Aaron Roe(bot) Fulkerson Open source entrepreneur and digital viking.

I attended the Web2.0Expo last week. MindTouch was exhibiting and Ken spoke about wikis in the enterprise. I had an interesting and pleasant conversation about badgeware with John Roberts. I made it to the AllThingsD launch party. And I spoke so much to so many people I ended up losing my voice for a couple days. I believe this was the largest trade show/conference I have ever been to. I was told there were over 10,000 people in attendance and the exhibit floor had more than sixty exhibitors.

I spent most of my time at the conference on the exhibit floor working the MindTouch booth with Patrick (our newest addition–a very competent and pleasant sales dude) and Corey. I have to mention I love demoing our software! I'm not trying to gloat, but when we show people our work we regularly receive unanimous praise from the crowd. Or should I say from the merry mob? We had a lot of traffic. Those who gave us positive feedback included customers of competitors and even a couple competitors who stopped by to see, our enterprise software, MindTouch Deki in action. Every once in a while I spoke with someone who wanted to know if MindTouch Deki could part the Red Sea, end world hunger, or make their ex-spouse love them again all for under $5,000. However in general, folks understood Deki for what it is: a very powerful, highly usable, incredibly affordable collaboration platform that MindTouch has managed to make ridiculously easy to install (15 minutes including download), remarkably easy to use, and it's delivered with a dramatically lower total cost of ownership because Deki automatically updates and patches itself.

I had the distinct pleasure of speaking with some current customers of MindTouch who stopped by our booth too. One had come all the way from Salisbury, North Carolina. The city of Salisbury uses MindTouch Deki for sharing information and team collaboration. I wish I could remember the fellow's name. It was nice chatting with him. I asked him how the software was working out for them and he said: "It's great, we love it!" Sweet! (I said 'sweet' not him). I really enjoy connecting with folks, talking tech, and showing off MindTouch products. MindTouch gets most of our inspiration from feedback we get through in person encounters or by way of our community at OpenGarden.org.  

Unfortunately I only managed to make it to a few sessions. I caught a couple sessions on identity and missed a couple others I would have liked to had made it to. If you read this blog regularly you know I'm keenly interested in an Open Web Initiative (OWI) by which we users could have an extended YADIS or just use XRDS to describe a person's identity; e.g.- OPML file for feeds, and podcasts, URIs to personal resources (Flickr, Jaiku/Twitter, personal and work blog), a URI to a personal Atom repository, a FOAF, etc. This isn't for any commercial interest, but is really spurred by my (and SteveB's) personal interest in having more sophisticated privacy controls and mobility of profile, content, contacts, ect…i.e.- identity. Anyway, it was great to meet the folks who are driving OpenID, The first OpenID talk I attended was Kaliya's (talk here). She's wonderful and fun. She's also a powerful Connector in the OpenID space and an information Maven, which is remarkable because she isn't an engineer. At one point I participated in her talk because the audience didn't seem to understand the significance of OpenID beyond a single sign-on. So, I gave a 60 second monologue (at her invitation) about how it can and almost certainly will enable things like OWI. Later I attended Brian Ellin and David Recordan's talk, which was a rudimentary technical talk about how to implement and consume OpenID. It was useful and well attended. They also passed out a fancy OpenID tools CD. 

I attended a session on Open Source Business Models for Web 2.0 with John Roberts, Co-Founder and CEO, SugarCRM  and Mårten Mickos, CEO, MySQL AB. I met Mårten previously at OSCON06 along with Monty Widenius (co-founder MySQL) who graciously attended our OpenGarden.org launch party. I asked John a few pointed questions about badgeware during the question/answer section of the session that got him a tad on the defensive. Turns out badgeware is a dirty word to folks with an attribution clause in their software license. One of the questions I asked was: "do you think that if all the components and libraries you use in your stack required similar attribution it would adversely effect your business." I didn't really get an answer from John on this. After the session I spoke briefly with Mårten and tried to pin him down on whether he thought the recent badgeware licenses were good, bad, or otherwise for open source. I also asked him if he thought the recent flood of cash from venture captialists to "open source" companies was going to positively, negatively, or at all effect open source and the software industry as a whole. The VC backed open source companies are primarily the folks spawning new licenses with attribution clauses. Mårten was very diplomatic and unwilling to voice any opinion other than suggesting companies with attribution clauses were trying to prevent closed source competitors from stealing all our portions of their source code. I suggested using a GPL style license would prevent this from happening.

After the crowd of job hunters cleared from around John I spoke with him about badgeware, open source, and OSI. He seemed defensive initially, but as soon as I convinced him I wasn't out to 'get him' and that I was only interested in understanding his position he lightened up considerably and we had a friendly chat for about thirty minutes. He described his point of view and I described mine regarding attribution licenses. John wants to protect his and his team's work. He feels attribution is the right way to do this. I feel attribution is unnecessary and I reiterate my original question, which I never did get a good answer to, what if every open source project required attribution? For example, PHP, Linux, MySQL, etc. How would this impact companies like SugarCRM or MindTouch? It seems ridiculous, but I think it's a valid question. The fact is the forces driving innovation today in technology on the web, you know this thing we call Web2.0, is open source and open standards. Period. Developers can very quickly create compelling applications because there is a wealth of open source components available to us. Also, thanks to open standards you can throw an API or two into the mix and you have something pretty cool. If it's not particularly useful it will likely become a component of something that is useful at a later date. What if all these components had attribution licenses? Even trivial applications would end up looking like NASCAR race cars. I suppose that's not the worst thing in the wor
ld.

John suggested attribution is similar to what open source packagers like RedHat are doing when they bundle software and brand with the RedHat logo. I disagreed because removing RedHat branding is trivial and there is not a licensing requirement that the RedHat logo be present. At least, not to my knowledge. The conversation with John was friendly, but at times I felt like I was talking to Ari Fleishcer because so many of my questions were being deflected or were met with canned responses that didn't quite answer the question and were barely applicable. John was warm to note that the entire SugarCRM application was developed by his team and it's not a fork of something or a repackaging. I'm sure this is true, but it's still using a lot of additional open source components and libraries. There are many people who are passionate about open source who believe John thinks open source is whatever helps him to make money. I told John this and he sincerely informed me that he and his team are engineers who believe in open source and are simply trying to protect their hard work.

The final point I pressed John on was OSI. I think OSI performs a useful service to us as open source developers. They educate the public and attempt to ensure standardization of licensing, which prevents confusion. Also, they're a useful resource and community that can be tapped when people have questions about copyright and software licensing. By SugarCRM not seeking OSI certification of their license they're, in effect, turning their back on what is widely accepted to be the organization that is the keeper of the open source definition. John said he had tried to engage with OSI and had not gotten anywhere. He was interested in participating and claimed that some of the people he had spoken with had unfairly labeled the SugarCRM license as being a rehash of the Berkeley advertising clause (I'm recalling from memory), which personally I don't think is an incorrect assessment. John also posited that OSI is non-inclusive and difficult to work with. Moreover, John asked who are these guys and who voted them into office? How do they vote? Why are they the keepers of open source? Who appointed them? Can I participate? How do I? These are valid questions. Some, but not all are answered by the bylaws and there is an, albeit slow, movement underfoot to create membership, which in my opinion is long overdue. I'm glad to be able to point out the board is now posting their minutes too. The very interesting point John made was that the FSF was being especially helpful and inclusive in approving his attribution license. This surprised me because of the previously linked to article put out by GNU on the Berkeley advertising clause (re-link), which describes a history identical to my aforementioned NASCAR example.

For the record I think John is a good guy who is trying to do what he thinks is right for him, his team of engineers, and his company. Also, I think SugarCRM is a good product worth buying. I'm not sure yet if attribution licenses are bad. I think they're unnecessary. I am suspicious of this new crop of licenses because more licenses means there is more to be confused about. Moreover,  it seems strange to me that an application should be given special concessions that other components required by it are not given. In other words, what makes SugarCRM or one of the other twenty applications with an attribution clause different from the more than dozen open source components they're building on? Should they honor these components and libraries similarly to how they're demanding by prominently displaying all their logos on their application's interface?

The last bit worth covering regarding my attendance at  Web 2.0 Expo is the AllThingsD launch party thrown by Walt Mossberg and Kara Swisher of The Wall Street Journal that Graeme and I attended. It was held at the Mountain View Computer History Museum. There was great food and good drink. Graeme blogs about my driving. Also, the Web2Open party was fun, but I'm afraid I had quite a lot to drink there.

One final note. Ross Mayfield attended Ken's wiki session. If you read my blog you know he had some harsh words for me at the Gilbane conference in San Francisco a month ago. Granted, I've been critical in the past of Socialtext espousing open source. When Ross saw me he came over and shook my hand and said: "Hi, my name is Ross. We got off to a bad start previously. Let's drink a beer some time and chat." That was nice of him. We bumped into each other throughout the event and we were friendly. I had planned to take him up on that beer offer and discuss with him badgeware, to get his opinion as I did John Roberts, and my opinion his company has approached open source incorrectly. However, the fact is his team has helped define open standards, adheres to them, and has helped several other open source projects monetarily and otherwise. Nonetheless, I don't agree with his approach to licensing or that Socialtext claimed for several years to be open source, but didn't release any source code.