian, Dirk, Jim, Stefano, Sander
     Nay: Ken, Geir

 By majority vote, the issue passed.  It should be noted that
 all directors agreed very strongly that the copyright issue
 is extremely important and a high priority issue to be
 resolved.  It is expected that discussion will be held via
 the mailing lists regarding this in anticipation of a final
 resolution in time for the November board meeting.

21 Jul 2004

Policy on Passing through of Restrictions to licensees

 WHEREAS, It is the intent of the ASF to provide its members and
 licensees substantial freedom in the use of ASF programs and to
 avoid imposing any restrictions on the use of ASF Programs
 under the ASF license that would conflict with the Open Source
 Definition maintained by the Open Source Initiative.

 NOW, THEREFORE, BE IT RESOLVED, that the ASF may only agree to
 pass along restrictions upon a licensee's use of ASF programs
 under the ASF license if the ASF is advised by its legal
 counsel that it is required to do so by law, and the commitment
 is approved by the ASF Board of Directors; and be it further

 RESOLVED, that the ASF may only pass along notices to its
 licensees that may restrict a licensee's use of an ASF program
 under the ASF license, or otherwise limit a licensee's freedom
 in any respect, if the ASF is advised by its legal counsel that
 it is required to do so by law, and the notice is approved by
 the ASF Board of Directors.  As an example, the ASF may not
 pass along notices purporting to restrict the ability of a
 licensee to make truthful statements regarding programs that
 are based on the ASF program, unless the conditions set forth
 above are met; and be it further

 RESOLVED, that the ASF may pass along offers of additional
 rights or benefits to its licensees, in addition to the rights
 included in the ASF license.  As an example, the ASF may pass
 along a notice that a trademark license is available from a
 third party for use with the ASF program, provided that the
 trademark license is reasonable, and offered to all ASF program
 licensees on a nondiscriminatory basis, and also provided that
 use of the ASF program under the ASF license is not conditioned
 upon the trademark license.

 Some ASF programs are designed to be compatible with industry
 standards and are tested by the ASF to verify compliance with
 the standard.  Since compatibility with standards is important,
 and since the ASF license does not address claims of
 compatibility, it is acceptable, and not inconsistent with this
 policy, for the ASF program to include an additional license
 restriction that prohibits a licensee from making false claims
 of compatibility with the industry standard.  However, such
 restriction may not restrict the licensees right to use, modify
 or distribute the program.  As an example, an ASF program that
 is designed to implement a Java specification and tested to
 verify conformance with the speciification may include an
 additional license restriction prohibiting the licensee from
 misrepresenting the conformance of the modified program.
 Therefore a licensee may accurately describe a program as
 having been tested for conformance by the ASF if the code that
 implements the specification has not been modified, or a
 licensee may accurately describe a program as being compatible
 if no modifications have been made that would affect
 compatibility.


 Geir noted that the resolution was somewhat complicated and
 he had not enough time to read through, and asked that it be
 tabled until next month.  There was no opposition.

 Discussion later in the meeting returned to this issue, and it
 was agreed to table and discuss at member's meeting in
 November 2004.

23 Jun 2004

Corporate Contributor License Agreement

   WHEREAS, Project Management Committees within The Apache
   Software Foundation have an immediate need for an approved text
   to be used as a Corporate Contributor License Agreement.

   NOW, THEREFORE, BE IT RESOLVED, that the Corporate Contributor
   License Agreement attached hereto as Attachment U may be used
   by all Project Management Committees within The Apache Software
   Foundation.


 Both Corporate and Individual agreements were discussed together.  There
 was concern from several that they had been recently posted to the license
 mail list, but Sam noted that they were posted right after May board
 meeting, and that recent activity only had to with a set of concerns by Brian.

 Brian had a concern regarding two changes in the Corp CLA that appeared to
 create a loophole, but was satisfied with the response from Jennifer
 Machovec, the proposer of the changes, that there was no loophole as the
 issue in question was dealt with by the Individual CLA, and since a Corp CLA
 never stands on it's own - there is always a Individual CLA for the
 contributor - there is no problem.

 It was suggested to bump to next month to give time for more consideration,
 but Sam noted that he didn't believe much would happen in another month
 since nothing happened in the last month.  General agreement.

 Brian and Greg suggested adding a version number, and based on a question from
 Stefano, it was clarified that new revisions wouldn't necessarily require a
 re-signing by existing CLA signatories.

 By unanimous vote, the new Corporate Contributor License Agreement
 was approved.

