Forgot your password?
typodupeerror
Microsoft GNU is Not Unix Patents

MS Releases License For Sender-ID 242

Posted by michael
from the embrace-and-patent dept.
NW writes "Microsoft published today a new license and FAQ for Sender-ID anti-spam standard being developed by the IETF's MARID WG (based on SPF). To use the license, a signed agreement with MSFT is required. Compatability with the Open Source Definition, the Free Software Definition, the Debian Free Software Guidelines, and the GPL/LGPL licenses is already in question."
This discussion has been archived. No new comments can be posted.

MS Releases License For Sender-ID

Comments Filter:
  • by Anonymous Coward on Tuesday August 24, 2004 @05:46PM (#10061293)
    FAQ for Microsoft's
    Royalty-Free Sender ID Specification License
    Microsoft Corporation
    August 2004
    Q1: What is the purpose of the patent license?
    A1: The adoption of Sender ID is important for the industry and Microsoft wants to facilitate the
    adoption of the standard by licensing its necessary patent rights on a royalty free basis and
    encouraging others to license their patent rights that cover the Sender ID specification similarly
    on a royalty-free basis. That is why Microsoft's license includes all of Microsoft's current and
    pending patent rights that are necessary to implement the Sender ID specification not just the
    pending patent application claims Microsoft is currently aware of.
    Q2: Doesn't having a patent on Sender ID complicate the process of getting it adopted as
    an IETF standard?
    A2: No. It should not. There are dozens and dozens of patent rights that have been disclosed to
    the IETF that may cover IETF standards. See http://www.ietf.org/ipr.html for a complete list. We
    are not aware of any of these patents complicating the standards process especially where the
    patent owner has provided an assurance that it would make licenses available on a royalty-free
    basis with other reasonable and non-discriminatory terms and conditions as Microsoft has done
    here.
    Q3: Why is Microsoft asking people to take a license?
    A3: In order to promote Sender ID, Microsoft is pleased to offer its necessary Sender ID patent
    rights on a royalty-free basis but only to those who are also willing to make their Sender ID
    patents available on a reciprocal royalty-free basis. The license is also important to Microsoft for
    defensive reasons. The reciprocity provisions and the ability to reserve defensive rights for
    Microsoft's implementations of standards are very important elements in our decision to
    contribute technology to standards.
    Q4: When do I need to execute a license with Microsoft?
    A4: At this time Microsoft is only aware of pending patent application claims that cover its
    submission of the Sender ID specification. Because Microsoft is not aware of any issued patent
    claims, Microsoft does not require any one to sign a license with Microsoft to implement the
    Sender ID specification or any part of it that is incorporated into IETF working drafts. In
    conformance with the IETF IPR policy Microsoft has disclosed the existence of those pending
    patent claims and has provided its assurance that if such claims are granted Microsoft will make
    licenses available on reasonable and non-discriminatory terms. Microsoft has also gone beyond
    the IETF's requirements by clarifying that its licenses will require no fees or other royalties, and
    further, to make a license available to early adopters who wish at their option to clarify their rights
    with Microsoft with respect to early implementations. Typically patent holders do not make their
    license terms available until after the standard has been adopted and until after their patent
    claims have been granted, leaving early implementers to speculate as to the ultimate terms of the
    license.
    Q5: What do I need to do for binary and/or source code distribution?
    A5: Many open source licenses require you to include copyright notices distributed in the code
    itself identifying the authors of the code being distributed. Some open source licenses also
    require you to include the license under which you received the code with the code that you
    distribute so that downstream users of the code are made aware of the terms and conditions
    under which they can use the code. Microsoft does not require any notice or other attribution
    when you disclose or distribute your implementation in binary form. However, if you disclose or
    distribute your implementation in source code form, we think it is important for you to include a
    patent attribution (from sec. 2.2 of our royalty-free patent license) in your source code and in
    close proximity to the license under which you make your sou
  • by grasshoppa (657393) <skennedy&tpno-co,org> on Tuesday August 24, 2004 @06:06PM (#10061470) Homepage
    No, actually, it won't.

    If your front end servers are not exchange, I can't see a reason why you'd want this, as licensed. The objective of spam is to be delivered. That's it. Once it hits your server, the objective has been completed, whether or not it's filtered by a second stage server is irrelevant.
  • Yeah, funny and all (Score:3, Informative)

    by Mr 44 (180750) on Tuesday August 24, 2004 @06:06PM (#10061473)
    But did anyone actually read the article? You don't need to sign the agreement to implement sender ID. They are just pre-emptively giving out the agreement that would be necessary if their pending patent is granted.
  • by ad0gg (594412) on Tuesday August 24, 2004 @06:28PM (#10061665)
    Read it for yourself [microsoft.com]

    Take the tin foil hat off. Its a Standard reciprocal license agreement. Notice its the exact rights you get from licensing their patent. So how is this bad? All its saying is that you can use their patent if you grant them access to your patents on caller id.

  • Re:Stalemate (Score:1, Informative)

    by Anonymous Coward on Tuesday August 24, 2004 @06:32PM (#10061695)
    So now nobody will implement this

    sendmail is.

    How does this incorrect tripe get modded up?
  • by reynaert (264437) on Tuesday August 24, 2004 @06:37PM (#10061748)

    I'll be really interested to find out what the take of some Linux Distros will be on this.

    Debian at least will never include anything that requires them to sign a patent license.

  • by sff0ghead (713186) on Tuesday August 24, 2004 @07:56PM (#10062447)
    There are lots of other examples at http://ietf.org/ipr.html with
    fairly similar "don't sue me and you can use it" terms. The IPR
    terms being offered here almost look like a cut and paste job, to
    be honest, and that may not be a bad thing. There actually
    can be advantages to someone holding a defensive patent:

    It means someone who wants to use a submarine patent to
    control this technology has to fight Microsoft's lawyers.

