--On Friday, January 09, 2009 10:16 -0500 Thomas Narten <narten@xxxxxxxxxx> wrote: > Martin Duerst <duerst@xxxxxxxxxxxxxxx> writes: > >> WHO exactly are we supposed to get permissions from. > >> The situation of a deceased author is a tought one, but it's >> an obvious one. But I haven't seen any clear answer to whether >> permission from all the authors/editors (the people listed in >>... > IANAL, but if you are expecting anyone (like the IETF) to give > a clear final, legally defensible answer to "who do you need > permission from", you won't get it. That is the nature of > legal questions and is what makes this entire discussion so > difficult. And why what is an accptable risk for you may not > be an acceptable risk for me or someone else. > > To answer the question, you have to look at who bears the risk > if they make an assertion (i.e, by claiming that all > contributers have signed off) that someone later challenges. > And what the potential consequences would be. I think this is the crux of the issue. Let's consider three possible assertions (deliberately trying to avoid expressing them in lawyer-speak): (1) I give the Trust any rights that I or my company have and can give, but make absolutely no assertions about anyone else's rights. (2) I give the Trust any rights that I or my company have and can give, and have verified that everyone listed on the front page (or in some other list), with the following exceptions, have signed off on this. But I make absolutely no assertions about either the rights of anyone not listed, nor about anyone whom I had to identify as an exception. (3) I transfer all rights in the document to the Trust and guarantee the Trust that I've gotten the ok to do so from everyone who might be able to assert a claim of rights to the content, whether they are explicitly listed or not and whether the claim is bogus or not. Implicitly, if the Trust acts on the assumption that they have all the rights and someone complains or litigates, that is my problem to defend against and not the Trust's. Unless I am hugely confident, either * That I wrote every word of the text myself, paraphrasing contributions or suggestions from others, or * that no one will pop out of the woodwork, I believe that making assertion (3) is basically insane unless one is convinced that no one will _ever_ litigate any of this. If the Trust and IPR WG believed the latter, we wouldn't need any of this stuff, so forget that. The 2026/ 3739/ 4879 requirement is not insane because it only requires me to make assertions based on what I can be reasonably expected to know (and the transfer is less general, lowering the odds of protests somewhat). That doesn't eliminate the risk, but, IMO, brings it into manageable proportions. (1) is easy. (2) is a lot harder, but still plausible. But either of those do the one thing that (3) does not and that the current state of things seem intended to avoid: With (1) or (2), the Trust cannot write licenses that assert that they actually control all of the relevant rights (at least without a lot of expensive insurance). Consequently, with either of those options, the risk that someone unidentified might show up and assert a claim falls on either the Trust or the user of the material, not the author/editor of the document. That is the common characteristic of my I-D, Brian's recent I-D, and at least part of some of the "repeal 5378" suggestions: the Trust doesn't get to assume that they have clear and unambiguous title to documents and permission to license them further on whatever terms they determine (and that, if the assumption is wrong, it is the author's problem). It is also, IMO, the fundamental problem with 5378/5377 and with almost any attempt to patch them. They are designed to protect the Trust against granting rights it doesn't have by making the submitter assume all of the obligations and risks of guaranteeing the Trust that it does have certain rights. That is just not how we ought to be designing things if we want people to make contributions to the IETF that build on the work of others. YMMD john _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf