Notes: idpy governance call, 27 March 2017
by hlflanagan@sphericalcowgroup.com
Attendees: Heather, Scott, Benn, Ivan, Leif
https://docs.google.com/spreadsheets/d/1dNR8clA_wKouhwonD8bIiyA5N2wMsorS8Uz…
A few notes re: the spreadsheet:
* Items in yellow are things we should think about, but may not be
blockers in our particular circumstances.
* The phrase “more application than integration” applies to the idea
that a good home has a process for ensuring projects are sustainable,
and that the organization will not just become a dumping ground for
random projects. The process of vetting an inbound project (and bringing
it into conformance as needed) is generally referred to as incubation.
The incubation process is usually fairly complicated, and involves
active engagement with the potential home organization. An application
process is simpler, and basically consists of a few questions for the
potential home's board to consider in deciding whether or not to accept
the project.
* Organizations may want to have their lawyers look at the application
process.
Leif: the project has to feel “at home” with the other projects in the
IPR home; we can’t be too different from what else is happening in that
organization. That makes Apereo perhaps a bit of a stretch. We want to
have a home where we can have a certain amount of self-governance.
* Apache Foundation has a lot of structure, and each project is
reasonably independent but expected to follow Apache Foundation’s rules.
Leif: a poor fit because of the focus on what their projects are about
(i.e., they don’t have much in the way of identity-related projects).
* SPI, SFC - Benn is not seeing a lot of support in SPI or any level of
community in SPI or SFC. Heather: if these were the last options
available, that would be something we would pursue further, but we have
other options so these aren’t worth pursuing
* Apereo - Leif is concerned about Apereo’s long term viability, though
Benn points out if we own the IPR we can always move the project.
* Commons Conservancy - GEANT already has something of an agreement that
would make this easier, and NLNet Foundation (the parent organization
for CC) has long term viability via their established DNS software (see
https://nlnet.nl/project/current.html for list of NLNet Foundation projects)
Channeling of funding
* some organizations want ability to collect money; Commons Conservancy
is not set up to route funds (that’s what they use NLNet Foundation or
GEANT for). Apereo is set up for that.
* This was by design for Commons Conservancy - indirect IPR
protection; it would be pointless to a takeover because the project does
not control its funds. If someone sues you for IPR infringement, there
is no money to be taken.
* There is definitely a possibility of future cash donations (not
just the current in-kind funding via FTE that we see today)
Action item:
* Heather to set up calls with both Apereo and Commons Conservancy to
have them talk to us, introduce ourselves, etc.
* How do donations work? How do we handle money? How do tax
agreements get handled with multiple countries? Given that we’re giving
with contributors across national boundaries, where do the CCLAs fall in
terms of jurisdiction? What is the international suitability of their CCLA?
* Heather to reach out to the code authors to see if they have a hard
“no” (which include non-responses) re: signing a CCLA to turn over their
code to the project