[Archive/cache from https://agree2.com/declarations/oauth-non-assertion-covenant-and-authors-contribution-license Version 2008-07-02, from 2008-07-27]

OAuth Non-Assertion Covenant and Author’s Contribution License For OAuth Specification 1.0

The Authors of the OAuth API authorization protocol specification, version 1.0 (“OAuth Specification 1.0”) wish to grant certain promises to the OAuth community with respect to the OAuth Specification 1.0 under this OAuth NonAssertion Covenant and Author’s Contribution License (“License”).

Terms

Subject to the Conditions below, each Author hereby irrevocably makes the following promise on behalf of itself without the requirement of any monetary compensation or any additional terms and conditions:

Each Author (“I” or “me”), as identified as a signatory below of this License, of the OAuth Specification 1.0, as it exists as of the date I signed this License, hereby irrevocably promises not to assert any Necessary Claims against any other entity (“you”) for making, using, selling, offering for sale, importing, or distributing any Implementation or offering any product or service to the extent it contains or uses a Compliant Portion, subject to the conditions below. This is a personal promise directly from me to you, and you acknowledge as a condition of benefiting from it that no rights from me are received by your suppliers, distributors, or otherwise in connection with this promise.

In addition, to the extent my contribution(s) is or may be subject to copyright, I hereby license you the copyright in my contribution(s) to the OAuth Specification 1.0 under the terms of the Creative Commons Attribution-ShareAlike 3.0 license. The attribution notice for the OAuth Specification 1.0 shall be in the following form: “© Copyright 2007 by Insert names of Authors. All rights reserved.”

Conditions:

This promise is not an assurance that: (a) any of my issued patent claims covers an Implementation or are enforceable; or (b) an Implementation will not infringe patents or other intellectual property rights of any third party.

No other rights except those expressly stated in this promise will be deemed granted, waived, or received by implication, exhaustion, estoppel, or otherwise.

You promise not to assert against me any claim that would be a Necessary Claim if asserted by You as an Author under the same terms and conditions of this License.

If you file against me a claim, counterclaim, defense, suit, or action alleging patent infringement by my Implementation, I may (but am not obligated to) revoke my covenant not to assert any Necessary Claims against you.

I and any Related Entities, if any and to the extent Author has the authority to bind its Related Entities, make no (and hereby expressly disclaim any) warranties (express, implied, or otherwise), including implied warranties of merchantability, non-infringement, fitness for a particular purpose, or title, related to the OAuth Specification 1.0, and the entire risk as to implementing this specification is assumed by the implementer (i.e., a person or other entity that creates, distributes, or offers a product or service that contains or makes use of an Implementation).

If I am signing this License on behalf of my employer or other person or entity to whom I owe a duty with respect to activities such as his, her or its participation in the development of the OAuth Specification 1.0, I represent and warrant that I am authorized to execute this License on his, her or its behalf and that I have the full power and authority to bind him, her, or it to the terms and conditions of this License.

Definitions:

Author” means any person (individual, entity, or otherwise) who has signed this License. If such person is an individual, Author includes such individual’s employer or other person or entity (a) to whom that individual owes a duty with respect to activities such as his, her or its participation in the development of the OAuth Specification 1.0 and (b) who has authorized that individual to sign this License on his, her or its behalf.

Compliant Portions” means those specific portions of a product (hardware, software, or combinations thereof) or service only to the extent that they implement and are compliant with all relevant portions of the OAuth Specification 1.0. “Implementation” means a product (e.g., but without limitation, hardware, software, or firmware) or service that consists of (or makes use of) one (1) or more Compliant Portions.

Necessary Claims” means claims of any patent or patent application, other than design patents and design registrations, in any jurisdiction in the world: (a) for which an Author has the right, at any time when this License is effective, to grant licenses or rights of the nature granted herein without such grant resulting in payment of royalties or other consideration to third parties (except for payments to Related Entities or employees); and (b) that are necessarily infringed by Compliant Portions of a particular Implementation. A claim is necessarily infringed hereunder only when such infringement could not have been avoided by another commercially reasonable non-infringing implementation of Compliant Portion(s) of that particular Implementation based on the state of the art when the OAuth Specification 1.0 was deemed final. “Necessary Claims” do not, however, include any claims of any patent or patent application that read on: (x) any enabling technologies that may be necessary to make or use any product or service (or portion of either) that complies with the OAuth Specification 1.0, but that are not themselves expressly set forth in such the OAuth Specification 1.0; (y) the implementation of other published standards not developed by or for OAuth; or (z) any portion(s) of any product or service (or any combination of such portion(s)) the sole purpose or function of which is not required to comply with the OAuth Specification 1.0.

Related Entity” means, with respect to any Author, any person, firm, corporation, partnership, or similar entity that, directly or indirectly controls, is controlled by, or is under common control with such Author, but only for so long as such control exists. For purposes of the foregoing, “control” means direct or indirect control of thirty percent (30%) or more of the voting power to elect directors of that corporation, or for any other entity, the power to direct management of such entity.


TimeCert is a 3rd party time certification service that guarantees that the above version of the agreement has existed at least since the date shown above. TimeCert never sees the contents of your agreement only a unique "fingerprint".

Comments

pelle@stakeventures.com
Pelle Brændgaard
2008-07-02 21:55 UTC
IANAL (I Am Not A Lawyer) and this post should NOT be taken as legal advice.

I do have some questions to it that maybe Gabe can comment on:

“This is a personal promise directly from me to you, and you acknowledge as a condition of benefiting from it that no rights from me are received by your suppliers, distributors, or otherwise in connection with this promise.”

I read this as we as users of the OAuth protocols are protected against IP litigation but our consultants, ISP’s ets do not have this right. That seems to me like illogical legalese double talk. What exactly is the purpose of that sentence?

permalink

gwachob@wachob.com
Gabe Wachob
2008-07-03 01:17 UTC
IANAL (I Am Not A Lawyer) and this post should NOT be taken as legal advice.

Posted a response at http://groups.google.com/group/oauth/msg/0e6c319538574894 : OK, Pelle, since you called me out, let me explain how I understand it (in very rough terms), but of course This Isn’t Legal Advice.

This is a non-assertion statement (covenant == promise). What its saying is merely that I (the signer) won’t sue you (the “reader”/promisee) around OAuth, and this document gives legal force to that promise.

The clause you are highlighting is saying “but I don’t give you any rights beyond this promise not to sue”.

Practically speaking, the “reader” could be anyone who chooses to be a reader – thus the advantage of the promise not to sue (ie protection from a lawsuit) can apply to anyone who wants it.

This would therefore cover all of the folks you mention. The ISP, consultants, are essentially also covered by this provision because they are just as much a “reader” (using my lousy wording) as you. In effect, everyone in the world gets the same protection (with some caveats which I won’t even go into and could probably have a lot of fun coming up with).

So I think its actually quite straightforward in this regard.

Does that make more sense?

permalink

pelle@stakeventures.com
Pelle Brændgaard
2008-07-03 01:21 UTC
IANAL (I Am Not A Lawyer) and this post should NOT be taken as legal advice.

Thanks Gabe. That explains it well.

I can’t help thinking though if there isn’t a more straightforward way of writing it.

permalink