23 Jun 2004

Individual Contributor License Agreement

  WHEREAS, Project Management Committees within The Apache
  Software Foundation have an immediate need for an approved text
  to be used as a Contributor License Agreement.

  NOW, THEREFORE, BE IT RESOLVED, that the Individual Contributor
  License Agreement attached hereto as Attachment T may be used
  by all Project Management Committees within The Apache Software
  Foundation.


 See discussion notes below for "C. Corporate Contributor License
 Agreement"

 Dirk left the meeting at 11:03 PDT.  At this point, quorum was
 maintained by Brian, Geir, Stefano, Sam, Greg and Sander.

 By unanimous vote, the new Individual Contributor License Agreement
 was approved.

23 Jun 2004

Corporate Contributor License Agreement

                    The Apache Software Foundation
             Corporate Contributor License Agreement ("Agreement")
                    http://www.apache.org/licenses/


 Thank you for your interest in The Apache Software Foundation (the
 "Foundation"). In order to clarify the intellectual property license
 granted with Contributions from any person or entity, the Foundation
 must have a Contributor License Agreement (CLA) on file that has been
 signed by each Contributor, indicating agreement to the license terms
 below. This license is for your protection as a Contributor as well
 as the protection of the Foundation and its users; it does not change
 your rights to use your own Contributions for any other purpose.

 This version of the Agreement allows an entity (the "Corporation") to
 authorize Contributions submitted by its designated employees to the
 Foundation and to grant copyright and patent licenses thereto.

 If you have not already done so, please complete and send an original
 signed Agreement to The Apache Software Foundation, 1901 Munsey Drive,
 Forest Hill, MD 21050-2747, U.S.A. If necessary, you may send it by
 facsimile to the Foundation at +1-410-803-2258. Please read this
 document carefully before signing and keep a copy for your records.


 Corporation name:    ________________________________________________

 Corporation address: ________________________________________________

                      ________________________________________________

                      ________________________________________________

 Point of Contact:    ________________________________________________

        E-Mail:       ________________________________________________

        Telephone:    _____________________ Fax: _____________________


 You accept and agree to the following terms and conditions for Your
 present and future Contributions submitted to the Foundation. In
 return, the Foundation shall not use Your Contributions in a way that
 is contrary to the public benefit or inconsistent with its nonprofit
 status and bylaws in effect at the time of the Contribution. Except
 for the license granted herein to the Foundation and recipients of
 software distributed by the Foundation, You reserve all right, title,
 and interest in and to Your Contributions.

 1. Definitions.

    "You" (or "Your") shall mean the copyright owner or legal entity
    authorized by the copyright owner that is making this Agreement
    with the Foundation. For legal entities, the entity making a
    Contribution and all other entities that control, are controlled by,
    or are under common control with that entity are considered to be a
    single Contributor. For the purposes of this definition, "control"
    means (i) the power, direct or indirect, to cause the direction or
    management of such entity, whether by contract or otherwise, or
    (ii) ownership of fifty percent (50%) or more of the outstanding
    shares, or (iii) beneficial ownership of such entity.

    "Contribution" shall mean any original work of authorship, including
    any modifications or additions to an existing work, that is intentionally
    submitted by You to the Foundation for inclusion in, or
    documentation of, any of the products owned or managed by the
    Foundation (the "Work"). For the purposes of this definition,
    "submitted" means any form of electronic, verbal, or written
    communication sent to the Foundation or its representatives,
    including but not limited to communication on electronic mailing
    lists, source code control systems, and issue tracking systems
    that are managed by, or on behalf of, the Foundation for the
    purpose of discussing and improving the Work, but excluding
    communication that is conspicuously marked or otherwise designated
    in writing by You as "Not a Contribution."

 2. Grant of Copyright License. Subject to the terms and conditions
    of this Agreement, You hereby grant to the Foundation and to
    recipients of software distributed by the Foundation a perpetual,
    worldwide, non-exclusive, no-charge, royalty-free, irrevocable
    copyright license to reproduce, prepare derivative works of,
    publicly display, publicly perform, sublicense, and distribute
    Your Contributions and such derivative works.

