The issue of open standards, Sender ID, and the GPL did come up today in the FTC hearings on email authentication. A representative from the Apache Foundation, Daniel Quinlan, spoke clearly and firmly on the recent flap over Sender ID. The IETF sent two representatives, one of whom, Scott Bradner, said that the IETF isn't really in a position to rule on licenses, though they do consider such elements. Their primary concern is finding the best tech, and they did have tech issues with Sender ID, not just patent issues. Another speaker said that licensing was the primary issue for the working group, however. When some tried to say that some in the FOSS community had no issues with the license, Quinlan countered by saying it wasn't clear what segment of the OS world they actually represented.
Refusal to allow sublicensing creates friction for Open Source, Quinlan pointed out, and creates an unfair marketplace. How would Microsoft like it if, when they use FOSS code, they had to have each new customer sign a license with BSD or Apache? They wouldn't favor that if they had to do that to sell *their* products.
Microsoft had a representative on the panel as well, listed as David Kaefer who was involved in launching the Shared Source initiative, and his position was typical for Microsoft. He said that we have to get practical and leave "religion" out of it. Something must be done about spam and phishing, Microsoft has a solution ready to go, and there are many other Open Source licenses beyond the GPL. It will not surprise you to learn that he listed the BSD license as being acceptable, along with the MIT license, the Apache license, etc. Anything but the GPL would be fine with Microsoft, it seems.
Besides, he said, the patent license on Sender ID is only for distributors. How many GPL end users ever modify code or distribute it? Be pragmatic, he said, and separate out the religion from practical barriers to implementing Sender ID. Microsoft has to preserve its defensive rights. We all have to compromise, not that I see Microsoft moving off its dime on their anti-GPL license. After all, he said, the Sendmail people are cooperating. Ah, yes. But which Sendmail?
Anyway, it was clear they are trying, once again, to isolate the GPL as being unnecessary to a mainstream discussion, and not as important as dealing with spam anyway. Needless to say, that misses the entire point. They are trying to force a standard that, because of its anti-GPL poison pill terms, isolates a fair chunk of the world from being able to use it. While it may be true, as he said, that there are some 50 Open Source licenses, the majority of FOSS code by far is under the GPL, including Microsoft's chief competition, Linux. Nobody mentioned that. The IETF representative did bring up an alternative license Cisco has offered to use, whereby they would promise not to enforce their patent against anyone who hadn't sued Cisco, which would be more acceptable than Microsoft's terms, but Microsoft did not say they would change a word.
Quinlan countered by saying Sender ID may have a negative affect on the fairness of the market. He encouraged the use of SPF, as did Microsoft, the unencumbered part of Sender ID even now. Spam Assassin supports SPF. MS has said they won't be fully supporting the Mail From segment, though, Quinlan said, and will encourage all to use their encumbered part. Microsoft is saying we have nothing to fear, Quinlan added, but given Microsoft's prior statements on Open Source, we have good reason to be afraid. The two problems with the license are the separate execution requirement and no sublicensing. Those two are the primary concerns, in Quinlan's view.
For some inexplicable reason, Lawrence Rosen, the attorney who negotiated with Microsoft on behalf of the FOSS community over the Sender ID license, was not invited to be on the panel. That alone speaks volumes. I think in the future, the community should consider sending representatives to such meetings, even if they are not invited to be on a panel. A panelist can refer a question to an expert sitting in the audience. A panelist did that very thing today, and the Apache representative could have done the same, thus letting Rosen speak. That way, when Microsoft made inaccurate representations about Rosen, and Quinlan countered with his understanding of Rosen's position, a truly ludicrous situation, Rosen would have been there to speak for himself and correct the record. However, there is no doubt that the FTC is aware of the GPL issue and included it in the list of matters to be discussed. IBM had a representative listed on the panelist list, which you can obtain from the FTC website, but I didn't hear him speak. I had to work on other things today, and I could only listen to portions of the day's events. The summit continues tomorrow.
On the subject of standards, Bruce Perens has released a paper on software patents in standards you no doubt would be interested in reading:
"Patents, originally created to stimulate innovation, may now be having the opposite effect, at least in the software industry. Plagued by an exponential growth in software patents, many of which are not valid, software vendors and developers must navigate a potential minefield to avoid patent infringement and future lawsuits. Coupled with strategies to exploit this confusion over patents, especially in standards setting organizations, it appears that software advancement will become stifled unless legal action is taken to resolve the situation. This article examines the current situation facing software developers and users, the methods employed by standards setting organizations to address these problems, and recommends strategies for resolving the problem caused by software patents."
In other patent news, the UK government has decided to meet with those who expressed concern about software patents in December. The Register has more on this story. As it happens, we will have a representative at that meeting, so we'll be able to inform you of what transpires. He was sent a brochure [PDF], which you can read too, setting forth the government's view on things. As you can see, they assert that Open Source will continue to thrive, as they allege it currently is in the US. After you look over the brochure, what questions do you think our representative should ask at the meeting? Please leave your suggestions in the comments section. Here is a visual representation of the patent problem in Europe that FFII prepared.