Re: In favour of Sender ID (was: DEPLOY: SPF/Sender ID support in Courier.)
2004-09-01 12:01:05
Hallam-Baker, Phillip wrote:
Ahh. Yes, I missed that. I think the GPL specifically answers this
question:
http://www.fsf.org/copyleft/gpl.html
"Finally, any free program is threatened constantly by
software patents.
We wish to avoid the danger that redistributors of a free
program will
individually obtain patent licenses, in effect making the program
proprietary. To prevent this, we have made it clear that
any patent must
be licensed for everyone's free use or not licensed at all."
Sender-ID is licensed for everyone's free use and it is not
necessary for individual users or distributors of the program
to obtain independent licenses.
While that may be true, nevertheless several attorneys have stated that
Sender-ID is not compatible with the GPL and other open source licenses.
With all due respect, until I hear from another attorney otherwise,
those opinions carry a lot of weight over others who are not attorneys
including myself. Add to this the opinion of Microsoft lawyers as well.
Perhaps Verisign's legal counsel disagrees and we'll be happy to hear
his or her opinion, if you can obtain it for us.
In the context of this standard, once again the question is whether the
IPR issue cause problems with deployment. Judging from announcements
made by various companies in the last few days, it seems that the big
boys have no problems with this. However, ISPs and domain owners are the
ones who will be publishing these records, and it remains to be seen
whether the IPR issue will delay their rollout. The very fact that
people are confused about the license, already points to potential problems.
It is very clear to me that the SenderID license is not a
genuine impediment here. The impediments are being created by
people who want to see them.
In my personal opinion any IPR Microsoft may be claiming can only be
based directly on ASRG discussions and other related mailing lists, as
well as IETF drafts. I also agree with Hadmut that the PRA "agorithm" is
too obvious and additionally, it looks very much like fetchmail's
"algorithm".
Therefore, IMHO, this situtation is starting to smell just like the case
of the IDN WG described in RFC 3669 - a company following progress of
the working group (or in this case a research group) and then patenting
ideas coming up in the discussion. In the case of IDN, the IPR claims
were dismissed as worthless and the standard moved along. Whether this
is a viable option for this WG, is something that remains to be seen.
<rant>
One thing that keeps bugging me is how hiddenly all of this came about.
Phil, you of all people always made sure to include a disclaimer on any
potential idea that Verisign might seek to patent coming out of ASRG
discussions. Microsoft employees did not do that simple courtesy
(whether Microsoft's lack of disclosure granted rights to the IETF is
something I will leave to the lawyers). This creates a precedent and a
chilling effect on the operation of the entire IETF community which *is
not a good thing*. Should we now worry about every single potential
patent that might be filed on our discussions just because some company
decides to sic their lawyers on it?
I am not blaming any of the Microsoft employees that were involved in
this. Quite the opposite, I am very impressed with what they have done
for us and the steps they took. I would like to commend Bob, Harry,
George, Jim and others for pushing this and agreeing to work within the
IETF process when other options were available. Nevertheless, whoever is
responsible for this IPR issue at Microsoft, perhaps the lawyers, should
have told us earlier about this, and published the license long before
the last call period started. It would have made things much easier for
all parties involved.
</rant>
Yakov
|
|