 3. Grant of Patent License. Subject to the terms and conditions of
    this Agreement, You hereby grant to the Foundation and to recipients
    of software distributed by the Foundation a perpetual, worldwide,
    non-exclusive, no-charge, royalty-free, irrevocable (except as
    stated in this section) patent license to make, have made, use,
    offer to sell, sell, import, and otherwise transfer the Work,
    where such license applies only to those patent claims licensable
    by You that are necessarily infringed by Your Contribution(s)
    alone or by combination of Your Contribution(s) with the Work to
    which such Contribution(s) were submitted. If any entity institutes
    patent litigation against You or any other entity (including a
    cross-claim or counterclaim in a lawsuit) alleging that your
    Contribution, or the Work to which you have contributed, constitutes
    direct or contributory patent infringement, then any patent licenses
    granted to that entity under this Agreement for that Contribution or
    Work shall terminate as of the date such litigation is filed.

 4. You represent that You are legally entitled to grant the above
    license. You represent further that each employee of the
    Corporation designated on Schedule A below (or in a subsequent
    written modification to that Schedule) is authorized to submit
    Contributions to the designated Work(s)on behalf
    of the Corporation.

 5. You represent that each of Your Contributions is Your original
    creation (see section 7 for submissions on behalf of others).

 6. You are not expected to provide support for Your Contributions,
    except to the extent You desire to provide support. You may provide
    support for free, for a fee, or not at all. Unless required by
    applicable law or agreed to in writing, You provide Your
    Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
    OF ANY KIND, either express or implied, including, without
    limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT,
    MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.

 7. Should You wish to submit work that is not Your original creation,
    You may submit it to the Foundation separately from any
    Contribution, identifying the complete details of its source and
    of any license or other restriction (including, but not limited
    to, related patents, trademarks, and license agreements) of which
    you are personally aware, and conspicuously marking the work as
    "Submitted on behalf of a third-party: [named here]".

 8. It is your responsibility to notify the Foundation when any change
    is required to the list of designated employees authorized to submit
    Contributions on behalf of the Corporation, or to the Corporation's
    Point of Contact with the Foundation.



 Please sign: __________________________________ Date: _______________

 Title:       __________________________________

 Corporation: __________________________________


 Schedule A

     [initial list of designated employees]

23 Jun 2004

Individual Contributor License Agreement

                    The Apache Software Foundation
            Individual Contributor License Agreement ("Agreement")
                    http://www.apache.org/licenses/


 Thank you for your interest in The Apache Software Foundation (the
 "Foundation"). In order to clarify the intellectual property license
 granted with Contributions from any person or entity, the Foundation
 must have a Contributor License Agreement (CLA) on file that has been
 signed by each Contributor, indicating agreement to the license terms
 below. This license is for your protection as a Contributor as well
 as the protection of the Foundation and its users; it does not change
 your rights to use your own Contributions for any other purpose.

 If you have not already done so, please complete and send an original
 signed Agreement to The Apache Software Foundation, 1901 Munsey Drive,
 Forest Hill, MD 21050-2747, U.S.A. If necessary, you may send it by
 facsimile to the Foundation at +1-410-803-2258. Please read this
 document carefully before signing and keep a copy for your records.


 Full name: ____________________________  E-Mail:    _________________

 Address: ______________________________  Telephone: _________________

 _______________________________________  Facsimile: _________________

 _______________________________________  Country:   _________________


 You accept and agree to the following terms and conditions for Your
 present and future Contributions submitted to the Foundation. In
 return, the Foundation shall not use Your Contributions in a way that
 is contrary to the public benefit or inconsistent with its nonprofit
 status and bylaws in effect at the time of the Contribution. Except
 for the license granted herein to the Foundation and recipients of
 software distributed by the Foundation, You reserve all right, title,
 and interest in and to Your Contributions.

 1. Definitions.

    "You" (or "Your") shall mean the copyright owner or legal entity
    authorized by the copyright owner that is making this Agreement
    with the Foundation. For legal entities, the entity making a
    Contribution and all other entities that control, are controlled by,
    or are under common control with that entity are considered to be a
    single Contributor. For the purposes of this definition, "control"
    means (i) the power, direct or indirect, to cause the direction or
    management of such entity, whether by contract or otherwise, or
    (ii) ownership of fifty percent (50%) or more of the outstanding
    shares, or (iii) beneficial ownership of such entity.

    "Contribution" shall mean any original work of authorship, including
    any modifications or additions to an existing work, that is intentionally
    submitted by You to the Foundation for inclusion in, or
    documentation of, any of the products owned or managed by the
    Foundation (the "Work"). For the purposes of this definition,
    "submitted" means any form of electronic, verbal, or written
    communication sent to the Foundation or its representatives,
    including but not limited to communication on electronic mailing
    lists, source code control systems, and issue tracking systems
    that are managed by, or on behalf of, the Foundation for the
    purpose of discussing and improving the Work, but excluding
    communication that is conspicuously marked or otherwise designated
    in writing by You as "Not a Contribution."

 2. Grant of Copyright License. Subject to the terms and conditions
    of this Agreement, You hereby grant to the Foundation and to
    recipients of software distributed by the Foundation a perpetual,
    worldwide, non-exclusive, no-charge, royalty-free, irrevocable
    copyright license to reproduce, prepare derivative works of,
    publicly display, publicly perform, sublicense, and distribute
    Your Contributions and such derivative works.

 3. Grant of Patent License. Subject to the terms and conditions of
    this Agreement, You hereby grant to the Foundation and to recipients
    of software distributed by the Foundation a perpetual, worldwide,
    non-exclusive, no-charge, royalty-free, irrevocable (except as
    stated in this section) patent license to make, have made, use,
    offer to sell, sell, import, and otherwise transfer the Work,
    where such license applies only to those patent claims licensable
    by You that are necessarily infringed by Your Contribution(s)
    alone or by combination of Your Contribution(s) with the Work to
    which such Contribution(s) was submitted. If any entity institutes
    patent litigation against You or any other entity (including a
    cross-claim or counterclaim in a lawsuit) alleging that your
    Contribution, or the Work to which you have contributed, constitutes
    direct or contributory patent infringement, then any patent licenses
    granted to that entity under this Agreement for that Contribution or
    Work shall terminate as of the date such litigation is filed.

 4. You represent that you are legally entitled to grant the above
    license. If your employer(s) has rights to intellectual property
    that you create that includes your Contributions, you represent
    that you have received permission to make Contributions on behalf
    of that employer, that your employer has waived such rights for
    your Contributions to the Foundation, or that your employer has
    executed a separate Corporate CLA with the Foundation.

 5. You represent that each of Your Contributions is Your original
    creation (see section 7 for submissions on behalf of others).
    You represent that Your Contribution submissions include complete
    details of any third-party license or other restriction (including,
    but not limited to, related patents and trademarks) of which you
    are personally aware and which are associated with any part of
    Your Contributions.

 6. You are not expected to provide support for Your Contributions,
    except to the extent You desire to provide support. You may provide
    support for free, for a fee, or not at all. Unless required by
    applicable law or agreed to in writing, You provide Your
    Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
    OF ANY KIND, either express or implied, including, without
    limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT,
    MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.

 7. Should You wish to submit work that is not Your original creation,
    You may submit it to the Foundation separately from any
    Contribution, identifying the complete details of its source and
    of any license or other restriction (including, but not limited
    to, related patents, trademarks, and license agreements) of which
    you are personally aware, and conspicuously marking the work as
    "Submitted on behalf of a third-party: [named here]".

 8. You agree to notify the Foundation of any facts or circumstances
    of which you become aware that would make these representations
    inaccurate in any respect.



 Please sign: __________________________________ Date: _______________

18 Feb 2004

Discussion: what to do about old SA releases (under the GPL/PAL)

 It was agreed that providing links to external locations for
 old versions of SA (Spam Assassin), until an official
 ASF release of SA would be in the best interest of the
 community.  As soon as the 1st ASF release of SA is available,
 the ASF shall remove all links to the old versions.  At not
 point will old versions be hosted or available via ASF
 infrastructure.

18 Feb 2004

Discussion: confirm March 1 deadline for CLAs

 March 1 was confirmed as the deadline for the receipt of
 CLAs before CVS accounts are disabled.

18 Feb 2004

Discussion: copyright ownership

 Although initiated due to the current efforts for Spam Assassin,
 the board discussed at length the issues and guidelines regarding
 copyright ownership for the ASF.  It was agreed that all files
 should have 1 single copyright to the ASF.  Copyrights extend
 to the work as a whole, and the ASF must have these.  The
 use of the CHANGES files should note any "history" regarding
 copyrights and that the use of 'author' tags should be
 discouraged for this and other reasons.

21 Jan 2004

Approve the new Apache License 2.0

 WHEREAS, the foundation membership has expressed a strong
 desire for an update to the license under which Apache software
 is released,

 WHEREAS, proposed text for the new license has been reworked
 and refined for many, many months, based on feedback from the
 membership and other parties outside the ASF,

 NOW, THEREFORE, BE IT RESOLVED, that the proposed license found
 at http://www.apache.org/licenses/proposed/LICENSE-2.0.txt is
 officially named the Apache Software License 2.0.  To grant a
 sufficient transition time, this license is to be used for all
 software releases from the Foundation after the date of March
 1st, 2004.

