New trademark approval policy

[David Nalley]

On Mon, Aug 1, 2011 at 6:31 PM, Jesse Keating <jkeating at redhat.com> wrote:
> On Aug 1, 2011, at 3:18 PM, David Nalley wrote:
>>
>> My perception is that we want such a rigid process because we don't
>> want anything bad/failure to be associated with the finished product
>> that bears our name. Certainly a laudable goal. However, when we
>> require the same onerous process we use to insure that our primary
>> version(s) work and apply that process to 'niche' products like the
>> F15 Design Suite (with 939 downloads as of this writing), or the F15
>> XFCE Spin (with 2720 downloads as of this writing)[0] it seems like we
>> are doing something wrong. At the other end of the spectrum we have
>> virtually no oversight of virtual images for providers like Linode,
>> Godaddy, Amazon, RackSpace, and scores of other VPS/Cloud/Managed
>> Service providers who are permitted to use the Fedora name and
>> trademarks, offer Fedora virtual machines, and I'd be willing to bet
>> that they have more Fedora 15 deployments each than we have downloads
>> of the Design Suite. Instances where our brand is important and the
>> basis of the choice of operating system, where people will likely
>> never know whether the image was generated by RelEng or by $fooadmin
>> at $provider.
>
> Honestly I think that the hangup is in how these virt images get created.  It's one thing to take a copy of our isos and host it on your own server.  The files don't get changed, they can still be checksummed against our gpg signed sums, and you can still run the integrity test inside.  Same with hosting a mirror of our package tree.  Each RPM remains intact and the gpg signature can still be verified.
>
> However for EC2 and the like one has to break apart the iso and shuffle bits around, and hopefully do it the right way so that the end result works.  (forgive me I'm oversimplifying greatly here)  Because the process is different, and because the end results can't easily be verified by the end user (correct me if I'm wrong) it's not so easy to pass it off as something that should be as "free" to do as hosting a copy of our install media or hosting a copy of our packages.
>


There is no approval (Board or otherwise) needed for virt images based
on Spot's email earlier and the Trademark guidelines.
Moreover, in practice, companies are routinely creating
templates/images of Fedora instances without oversight or any more
permission than what the trademark guidelines provide. So if it's
easier for us to generate a different LiveCD ISO than a virt
image/template for EC2 then why do we make the process for Spins so
onerous?