Slashdot Mirror


RMS Weighs In On SPF/Sender-ID License

NW writes "In a recent message to the MARID list RMS weighs in on the licensing issues of Sender-ID/SPF and Microsoft: 'Microsoft's Sender-ID license is directly incompatible with free software regardless of which free software license is used. Free software means users are free to run it, study and modify the source, and to redistribute it with or without changes. Free to do so means there is no requirement to ask or tell anyone that you are doing so.'" "MARID" stands for MTA Authorization Records in DNS; here's the IETF MARID working group's charter. (Read more below.)

Stallman's message continues: "The Microsoft license for Sender-ID directly forbids release of software with all these freedoms, so it is impossible for any program to be free software under Microsoft's regime. I've been expecting to see something like this ever since Gates started talking about spam. This license is an example of Microsoft's strategy for killing off free software as an alternative to Windows. Microsoft first patents something, then incorporates it into a format or protocol, then tries to make it de rigueur while excluding those it wishes to exclude. In the absence of resistance, Microsoft has a good chance of imposing whatever standards it likes. Let us, therefore, resist it here and now."

6 of 250 comments (clear)

  1. It's pretty simple by Featureless · · Score: 4, Insightful

    If we let Microsoft, through some machinations during our anti-spam re-engineering or in any other manner, take any measure of control over what has, until now, been an 100% open-standard email infrastructure, email will be fragmented and ultimately ruined, far worse than any cadre of spammers could ruin it.

    It is trivial to do what "caller ID" does in an open fashion. And it is absolutely crucial that we do exactly that. No "complicated" licenses, no fancy agreements, no lawyers. Just pick a standard, and follow it.

    Letting Microsoft have any involvement in the email infrastructure - other than using it - will be a disaster. And it wll be all the more terrible because of how easily it can be prevented.

    1. Re:It's pretty simple by gaijin99 · · Score: 5, Insightful
      How does this stop anyone from writing SenderID checking software that is GPL'd or GPL friendly?
      It stops it because MS has patents on some of the critical aspects of the "standard", and their license for using the "standard" can be modified to preclude someone from implementing a GPL'd implementation. It doesn't now, but they explicitly reserve all rights, and state that they can modify the license at any moment, so what keeps them from screwing us with this?

      Look at what SCO is doing now, claiming to own ELF, using that as an attempt to demand money from Linux users. If we let MS's non-open "standard" become a real standard they'll wait a few years until everyone depends on it, then use it as a weapon to try and crush competition. I'm not being paranoid here, I'm simply extrapolating from MS's history; they do that sort of thing on a regular basis.

      --
      "Mission Accomplished" -- George W. Bush May 1, 2003
    2. Re:It's pretty simple by wayne · · Score: 4, Insightful
      PHB?

      RMS has made no attempt to talk to anyone in the group to find out the real situation.

      I'm not sure how you know this. Apparently he was communicating with Michel Bouissou.

      We asked Harry and Jim to take up the licensing issue with their lawyers about a week ago. They are meant to come back with a reply before we have the MARID meeting at the San Diego IETF the week after next.

      For those who aren't in on who's-who on the IETF MARID working group, Harry and Jim are two of the folks from Microsoft who are working on the SenderID proposal.

      However, I know that I have been asking for resolution for this licensing issue on the working group for much more than a week. This is not a new issue.

      Now less than 24 hours after Microsoft go off to talk with their lawyers people start campaigning to take the Microsoft technology out using the licensing issue as an excuse. This came mainly from a group of tourists who had had nothing to do with the group previously. It is very obviously a campaign by people whose priority is not getting the best MARID spec we can.

      This is almost completely not true. Microsoft lawyers have been in discussions over the license issue since early June (6 weeks ago). While there were indeed some luckers who posted first about the license issue, many of the active participants in the working group started the license discussion. People who object to the current SenderID license for MS do want the best proposal possible. If no one objected to the license, we would have a bad proposal.

      --
      SPF support for most open source mail servers can be found at libspf2.
  2. Probably shouldn't worry yet... by Ianoo · · Score: 4, Insightful

    So, we have Microsoft in the distinctly red corner with their proprietary standard.

    Let's face it, as vocal as the OSS community is these days, there's not a lot that can be done to stop Microsoft from doing whatever the hell they like, so long as it's legal(!). Sure, sendmail is OSS software, but I got the impression that SPF is pretty much independent of the MTA software anyway.

    But, in the blue corner, we have plenty of heavyweight companies who are big on Linux and big on e-mail who have teams of lawyers that have undoutedbly been over this license already, and found the problems.

    We have IBM, the people who make Lotus Notes, which is still pretty widely used, IIRC. We have Novell, who now own SuSE/Ximian and are betting the shop on Linux, who produce NetWare. We also have Sun, who are getting vocal on OSS, which produces Solaris, which seems to power a large proportion of MTAs around the globe.

    The best defense, surely, is to make sure these companies understand the issues with SPF, and don't implement it in their own products. After all, Microsoft won't get that far without support from other companies, since much as they'd like to, they don't currently control the world's Internet server market....

  3. One question for all of you... by gillbates · · Score: 4, Insightful

    Why shouldn't free software be the first to implement secure email? Imagine how much easier Linux advocacy would be if we could say: "SPAM? - I thought that was a Windows problem?..."

    Imagine this conversation:

    Tech: What's the problem?

    User: I get all this SPAM, and I can't read my real email.

    Tech: Let me guess, you're still using Windows, right?

    User: How'd you know?

    Tech: Because you're still getting SPAM. If you upgrade to Linux, which uses the SPAM-blocking mail protocol, your SPAM problem will go away... I'll send you a CD in the mail.

    What really irks me is that rather than invent new solutions to existing problems, the free software community waits for a commercial vendor to implement a solution, and then copies it. What we should really be doing at this point is implementing a SPAM-free mail protocol in free software, which, once it became the standard, would force commercial companies into compliance, rather than trying to play a game of dodge-the-patent-lawsuit by copying someone else's improperly done anti-SPAM protocol.

    Let's face the facts here, folks: if we wait for Microsoft to implement an anti-SPAM protocol, they'll do it wrong, and the free software world will be stuck trying to ensure compatibility with an interface that is fundamentally broken in the first place.

    --
    The society for a thought-free internet welcomes you.
  4. Re:standards and stuff by Pharmboy · · Score: 4, Insightful

    So it's more BSD-like then, big deal.

    Actually, it is a big deal. The old BSD license that had the advertising nag is NOT GPL compatible, per the FSF.

    They're both licences that apply to the use of software.

    You need to READ the GPL. It flatly says you need NO license to use it, only to distribute it. This is a major difference in Free and non Free licenses.

    Newsflash: licences are contracts.

    Not according to the law. A license is a grant to someone to use copywrited material. There is more than enough case law on the differences that I won't go into detail here, google it.

    Isn't that more of a self-defence clause in case people find bugs and want to sue Microsoft about it?

    Yes. And it is so vague and broad in scope that the potential for abuse is a serious concern.

    Big deal. Why does everything have to be GPL compatible? What would be wrong with, say, a BSD-style license for this particular application?

    That would be fine. A modern BSD license *is* GPL compatible. (without the ad nag). This license is not "Free". Its not the worse license in the world, but its still not Free. When it comes to software that sets standards for the entire internet, it is much better for it to be Free, so that one company does not abuse it. Technically, this license would allow MS to change its mind once the technology is developed, and start charging people to use the technology. THAT is why the license must be free, to protect everyone who uses the internet, including your right to sell the software for any price you want.

    I don't care about the license for MS Office, I can choose to use Open Office, but if MS patents this, then gets greedy, I can't run mail servers without paying a royalty (at least the servers wont be able to connect to other servers that require this 'patented' protocol). This is not acceptable to me, even if it is not likely to happen.

    --
    Tequila: It's not just for breakfast anymore!