 By Unanimous Vote, the new Apache License 2.0 was approved.

22 Oct 2003

Adopt a new version of the Apache License

   WHEREAS, Project Management Committees within The Apache
   Software Foundation have an immediate need for an approved
   text to be used as a License for both software and
   documentation; and

   WHEREAS, it is desirable that such License be compatible with
   the Free Software Foundation's General Public License; and

   WHEREAS, public discussion of more extensive changes to the
   license, known as the proposed 2.0 license, is not expected
   to complete in time to satisfy the immediate need.

   NOW, THEREFORE, BE IT RESOLVED, that the Apache License,
   Version 1.2, attached hereto as Exhibit A, may be used by all
   Project Management Committees within The Apache Software
   Foundation for application to any of the work products of the
   Foundation, defining the terms and conditions of
   reproduction, distribution, and modification for those work
   products.

 This was tabled until the ASF Board Meeting to be
 held in November after review and discussion. However,
 general discussion of License and CLAs issues was held
 between the board and guess Jennifer Machovec (see below).

21 May 2003

Granting Peter Donald fulls rights / copyright to the "Naming" and "Converter" codebases within Avalon

 The result of this discussion was that the ASF should
 wait for an exact request from Peter Donald regarding both
 the grant of copyright and grant of distribution.  Until we
 know the exact items that Mr. Donald is requesting, it is
 premature to make any decisions or agreements.

21 May 2003

Slightly modify the contributor agreement

 Bill Stoddard asked: "I would like to add this item to the
 board meeting agenda. I propose the following amendment to
 the CLA to add the phrase (all caps) as follows:"

  4. You represent that, except as disclosed in your Contribution
     submission(s), each of your Contributions is your original creation.
     You represent that your Contribution submission(s) include complete
     details of any license or other restriction (including, but not
     limited to, related patents and trademarks)

     OF WHICH YOU PERSONALLY ARE AWARE AND WHICH ARE

     associated with any part
     of your Contribution(s) (including a copy of any applicable license
     agreement).  You agree to notify the Foundation of any facts or
     circumstances of which you become aware that would make Your
     representations in this Agreement inaccurate in any respect.

 This item was tabled in order to allow us to get a
 formal legal opinion regarding the effects of the change.
 Ben Laurie is tasked to contact Robyn regarding this item.

20 Mar 2002

Request from SAP for License Amendment Permission

 Due to the details of European Law, the ASF cannot legally deny warranty
 (AS IS) on the code. We can, however, allow someone to take it over. SAP
 is requesting such approval from us to allow them to distribute Apache
 in their product line. The proposed agreement is Attachment A.

 The following resolution (R2) was proposed:

       RESOLVED, that the Board of Directors approves the amendment to
       the Apache Software License, version 1.1, attached hereto as
       Attachment A, for use by SAP in redistributing software owned
       by the Foundation.

    Resolution R2 was proposed and seconded. The Resolution R2 was approved
    by unanimous vote of all directors present

28 Nov 2001

ASF License 2.0

 The topic that was discussed was related to the following statement
 in the Agenda:
 "There seems to be general agreement in the licensing mailing list on
 the content within Exhibit A (which is the same as in the file
 foundation/Licenses/Apache/license-roy.txt) as a new license that would
 accomplish the previously stated goals.  The board can choose to approve
 it for use now (leaving it to each PMC as to when/if to apply it for
 each project), mandate that it be used by all PMC after a certain date,
 send it to an outside lawyer for further review, ask the members to vote
 on it, or any combination of the above."

 Discussion of the proposed license centered around whether the additional
 complexity due to addressing patent and contribution issues was worth the
 departure from the simple BSD-like terms. The question also arose as to
 whether such a change would require a full vote of the members due to
 how important the open source license is to the mission and bylaws of the
 Foundation. Roy offered to create a more BSD-like alternative license
 for the purpose of comparision, and will send a message to all ASF
 committers to be sure that they are aware of the proposed license change
 and are able to make comments on the proposal before the board makes a
 final decision. This item was then tabled for consideration at a future
 meeting after more feedback has been received from interested parties.

 ======

24 Jul 2000

Coriolis copyright infringement

 Update from Dirk on Coriolis book that stripped our license and
 added a GPL license.  Dirk indicated that he is waiting for a
 response from our lawyers.

10 Mar 2000

XML and Data Channel License

 Dirk presented information regarding various License statements
 desired and required by Data Channel. The board agreed that
 continued work on the effort was required. Dirk agreed to
 handle the issues and keep the board informed of its status.