    Microsoft's grant is: 1) subject to any denial of claims by
    the USPTO, 2) Royalty-free (as in beer), 3) Non-discriminatory
    (anyone, anywhere, any time). Other submarine patents might
    not be nearly so nice, and I'd rather have the next guy along
    sue Microsoft than me.

    There are some pain in the rump aspects; it is not:
    sublicensable (everyone has to get their own free thing).
    It does require you license back whatever you have claims on
    that is needed for Sender-ID to get their thing needed
    for Sender-ID (this is common in the IPR declarations given
    to the IETF). That, in my humble not-a-lawyer opinion is
    why you have to let them know your use is under the free,
    global, yadda-yadda license rather than being an
    infringement of the patent.

    The good news: this does not require those deploying
    Sender-ID records to do anything. It does not
    require anyone using packaged binary software to do
    anything. It does not require anyone distributing
    packaged binary software to do anything.

    It's a minor pain for implementors and a hassle for distributors
    (who may, like Sendmail, have to put the Sender-ID code in a
    different distribution). Not ideal, but not enough of a pita,
    in my opinion, to go without the technology. Especially if
    their claims cover things like "storing MTA authorization records
    in the DNS" (and they could), rejecting this could mean rejecting
    the whole ball of wax as an anti-forgery tool.

    Who wins then?
  • Re:prefer DomainKeys (Score:4, Informative)

    by imroy (755) <imroykun@gmail.com> on Tuesday August 24, 2004 @11:07PM (#10063984) Homepage Journal

    Even better, SPF doesn't necessarily compete with DomainKeys.

    SPF enumerates which servers are allowed to send email for a certain domain.
    DomainKeys authenticates individual email messages as having come from a certain domain.

    Together they could be quite effective against spam. In particular, Yahoo also talks about building a reputation system on top of DomainKeys. The idea is that a spammer would quickly find the 'reputation' of their domain going down and soon no email server would accept their email.

  • Re:GPL problem. (Score:3, Informative)

    by Rick the Red (307103) <Rick@The@Red.gmail@com> on Tuesday August 24, 2004 @11:42PM (#10064231) Journal
    I'm sorry, I don't follow. How does MS asking you to mention their patent in your source cause any problem for the GPL? The GPL is quite clear that individual users must not need to apply for a patent license; that license must be royalty-free and transferable to anyone who uses the GPL'd code. Period. Microsoft's patent license appears to be royalty-free and transferable. They want their patent license in close proximity to your software license -- that's OK by the GPL, just bundle the two text files with your source, as you today bundle the GPL text file with your source.

    Seriously, what's the problem?

  • by 0x0d0a (568518) on Wednesday August 25, 2004 @01:26AM (#10064930) Journal
    I don't know about other people, but I have, for *months*, been posting things to Slashdot pointing out holes in SPF and misdesign in every SPF discussion. SPF proponents seem to generally skip over my lists of problems and make lengthy posts about how "SPF is better than nothing", which I disagree with. I've just about had it with the SPF people, who I'm generally now seeing as not capable of decent design.

    Just because I intensely dislike Microsoft's system does not mean that SPF should instead be deployed.

    I'd like to see a very specific example of a problem to end users that SPF is intended to solve, that all the deployment issues involved will be paid for with. It is not, as I've pointed out, capable of stopping spam, nor is it capable of avoiding Joe jobs. It is a very weak (and known breakable in a number of ways) authentication system that is heavily tied to the existing mail transport system and does not appear to be easily extensible. There are better existing systems.
  • by DM9290 (797337) on Thursday August 26, 2004 @07:41PM (#10083591) Journal
    I'm sorry, I don't follow. How does MS asking you to mention their patent in your source cause any problem for the GPL? The GPL is quite clear that individual users must not need to apply for a patent license; that license must be royalty-free and transferable to anyone who uses the GPL'd code. Period. Microsoft's patent license appears to be royalty-free and transferable. They want their patent license in close proximity to your software license -- that's OK by the GPL, just bundle the two text files with your source, as you today bundle the GPL text file with your source.

    You can't bundle GPL with your source and distribute it, unless you are distributing under the terms of the GPL and no other restrictions are imposed.

    In order to derive software from Microsoft patent, Microsfot requires you to give them reciprocal rights on certain of your patents. You can not impose such a requirement on software if you are deriving it from other copyrighted material you are using under the GPL license.

    The copyright holder expressly forbids it.

    The GPL says:

    You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.

    The microsoft software is not transferable to all third parties with no charge under the terms of the GPL. Only to a subset of third parties, namely people who agree to abide by specific additional stipulations of the microsoft license. Consequently the GPL would would not enable them to use the software unless they agreed to the additional microsoft terms. The GPL specifically does not allow you to add additional restrictions to the use of the software. The fact that those restrictions are from microsoft is not at all relevant.

    If you want to add additional restrictions you have exceeded the license granted to you by the GPL, and you must obtain permission to derive from the authors, just like you would need to obtain permission in the case of any copyrighted work.

    You may not revoke from the recipients of your GPL derived work, any rights the GPL granted to you, because the GPL only gave you license to distribute if you license as a whole the entire work under the GPL. The requirements of Microsofts license do not give all the same rights as those of the GPL and thus you can't impose microsofts license onto GPL work, and then use a GPL license to justify, what would be, copyright infringment against the copyright holders of the GPL software you are deriving from.

Some people claim that the UNIX learning curve is steep, but at least you only have to climb it once.

Working...