Microsoft Agrees to Release Work Group Protocols

UnknowingFool writes "Groklaw is reporting that the Protocol Freedom Information Foundation (PFIF) has signed an agreement with Microsoft to release their protocols relating to Windows Work Group Server. The Foundation agrees to pay MS $10,000, and the agreement does not cover patents. This agreement apparently was made to somewhat satisfy the EU Commission complaints. With PFIF's objective to aid open source, this agreement means that the Samba Team may finally get the information they need to fully interoperate with Windows AD servers."

Just another example

[microbee]

that EU did something the US government couldn't.

Re:Just another example

Couldn't or wouldn't? When they were under pressure earlier this decade, Microsoft spent a lot of money lobbying/buying off US state and federal governments, creating fake "grass roots" campaign sites and paying for press releases from pro-corporate lobbyist groups such as the cato institute (source1 source2).

Re:Just another example

[Spy+der+Mann]

that EU did something the US government wouldn't.

There, fixed it for ya.

Re:Just another example

[wizardforce]

I'd like to think that the EU has a better system for dealing with monopolies although at the same time I can't help but wonder if the fact that Microsoft isn't based there had a lot to do with it. in either case, good job EU! The only thing better would be if they actually had the power to give Microsoft more than a slap on the wrist and used that power if/when Microsoft starts giving anyone trouble.

Re:Just another example

[99BottlesOfBeerInMyF]

I'd like to think that the EU has a better system for dealing with monopolies although at the same time I can't help but wonder if the fact that Microsoft isn't based there had a lot to do with it.

This might apply for a case within a given EU member state, since politicians can play on anti-americanism, but not so much for EU posts. The EU commission has enforced antitrust regulation against numerous european countries over the past decade. If anything they seem to have gone out of their way to give MS huge amounts of leniency and extra time.

Re:Just another example

You seem to imply that there is some difference between the US Government and MicroSoft.
Truly, the only thing more tightly integrated with Windows than Internet Explorer is the Justice Department.
Was that my outside voice?

Re:Just another example

[B3ryllium]

that EU did something the US DOJ couldn't.

There, fixed it for you. :)

Re:Just another example

[tyrione]

that EU did something the US DOJ wouldn't do, on behalf of the current sitting President.

There, I fixed it for you. ;)

Re:Just another example

[Handover+Phist]

In Soviet Slashdot...

Fully interoperate with the AD

[0racle]

Are you sure about that? Workgroup is often designated as software separate from their Enterprise or Domain integrated stuff. Are you sure that releasing their workgroup protocols includes Active Directory access?

Re:Fully interoperate with the AD

[Jeremy+Allison+-+Sam]

Yes it includes all AD protocols.

Jeremy.

Re:Fully interoperate with the AD

[Daengbo]

Off-topic for a second. THIS is why I have continued to suffer the 1:19 signal:noise ratio and goatse trolls on Slashdot since 1997. Especially before the dot bomb, every story had someone directly involved with the situation posting somewhere in the comments.

Got a story about VAX? There are fifteen people with decades of experience on the forum. Bruce Perens is always on any story involving him (sometimes to an annoying level...). You had to know that Jeremy would be posting on this story.

Although less than it used to be, Slashdot still has people I can't see anywhere else. Thank you, Slash!

Re:Fully interoperate with the AD

[Jeremy+Allison+-+Sam]

But I *loved* the goatse trolls :-). It used to be the only reason I
came to read /. :-). I miss sig11 and klerk and the rest of that crew.

They made /. fun, especially as they drove taco *nuts* :-).

Anyone remember the Bruce Perens impersonators ? :-).

Jeremy.

and you'll see this in a glossy brochure...

[russ1337]

Good news for Samba. Still listening to that audio link, but it's interesting that the Samba team aren't allowed to release the information they receive, just use it for developing OSS.

I'm sure Microsoft will use this in their 'we support open source' campaign. (I've always reckoned Microsoft should release the code for their unsupported OS's such as Windows 3.11)

Doesn't cross license patent's, but Microsoft does have to provide a full list the patents that they believe Samba infringes. This allows Samba guys to code around it. Good news for them.

Re:and you'll see this in a glossy brochure...

[calebt3]

I've always reckoned Microsoft should release the code for their unsupported OS's such as Windows 3.11 The OSs may be unsupported, but the code is still used.

Re:and you'll see this in a glossy brochure...

