Re: Ongoing Firefox (and Thunderbird) Trademark problems

[Gervase Markham <gerv@mozilla.org>]

Simon Huggins wrote:
> Do you have a few ideas off the top of your head now of definite things
> that cannot be touched?

Everything's subject to negotiation and discussion - see, for example, 
my change in position on the SPI cert after consultation within the 
project. But here's an attempt to answer your question.

We want Firefox to be a mark of quality; we still want Firefox to be 
Firefox, if you see what I mean. Some of Firefox's key distinguishing 
features are a clean, simple UI, an extensibility mechanism, and good 
security. So the following would be among the "hot buttons":

- Installing significant numbers of extensions by default, particularly 
if they had intrusive UI or were considered by the community to be of 
poor quality;
- Loosening the security rules significantly (for example, disabling 
security.checkloaduri to allow http:// content to access file:// URLs 
for convenience).
- Breaking the extensions mechanism such that significant numbers of 
XPIs off the web stopped working;
- Making a change which led to a marked increase in application crashes.

[Obviously, if you accidentally did either of these last two things and 
then went "oops" and issued a fixed package, then that's just a mistake. 
They happen. No problem, assuming that it doesn't happen every time :-)]

> > I'm still under the impression, waiting to be corrected, that Debian's
> > policy for including new root certs is "we include the root cert of
> > anyone who asks"... If we say that it's not acceptable for such a
> > store to be used as the basis of Firefox's SSL, is that silly?
>
> Perhaps anyone the Firefox maintainer/Debian respects and trusts.

But just because the Firefox maintainer respects and trusts them doesn't 
mean they take ridiculously careful care of their private key. The 
Firefox maintainer has no way of verifying that one way or the other.

> Why can't we leave this to the maintainer or even local admins though?

These are two very different cases, though. If a local admin installs a 
new root cert, that's cool - they are taking responsibility for the 
security of those users, and they have extreme BOFH power over them 
anyway. However, having the root appear by default, so that no-one at 
the remote site really knows it's there (who consults the root list) and 
it's now on Y thousand or million desktops - that is a different kettle 
of fish.

A quick reminder of what's at risk here: if the private key of a root 
cert trusted by Firefox became compromised, _any_ SSL transaction that 
any user trusting that cert performed could be silently MITMed and 
eavesdropped on.

> Nagios is a trademark.  We don't have any issues with Nagios because
> it's a trademark in the spirit of Free Software where the owner is
> trying to protect the name from being used by others for his software
> and avoid legal problems/issues having been burnt before using NetSaint.

So the difference between this and the MoFo's policy is the quality 
requirement?

> Why does the Mozilla Foundation feel the need to enforce quality through
> this blunt tool of stopping us using the trademark? 

Because we can't do it using a copyright licence? ;-P

> Why can't you just
> produce the best browser?  Surely if you produce the best code we'll use
> it.

Indeed - almost certainly, _you_ will. Hence we are doing what we see as 
the absolulte minimum required by trademark law in your case. However, 
other people are not so nice. I keep using it as it's a convenient 
example, but: if there were no trademark, a spyware vendor could trojan 
a Firefox, put it up for download, then buy AdWords "Official Firefox 
Download Site!". Even if we make the best browser, _they_ will not use 
the best code.

Gerv