I, AJ ONeal, am not a big fan of legalize, but I am a fan of communicating clearly. I hope that this accomplish both defining some legal boundaries as well as communicating in a friendly and clear way, at least to the degree that suits our needs for the current stage of our products and services.
This is important because it is our intent to create sustainable open source projects, which means that we do want to create brand value, grow community, and, eventually, be able to work full time on creating more great software and services.
If you'd like to contact me, especially if you feel that I (or we) have made a mistake in how we operate, please do so:
Here's what I've worked through so far:
Greenlock Domains is a service provided by AJ, Brian, John, & Josh (collectively Root) for automated TLS, SSL, and HTTPS.
Greenlock Domains is an important product / service combo to us because it's a huge milestone on the path to a more decentralized web. We believe in ownership and control and we're building a Home Server because we envision a world in which everyone is empowered to make the choice of whether to rent or own their stuff.
If we don't do this, well, with the way the cloud is headed, renting may be the only option in the future.
We need Root because we want ownership.
If at any time you feel that any of our messaging or practices are in conflict with our mission or these values, please let us know.
Each of our products comes with its own LICENSE file and the license(s) may alse be in some sort of manifest file (such as package.json).
We typically use the MIT and Apache-2.0 licenses for libraries that we actively want others to copy, modify, use and redistribute.
We typically use ISC and MPL-2.0 with products for which we're a little more concerned about branding or about which we have particularly strong opinions.
Although we do keep some of our software proprietary and we do use trademarks, because we believe in empowerment and choice we do our best to provide usable self-service forms of our products and services for personal use.
If at any time you feel that our Licensing is in conflict with our mission or values, please let us know.
We want to make the world a better place. Everyone has a different definition of what "a better place" means, so the purpose of our terms is to rule out some things that we think makes the world (and particularly our world) a worse place:
You agree that you will use the Greenlock™ service, code, libraries, documentation, etc (provided by us) primarily for securing network connections for yourself, your customers, on your and your customer's devices on internets, intranets, and... other nets.
You agree that you will take reasonable measures to keep up-to-date with security releases.
You agree to not use our products or services in a way that would cause unusual or undue burden on our servers or services, our partners servers or services, or our customers servers or services, or in a way that harms or misrepresents the reputation or brand value (including causing brand confusion) of the aforementioned parties (or really anybody).
This is not to say that you can't publicly have a negative opinion, but don't bite the hand that feeds and don't be vicious or misrepresentative.
If you have a use case that may be in violation of these terms (particularly the part about undue burden), but you feel contributes to making the world a better place, we're here to help (assuming it also aligns with our values). Although it may not be appropriate to use our services, but perhaps we can help you with a solution based on our no-cost, low-cost or open source products.
If at any time you feel that our Terms of Service are in conflict with our mission or values, please let us know.
"Greenlock" and the "green G lock" mark are Trademarks of AJ ONeal.
We'll be coming out with a brand guide as to how you should use the marks. In the meantime: don't change the proportions, colors (excepting the case of greyscale and black and white).
It is appropriate to use the trademark in a way that promotes the brand with proper attribution, linking to the official project repositories, etc.
It is appropriate use the name greenlock in a plugin for Greenlock™, as long as it is clear that it is a community contribution.
If you create a "hard" fork of our code or any products or services, you should give your fork its own name, and not use ours. That sound, we gladly welcome your suggestiosn and pull requests.
If you mirror our code you should make it clear that it is a mirror and link to the official repository. in association with usand the disclose that you use Greenlock
If at any time you feel that our Trademark policies are in conflict with our values, please let us know.
What we collect and (more importantly) Why:
In the cases that we collect your name, it's because we want to know how to address you. All four of us want to be personable if and when we reach out.
There are three main purposes for which we may use your email address:
1. A one-time outreach to ask if you were able to do what you intended to do. We want to make a great product. Although open source projects traditionally have a reactive approach to communication (i.e. you file a bug and wait for a response), we believe that creating sustainable open source requires a proactive approach.
2. Security and legal notifications. It's important that we have a way to contact you if we've made a mistake or discover a mistake that needs to be addressed. This may include vulnerabilities as well as mandatory upgrades (such as when a significant change to the Let's Encrypt API is made). Making sure that our products work and are secure aligns with our values and contributes to our brand identity.
3. Opt-in updates. Many of you want to know when we have significant feature updates or when we have something that we believe is really valuable to share. We've created an opt-in avenue for that. And you can always opt-out as well.
We believe that the current open source model needs improvement - it often relies heavily on large centralized platforms which aggregate a lot of user information for the platform without appropriately targeting the relationship between authors and users of projcts (i.e. npm, github, etc). We believe that making open source sustainable means a greater focus on empowering authors and users. We've learned from other projects (Caddy, Heroku, and others) which use telemetry as part of a proactive approach to open source and we believe that it can be a great avenue for us to be proactive as well.
We may use telemetry about operating system, browser, node version, code version, and other system-level information to better understand how we can serve our users (you) and proactively solve problems that we might not otherwise hear about. For example, if we see many page visits in a certain browser (or installs with a new version of node), but few successful registrations, we know that something is wrong.
We also use Google Analytics on our web sites for basic functionality. Other than that, nothing else comes to mind right now. As we consider what we will do in the future, it will be measured against our mission and values. We never want to come across as spammy or forceful. We want to do things that help us build our brand, acknowledge our customers; things that are proactive, and that promote sustainable source.
Copyright 2018 AJ ONeal