>> (I've always reckoned Microsoft should release the code for their unsupported OS's such as Windows 3.11)

How could they? They still use the damn code!

Re:and you'll see this in a glossy brochure...

[Kihaji]

Actually, I bet none of them are for a couple of reasons. 1) These are machines that do very little if anything on a network. They are usually those boxes that sit in "mom's office" for her to do home accounting, and if they are on the net, they do email and some web with very very old browsers. And 2)Thier libraries are so old that the attack vectors modern virus/worms use just don't exist.

Re:So, they can follow the law now?

[calebt3]

Correct me if I'm wrong but, reverse engineering for compatibility purposes is legal. IIRC, that's why OOo is able to handle .doc.

Re:That's akin to

[sepluv]

That's the point I'm a little confused about. I fully understand that Samba decided to continue propping up the EC's prosecution (after all the other witnesses...ahem...changed their minds about testifying) of Microsoft as a matter of principle as the victim of a crime (rather than necessarily to be compensated in any way), but, I am assuming (even though they didn't pay for it themselves) this information must be worth something to them still (despite how well Samba currently works) and the PFIF apparently thinks it is worth 10 000 (which might be donated to the Samba developers for reverse engineering or something instead). Maybe someone with knowledge of Samba development (rather than the legal cases) fill me in on what they need from this data.

So where can I find the documentation?

[Schraegstrichpunkt]

Taking a quick look at the agreement, it looks like PFIF can't release the documentation to the public. So, as a user of Samba, if I find a bug in Samba's handling of the protocols, how do I fix it? If I have to rely on the "Samba Team" to fix the problem, this isn't much better than source-available proprietary software---I'm still tied to a single vendor.

Let's be serious, they're still confidential, proprietary protocols, aren't they? Way to go, Microsoft.

Re:So where can I find the documentation?

[Jeremy+Allison+-+Sam]

They way it will work is as follows. We'll read the docs and work on creating client-side test cases and embedding them into Samba4 smbtorture. Once that's in place, any competent engineer can create the server-side implementation without having to have access to the actual docs. We need the test cases anyway (remember, untested code is broken code), so this is the way we've been going about doing things anyway. This should just open up new protocols and new protocol areas to implementation by others.

Jeremy.

Re:So where can I find the documentation?

[Schraegstrichpunkt]

I don't mean to belittle your work, which is important, but I want to pre-empt Microsoft salesmen who might decide to point to this as evidence that Microsoft protocols are as open as, say, NFSv4.

Re:So where can I find the documentation?

[Nimey]

ISAGN. Cognate with "free as in beer" and "free as in speech", we should have a saying like "open as in goatse".

Re:Good

[Jeremy+Allison+-+Sam]

Yes they're true. Please help us. See here :

http://samba.org/samba/devel/

for details.

Thanks

Jeremy.

I'm not understanding something...

[idontgno]

If the licensed documentation is under non-disclosure terms, but the source code is still freely distributable....

what's the point to the documentation not being disclosable?

Talk about pointless legalese...

Re:I'm not understanding something...

[sepluv]

I suppose so proprietary software developers have to pay them the 10 000 again (or pay Samba for a non-GPL license), although an X11-style licensed free software project could, of course, get the documents gratis from the PFIF making that situation moot.

However, the more fundemental reason is that Microsoft's European lawyers need something that they can tell Ballmer they haven't backed down on in their fight with the EC to avoid any coniciosesiation* incidents.

* chair throwing

Re:I'm not understanding something...

[idontgno]

As far as patents go, this analogy is great. (Although lacking in the Slashdot-standard "Car Analogy" standard.) And the settlement and disclosure agreement we're all commenting on requires Microsoft to disclose the patent numbers of the software "inventions" they feel are embodied in the interfaces documented in the ultra-spiffy double-uber-non-disclosable documents. That means that Microsoft has to mark out the patent minefield in their workgroup protocols so that the Samba team knows what they have to re-engineer.

Somehow, I'm failing to make my real point though. My point is this: nondisclosure of the document is effectively pointless, because (A) the code will contain any of the information in the document necessary to fulfill the software's improved functionality, and yet be freely distributable and capable of study from the source code; and (B) patents can't be hidden: the patent numbers disclosed in accordance with the agreement are guaranteed pointers to the actual patent filings, and patent filings must be sufficiently detailed that the patented invention could actually be implemented according to the patent description.

