Microsoft Patent Could Hamper E-Mail Authentication Group

By Matthew Hicks  |  Posted 2004-09-17 Print this article Print

The claims of a patent at the center of the Sender-ID licensing debate appear broad enough to reach SPF and potentially undermine efforts to keep standards efforts alive, experts say.

With intellectual property issues already causing defections from its Sender ID proposal, Microsoft Corp. is sparking fresh concerns that IP could even undermine alternatives. This time, a Microsoft patent made public Thursday appears to be broad enough to cover not only methods of the authentication algorithms for which Microsoft wants licensing but also the SPF (Sender Policy Framework) method being touted as a patent-free alternative, according to legal experts and participants in the e-mail authentication working group.
While legal interpretations of the proposed patent will vary, at least one of its claims, if not more, seems to describe broad Internet Protocol-based authentication methods that would put SPF and other mechanisms in its crosshairs, said Anne Mitchell, president and CEO of the Institute for Spam and Internet Public Policy.
"I certainly believe that there is great cause for concern given some of the claims," said Mitchell, also a professor of law at the Lincoln Law School of San Jose. AOL has dumped Microsofts Sender ID standard and instead will implement SPF. Click here to read more. The U.S Patent and Trademark Office published the Microsoft patent application, which still must undergo a patent examination before being granted. Microsoft had previously disclosed the patents existence to the Internet Engineering Task Force, whose MARID (MTA Authorization Records in DNS) working group has been considering Sender ID, but the publication marked the first disclosure of the patents contents. MARID last week largely abandoned Microsofts original Sender ID proposal and has been considering a hybrid approach that would support multiple authentication algorithms. The co-chairs have proposed a specification that supports both Microsofts PRA (Purportedly Responsible Address) algorithm, with its royalty-free license, and another without patent issues based on SPF. Click here to read more about MARIDs compromise efforts. Some MARID participants, though, worry that the latest patent could hurt those compromise efforts and extend the intellectual property fracas to SPF. A series of e-mail exchanges on the MARID e-mail discussion group shared varying interpretations but largely expressed concerns that SPF could be affected. The patent has the potential to derail the working groups latest work to keep an altered Sender ID and e-mail authentication standard alive, Mitchell said. "If SPF is encumbered by Microsoft then that means a couple things," Mitchell said. "It could mean they have to ditch everything or [that] Microsoft ends up owning authentication anyway." Microsoft spokesman Sean Sundwall said because the patent is still under review, the company could not comment on whether it covers SPF or any other specifications. But he cautioned against speculation and noted that the patent was filed in October 2003 before the current incarnations of Sender ID and SPF. "Its complicated, and were just not in position where we could speculate on what the patent is supposed to include," Sundwall said. "And any patent, especially when its published, is scrutinized publicly and more times than not its scrutinized inappropriately." Asked why Microsoft previously disclosed that the patent could cover PFA, he said that disclosure was required as part of the IETF process for its original Sender ID proposal, which included PFA. Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.

Be sure to add our Security news feed to your RSS newsreader or My Yahoo page

Matthew Hicks As an online reporter for, Matt Hicks covers the fast-changing developments in Internet technologies. His coverage includes the growing field of Web conferencing software and services. With eight years as a business and technology journalist, Matt has gained insight into the market strategies of IT vendors as well as the needs of enterprise IT managers. He joined Ziff Davis in 1999 as a staff writer for the former Strategies section of eWEEK, where he wrote in-depth features about corporate strategies for e-business and enterprise software. In 2002, he moved to the News department at the magazine as a senior writer specializing in coverage of database software and enterprise networking. Later that year Matt started a yearlong fellowship in Washington, DC, after being awarded an American Political Science Association Congressional Fellowship for Journalist. As a fellow, he spent nine months working on policy issues, including technology policy, in for a Member of the U.S. House of Representatives. He rejoined Ziff Davis in August 2003 as a reporter dedicated to online coverage for Along with Web conferencing, he follows search engines, Web browsers, speech technology and the Internet domain-naming system.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel