On Fri, 2004-08-27 at 10:42, Margaret Olson wrote:
On Aug 27, 2004, at 3:34 AM, Anne P. Mitchell, Esq. wrote:
I agree completely with Larry Rosen, and several others, that the
entire scheme vis the license is problematic. The *reason* it is
problematic is that while, yes, it allows unlimited use by *end
users*, as soon as someone tries to modify it for their own purpose,
and then share that modification with others for the good of and
widespread adoption throughout the industry, there's a "gotcha". In
fact, I would argue that the same concern applies to end-users - what
if the end-user wants to tweak the code themselves? If they want to
then share that modified implementation they could find themselves on
the wrong end of an MS lawsuit. It's all about control. You can't
really blame MS for wanting to retain this sort of control - but I
would suggest that it's antithetical to the real goal here. An
authentication system to be uniformly adopted across the industry is
*not* the same as an authentication system to be uniformly adopted
across the industry which is essentially *owned* by one very large
ISP. Having an ISP - particularly one of the 800 pound gorillas - own
the ultimate commercial (and that's what it is, commercial) rights to
the one true authentication system is like having a large marketing
company own the IP rights to the one spam filter in use across the
industry.
What happens when Earthlink comes up with a better way to both
implement and check for Sender I.D., which ends up giving it a
competitive edge over Hotmail and MSN in the spam performance arena?
(And make no mistake about it - at this point in time, spam/anti-spam
performance at national ISPs is very much all about a competitive
marketing edge.) Remember, this is the same company that threatened
Slashdot and demanded that they remove user postings because the users
had quoted a *public* Microsoft document 'in violation of their
copyright'.
Of course, this is something which I and many others have been saying,
and predicting, all along. That as soon as MS started courting Meng,
it tolled the death-knell for the open-source potential of SPF, which
is what made SPF so attractive in the first place.
In my opinion what we need is a SenderID/SPF-clone which is truly
open-source, and which doesn't itself violate the inevitable Microsoft
IP claims. You can be reasonably sure that MS' plan all along was to
rule this market, and that's exactly where they are headed, with the
blessing of a surprising number of people. The race for a winning
authentication protocol among the majors was never altruisitically
about authentication first - it was always about market domination -
and it was a shrewd, but blatant, move on MS' part to dance with Meng
and end up subsuming SPF.
My problem with this line of reasoning is that any spam reduction
mechanism is going to have IPR claims - by either the genuine inventors
or someone else. There are multiple patent claims on challenge
response. I am not comfortable with the idea that we reject a
technology because the IPR holder has deep pockets. As far as I can
tell, that the IPR is held by Microsoft remains the primary objection,
and I can't see that as a valid objection.
If you note the subject of this thread, it's
acceptable licenses, not acceptable corporate
benefactors.
My objection has nothing to do with Microsoft
and everything to do with the terms of the license. The
majority of other objections I have heard have stated
this as well. You are right that there are some people
who simply object to Microsoft's part in SenderID
in general, but I believe these people to be the minority.
If Microsoft were to drop certain restrictions
within the license, restrictions which have been voiced
many times already so I won't waste energy restating
them again, I would have no objections to continuing.
Ryan
--
HELO, my name is root... you have SIGKILLed my father... prepare to vi!