[ZWeb] Zope.org participation and agreements

[Rob Page]

Hello everyone!  Hope this finds you well.  Zope Corp will
be battening down the hatches later today in anticipation of
Hurricane Isabel.  We've purchased a special pair of
floaties for Jim to wear in case the storm surge gets too
deep!  But that's not why I'm writing...  ;^)

The transition from the previous www.zope.org to the New and
Improved www.zope.org wasn't/isn't free of challenges but
has been going well.  We continue to "shake out" operational
and monitoring issues and I'm happy to say things look to be
improving every day.

The zope.org site is, first and foremost, a resource for the
community to cooperate, publish and otherwise organize
itself.  It's the place where people new to Zope first go to
learn about the product and the project.  It must be
reliable, perform well and otherwise make a good impression.

Second to this, one of the things we wanted to do was provide
improved mechanisms for the community to participate in
various aspects of the ongoing operation of the zope.org
site.

This involvement ranges from "casual" (e.g., having a member
account annd contributing content) to "extremely involved"
(e.g., participating in system monitoring, remediation,
etc.).  Each end of this spectrum has associated with it
some combination of authority and responsibility.

At the "extremely involved" end of the scale the requisite
system and application access are necessarily substantial
and powerful.  However, Zope.org contains user accounts,
email addresses, and passwords.  The systems that support
zope.org also have system accounts and passwords and run
commercial software from Zope Corporation (e.g., Zope
Replication Services) and may, in the future, run other
commercial software (note: this is a reasonable prediction
but not any early indication of any plans to do anything in
particular!).  :^)

In our zeal to protect these valuable assets and the trust
that zope.org has and will preserve with its members we
developed a legal agreement targeted at those that would
have the highest levels of access on the zope.org servers.
That agreement is, in hindsight, unnecessarily aggressive in
protecting information and intellectual property for most
levels of participation.

We are now developing an updated set of "tiered agreements"
tailored to the specific combination of authority and
responsibility.  These agreements will leverage artifacts we
already have (e.g., non-disclosure agreements and
contributor agreements) and will be ready in short stead.

As a concrete example, consider the following levels of
participation and the (not final) associated covenants we
need people to make:

   (1) Zope.org Member: be nice, no warez, no other illegal
       stuff, don't use zope.org as your company's website (yes,
       we've had this happen :^(.  This will likely be a
       "click-wrap" acceptance of site Policies, that includes
       content publication rights for zope.org.

   (2) Zope.org Reviewer: Zope.org member + no approving
       inappropriate/illegal content

   (3) Zope.org Software Contributor: Zope.org member +
       contributor's agreement

   (4) Zope.org Systems Maintainer: Zope.org member,
       contributor agreement, IP/software rights protections,
       etc.

We understand and accept that some people will not want to
make these agreements for various reasons.  It's not our
intention to casually discourage zope.org participation.
Nor is it our intent to somehow trick people into giving
away intellectual property.

Rather, we intend to make sure that we are doing what is
prudent to protect zope.org member information, system
integrity and the ip rights of Zope Corp and other
organizations.

We are optimistic that we will have the documents in place
for people to review and consider by the middle of next
week.

-- 

-- 
Rob Page                V: 540.361.1710
Zope Corporation        F: 703.995.0412