On Thu, May 11, 2000, John Lederer <johnl[_at_]ibm.net> wrote:
>
> So, here is the background. Kerberos is an open specification ...
Some more info. Most of have had trouble discussing this
on Slashdot.org, apparently because of some denial of
service attacks on it (and other problems). However,
it has become probably the most popular discussion thread
on Slashdot ever, with 1,463 comments on the original post
and hundreds on later threads. Few lawyers, though!
Copyright to Kerberos is by MIT, I believe, and the spec
and software were funded by the United States Government.
The spec is licensed under the MIT license, similar to the
BSD license, and not the GPL. More recently, the spec has
been undertaken by the IETF, an open body that anybody can
belong to, and Microsoft does. Some IETF members believe that
Microsoft is not complying with the standard because it uses
for its own purposes (and to prevent interoperability) one
field in the API to contain data for Windows 2000 servers.
A couple more notes: the document originally on Microsoft's
web site is said to contain a copyright notice and includes text
of an end-user license agreement. It also states that the
document is a trade secret of Microsoft Corp. and any reader
must make the same attempts as Microsoft to keep it a trade
secret. However, the document on the web site (and in other
places now) could be accessed without clicking on the EULA.
And the document is not encrypted except by being compressed
with the Winzip utility most users have (and use for many
legitimate purposes not forbidden by the DMCA).
I haven't agreed to Microsoft's EULA and don't feel bound
by it, since I read the document on MSN and /. discussion.
There are many interesting issues this case raises. Some:
- Many have commented that the document is copyrighted by
Microsoft and thus any unauthorized reproduction is illegal.
However, my reading of the EULA indicates that distribution
of the document is authorized in order to make a security
analysis of the program. (This is a critical point, esp.
with the advent of so many viruses that are tied to Microsoft
software -- some security authorities have already commented
that Microsoft Kerberos appears to be insecure.) Furthermore,
it is not clear how Microsoft can copyright Kerberos since it
is already copyrighted by MIT. If the program had been licensed
by the GPL and given to the FSF, then this might be moot.
- Although the letter from Weston does not so state, it
appears from the document itself that Microsoft considers the
information to be a proprietary trade secret. If so, then
this is another attempt I have been cautioning us about -- an
attempt to use the new copyright laws (esp. DMCA) to protect
trade secrets -- and thus it is a dangerous use of copyright
law. Copyright law should promote free discussion and not
outlaw it.
- The letter raises the issue of posting links to a copyrighted
document. There have been rulings on either side of this practice;
Microsoft appears to allege that anyone making links, even for
purposes of discussion or news, commits contributory copyright
infringement. In this case, some of the links are to Microsoft's
own web site, or to postings on Microsoft's service MSN.
- The letter seems to recognize that Slashdot is an ISP and
thus could be immune from contributory infringement under the DMCA.
But Slashdot claims to be a news organization that has certain
immunity under the First Amendment. One interesting feature of
Slashdot discussions is that they are open to anyone, including
anonymous posters, and that no posting is removed (simply
moderated down to a level that one does not ordinarily see).
So in that sense Slashdot is similar to the way Usenet works.
This issue of copyright vs First Amendment is one that needs
to be examined by the courts and not simply dismissed (as was
done by Judge Green in Eldred v Reno).
- The letter further requests under the DMCA that postings
that merely discuss Microsoft Kerberos (without including any
of the copyrighted material) be removed. This would indicate
that Microsoft seeks some prior restraint on speech at Slashdot,
and is attempting to use government power to prevent any
free discussion of Microsoft Kerberos.
- The tortuous EULA seems to say that anyone who agrees with it
may read the document, but that any implementation of it is
forbidden. This appears to be an attempt by Microsoft to use
the DMCA (and copyright law) to prevent any other company or
group from constructing Kerberos software for a Unix server
that could serve as a Kerberos server for a Microsoft Windows
client, without a Windows 2000 server present on the network.
Consequently it raises antitrust issues that have already been
mentioned in DOJ documents recently filed. These briefs and
Judge Jackson's remarks have already referred to the principle
that copyright is not sacrosanct property, but that it is
subject to limits such as antitrust concerns -- Microsoft in its
proposed remedies has already conceded that it will not force
OEMs from replacing Microsoft's splash screens on their machines.
- At this time we haven't seen Andover's response, but
Slashdot editors have promised to fight Microsoft. We haven't
had any Anonymous Coward step forward and appeal Microsoft's
request to remove material from Slashdot (if possible). I look
forward to having this case resolved in a way that clarifies
rather than further complicates copyright law.
--
"Eric" Eric Eldred Eldritch Press
mailto:Eldred[_at_]EldritchPress.org
http://www.eldritchpress.org/EricEldred.vcf
Received on Sat May 13 2000 - 21:50:07 GMT