It must have seemed like a good idea at the time: The effort to create an effective standard for SMTP authentication relied, and still relies, on quick adoption by the largest companies in the e-mail business, and Microsoft is a significant company in both the e-mail software and service business. Why not bring them into the process and make them a central part of the solution?
But it was not to be. With just hours to go on their deadline under the IETF standard process, Microsoft finally released their revised license for their intellectual property rights claims in Sender ID. Microsoft has offered a royalty-free license to all implementers of their property and, it would appear, more than satisfied the needs of the IETF.
But open-source advocates in the working group have emphatically rejected the proposed license. Those who would create a distribution of it must obtain one of these royalty-free licenses directly from and fax a signed license form to Microsoft. So if you have a license and wish to publish your source code for others to implement, you cant include the intellectual property rights with the distribution.
This only applies to people creating new distributions of the software, not people who simply want to use software that implements Sender ID, even GPL software, or who want to create Sender ID records in DNS.
The reasons for the license are defensive. The only people who cant get a license are those who are suing Microsoft over the intellectual property claims in it. As one participant said, any company with a sizable R&D staff will need to make such defensive moves, and the IETF has happily worked with standards that involved IPR licenses before, many more restrictive and burdensome than this.
But Sender ID is different. It is intended for a software market that has had a large presence of open source software. There is some dispute in the working group over whether the license is or is not compatible with most open-source licenses, especially the GPL, but there is a consensus that it is at least problematic for those licenses and a poke in the eye of those who use them. And lawyers from the Free Software Foundation have stated that the license is not GPL-compatible.
I tried to warn them, and I know I wasnt alone. Microsoft gave the impression that stopping spam, phishing and other abuses of e-mail was important to them, but it obviously wasnt important enough. For Sender ID to be successful it needs to be adopted widely, and the only way that was going to happen was if it was unencumbered by burdensome licenses. And it had to be obviously free in everyones sense of the word so that everyone could feel free implementing it and getting to the important business of fixing the broken e-mail system on the Internet. Microsoft just couldnt bring themselves to do it. Instead they actually advise people, if they are unsure of how the license affects them, to hire a lawyer.