Patents are public things. Inspect one and you have most of the knowledge you need to actually build the patented thing. You just aren't allowed to, unless you have license from the patent-holder. So hiding a patent in a non-disclosable document is a non-issue. Patents aren't the reason to make the document non-disclosable. And obviously, the information itself in the document isn't a reason to make the document non-disclosable, since the information is about to be translated into another language (C, problably) and published for libre. So, ultimately, I'm guessing the document remains non-disclosable for non-pragmatic reasons: bureaucratic inertia at Microsoft ("This document is non-disclosable. It's always been."); deliberate or incidental attempt to make working with the document and its information tougher (witness the necessity of a complete distinct holding entity which will receive the docs); perhaps a futile attempt to lay a "non-disclosure trap" ("I am Inigo Montoya. Your comments include detailed information from a non-disclosable Microsoft document. Prepare to die.")

Again, it makes no pragmatic sense to me.

Re:So, they can follow the law now?

[LionMage]

Correct me if I'm wrong but, reverse engineering for compatibility purposes is legal.

Totally legal in the United States. In other jurisdictions, the law is not so clear-cut. In Europe, the right to reverse engineer is not sacrosanct. Then again, Europe doesn't (yet) have software patents.

Standard IANAL disclaimers apply, of course, but I've worked for several companies that relied on reverse engineering precisely for the purpose of compatibility with undocumented file formats. In one such company, I was informed by management (after advice from legal counsel) that it was actually legal not only to reverse engineer the file format, but it was even legal to reverse engineer / decompile the code for the application that generated the files in order to see how they were written -- the caveat being, you could only reverse engineer the code to insure compatibility, not to plagiarize it. (Usually you do a clean room reverse engineering process to insure that the people who reverse engineer the code write a clean spec that the people who write your code then use. The people doing the reverse engineering shouldn't be writing code based on that process, to avoid even the appearance of impropriety.) Of course, that particular employer's policy was to not reverse engineer the code of the applications themselves, only the files they wrote, but if we had the resources and we needed to, we could reverse engineer just about anything we wanted.

The legal climate in the U.S. was shaped in part by the outcome of a case where IBM sued Compaq for reverse engineering the BIOS of the IBM PC. Clearly, Compaq prevailed, and the clone PC market was born.

Re:Until the next release?

[calebt3]

That's how they are going to implement the "Extinguish" part of their plan. Release a new version (always incompatible w/it's predecessor) every week/month until Samba can no longer afford to keep buying the new specs. Does the agreement apply to future versions as well?

...
...
...
... I guess it is a good thing after all that corporations don't upgrade as fast as the software world moves.

Ok

[rrohbeck]

Now can we do the same thing for the Outlook/Exchange protocol?

Re:What's this mean in the real world?

[UnknowingFool]

Samba has been developed without the actual documentation of the protocols. The team has done a remarkable job of reverse-engineering them as much as possible. The end result is that Samba is mostly compatible with Windows servers and clients. But there have been some missing pieces because the protocols haven't been open. For example Samba can operate in an Active Directory (AD) domain but cannot be used as a primary AD server. It could be used to make a Linux Primary Domain Controller though.

Re:What's this mean in the real world?

[ScytheBlade1]

Primary Domain Controllers died with NT4. As of server 2000, the concept of "primary" was removed and everything was made multi-master.

To that end, no, samba has not been able to *fully* function as a "domain controller" - as that is a separate technology from that of a "primary domain controller." They share some characteristics, but they are not the same thing.

Re:works just long enough

[civilizedINTENSITY]

"Section 3 is where Microsoft promises to provide the documentation that we need. It deals with the timeliness of that documentation, how errors in the documentation will be dealt with, how and when updates will be provided and what type of technical support will be provided."

WSPP Documentation - Updates.
3.2
(a) General. Microsoft will make updated WSPP Documentation for modified and new WSPP Protocols (that are added to WSPP after Microsoft initially provides WSPP Documentation to Licensee under Section 3.1) available for license by Licensee under this Agreement:
(i) if applicable, upon release of the First Beta for the relevant Service Pack to the relevant product, or new version of that product, that includes the modified or new WSPP Protocol (documentation provided in such instance, a "Preliminary Documentation Update"), or
(ii) if no such First Beta is released, then at least 15 days before the : (A) commercial release of the Service Pack to the relevant product (i.e., Windows Client Operating System or Windows Server Operating System), or new version of that product, that includes the modified or new WSPP Protocol, or
(B) the day on which the final version of any other Update is released. "First Beta" means the first public beta testing version of the Service Pack or new version of the relevant Windows operating system product made available by Microsoft via an MSDN (Microsoft Developers Network) subscription offering or of which 150,000 or more copies are distributed. Licensee will be given automatic access to the WSPP Documentation for any Licensed Protocol modifications made available under this Section 3.2, for no additional charge beyond the License Fee. Licensee will be given access to the WSPP Documentation for any other WSPP Protocol modifications or any new WSPP Protocols pursuant to the process described in Section 3.1(b)(ii), for no additional charge beyond the License Fee.
(b) Preliminary Documentation Updates. When a Preliminary Documentation Update is made available to Licensee, Microsoft will also make the WSPP Documentation for the commercially released version of the relevant Service Pack or new product version (such documentation, a "Final Documentation Update") available to Licensee within 15 days after the relevant date production is authorized for the manufacture of copies of software for commercial availability. THE WARRANTY PROVISIONS OF SECTIONS 3.3(a) AND 6.3 DO NOT APPLY TO PRELIMINARY DOCUMENTATION UPDATES, BUT DO APPLY TO FINAL DOCUMENTATION UPDATES. SINCE THE FIRST BETA CODE, FEATURES AND/OR FUNCTIONALITY MAY BE SIGNIFICANTLY DIFFERENT FROM THE CODE, FEATURES AND/OR FUNCTIONALITY OF THE COMMERCIALLY RELEASED VERSION, LICENSEE IS ADVISED THAT THERE ARE RISKS IN ANY RELIANCE ON PRELIMINARY DOCUMENTATION UPDATES, AND TO THE EXTENT THAT LICENSEE INCURS ADDITIONAL DEVELOPMENT OR ANY OTHER COSTS AS A RESULT OF SUCH RELIANCE, IT DOES SO AT ITS OWN RISK.
(c) Availability. Once a protocol becomes a WSPP Protocol under the WSPP, Microsoft will continue to make WSPP Documentation for that protocol available during the Term. Subject to the foregoing, nothing in this Agreement requires Microsoft to (i) deliver any WSPP Documentation for any modified or new protocol other than as provided in this Section 3.2 or (ii) continue to implement any WSPP Protocol in any Windows Client Operating System or Windows Server Operating System. However, Microsoft will provide notice to Licensee in the relevant portion of the WSPP Documentation of WSPP Protocols that remain available for license but which are no longer used by Microsoft in Windows Client and Server Operating Systems, generally in accordance with the timeframe in Section 3.2(a)(i).

Re:What's this mean in the real world?

[joeytmann]

Well there are the FSMO roles, and the one I think he is referring to is the PDC Emulator role, which there can be only one.

This is a real victory ... if it pans out

[megabunny]

The shell company and the subcontracted developers (Samba etc) cannot release the documentation.

BUT, they can create a reference implementation with normal source code comments and release that without any limits. This will effectively document the protocols. The hoi polloi just can't read Microsoft's documentation directly.

And if the documentation is incorrect, there are recourses.
And if patents come into play, there are recourses.
And if the documentation gets out of date, there are recourses.
And if you read the docs you are only NDA for three months (patents, not so much, as ususal)

This actually looks really good. Fingers crossed the inevitable gotchas are small and can be lived with.

MB

Re:That's akin to

[ozmanjusri]

Maybe someone with knowledge of Samba development

You'll be disappointed. They don't use Lisp.

Most importantly though,

Under the agreement, Microsoft is required to make available and keep current a list of patent numbers it believes are related to the Microsoft implementation of the workgroup server protocols That means Microsoft must tell Samba which patents apply to the protocols, and keep telling them. The developers will be able to avoid any patent traps.

Thanks

[DrYak]

Just to say thank you for all your work.

Re:That's akin to

> That means Microsoft must tell Samba which patents apply to the protocols, and keep telling them. The developers will be able to avoid any patent traps.

Those patents apply only in the US.

Hello from EU by the way ;) Believe or not, Novell/MS deal was like godsent boost for Linux here. As we don't have braindead software patents here - stuff like Mono (+ those "evil" patented apis) and OpenXML support etc, do only good here.

Shame that you guys there have to suffer from software patents ;) Even if EU would approve software patents later it wouldn't really matter (As everything before that point would go under 'prior art' and they would need to come up with new stuff and they couldn't apply for all these insane "innovations" they have patented now)

Novell is probably happy.

[miffo.swe]

Its pretty funny that Novell cant make their products work against AD. They have this agreement with Microsoft and it sure looks like pure vapour.

Samba seems the only way that Novell can make for example Open Enterprise work as an AD controller. This is in my mind pretty funny considering they are supposedly in an interoperability agreement with Microsoft.

What i think happened was that Novell was given a large wad of money to shut up and pretend that Microsoft is working togheter with others in the industry and to give credibility to the patent FUD.

Re:What's this mean in the real world?

[Ajehals]

I would assume since the EU is aiming to make it possible for third parties to interoperate with Microsoft products (IIRC this is intended to mitigate the negative effects of Microsoft's monopoly whilst providing an opportunity for competition) that Microsoft 'letting'

a third party have all of the knowledge required to produce an Active Directory domain. isn't really an issue, the intent is to try to make it possible and in doing so make it possible for anyone interested to produce a node (for want of a better word) that can provide an/or utilise services made available within a domain.

Microsoft may not want others to be able to be able to provide services that work well with and/or provide similar or better functionality than their own, but that is what they have been told not to hinder by hiding their specs.

Re:Impresisons

[ledow]

Yeah, they can do the same, so long as they follow the well-established clean-room procedure, as they have done previously and are still doing. And the current (and next) Samba already has a lot of AD in it, just not stuff that's useful to managing networks like Group Policy etc. which IS covered by this agreement. AD auth is already in most samba's distributed. However, if you want to work out all the corner cases, all the undocumented stuff etc. then you need specs. Or else you can spend (literally) another decade, not to mention a lot of money on people's wages, to figure out how it all works using a bit of cleanroom reverse-engineering by which time it's obsolete and outdated.

It's a hurdle on all three counts - there are patents (but with this agreement MS has to tell us what they are and if they get any new ones that affect licensees), there are legal problems (making sure the code is CLEANLY reverse-engineered for starters) and there are technical issues (it's a whole heap of a mess and it's taking years to find out useful information that you can put in a nicely programmed version, it requires literally throwing educated-guess packets at a Windows server and trying to replicate it's response depending on the state of the entire network, the packet and the server databases).

Obligatory

[FoamingToad]

No apostrophe in Nazis. ;-)

Re:That's akin to

[sepluv]

Actually, in practice, we do have quite a lot of software patents on the books, they just aren't legally valid. That doesn't stop lawyers, judges, the European Patent Office and member state's government (especially those that wish to cosy other to the US) trying to enforce them illegally.

Even if EU would approve software patents later it wouldn't really matter

It would. The proposed directive the European Patent Office and European Commission where trying to get through that was defeated by the European Parliament would have done exactly that: retroactively grant validity to invalid patents illegally granted by the patent office.

Great!

[jav1231]

Great! Now maybe someone in OSS can figure out how to route Netbeui!

What!?

Re:Until the next release?

[jabuzz]

How are they going to do that without breaking the millions of clients in their existing install base? Besides Microsoft are simple not that agile in software releases. It took five years to ship Vista, and there is a similar gap between Server 2003 and 2008.

If they did somehow manage to suddenly become agile and do these releases then it would bring squeals of protest from their clients. Sorry you cannot update your machine over the network to the new networking standards as we have already upgrade the server to make the clients incompatible.

Apart from fedorated directories what extra does Sever 2008 bring in the fileserver/domain controller space? As far as I am aware nothing.

Re:So, they can follow the law now?

[jabuzz]

Reverse engineering is legally protected within the E.U. courtesy of directive 92/250/EEC on the legal protection of computer programs. In the UK this is implemented in the Copyright (Computer Programs) Regulations 1992 (S.I. 1992 No.3233). Basically I get to reverse engineer any hardware/hardware, hardware/software or software/software interface.

Apart from EMCA bits to do with circumventing *effective* copyright protection, I am aware of nothing that overrides this directive.

In a related announcement...

[Chris+Mattern]

...a Microsoft press release announced the replacement for Windows Work Group Server, Windows Team-Up. Among its enhancements will be an all-new protocol which Microsoft claims will be more efficient and powerful than its predecessor.

Chris Mattern