The Kerberos security protocol, which has been adopted by the Internet Engineering Task Force as an open standard, is the subject of an on-going dispute between Microsoft Corp. and the Slashdot.org Web site, which hosts discussions about open-source software.
Microsoft claims that a Slashdot discussion thread that posted Microsoft’s proprietary extensions to the open-source Kerberos protocol violated Microsoft’s copyright and is illegal under the Digital Millennium Copyright Act (DMCA).
However, “Microsoft is in no way trying to limit industry dialogue on this topic,” said Microsoft spokesperson Luisa Vacca.
Members of the Slashdot community argue that Microsoft is attempting to stifle free speech within the open-source community.
The Kerberos security protocol, which was designed at MIT in the 1980s, is used in Windows 2000 in a form that is partially incompatible with widely used versions of the standard. To read Microsoft’s version of the specification, developers have to run an executable file that compels them to agree to a confidential licensing agreement. This angered some visitors to Slashdot, who posted instructions that tell users how to download the specification without having to agree to the restrictive licensing agreement.
On May 10, Microsoft attorney J. K. Weston fired off a letter to Acton, Mass.-based Andover.net, which publishes Slashdot, demanding that the material be removed.
“That entire mentality is completely against the whole open-source objective. Microsoft just doesn’t get it,” said Dean Williams, a network engineer at Yesmail.com, a Chicago-based permission e-mail marketing company that uses Windows 2000. “You can charge money for anything that you add to open source, but you have to make the source code available to anyone who wants to use it.”
Slashdot Editor in Chief Robin Miller refused to delete the 11 messages that Microsoft insists are illegal under the DMCA. Instead, Slashdot shot back with a letter from its attorney, Mark D. Robbins, questioning Microsoft’s legal claims. Andover.net is concerned about deleting the user postings “given their apparent relevance to issues in the current antitrust litigation between Microsoft and the government,” Robbins said.
The letter drafted by Robbins disregarded Microsoft’s copyright concerns, said Adam Sohn, the public relations manager for Microsoft’s inside platforms division.
According to Microsoft, the Kerberos licensing agreement was put in place to protect Microsoft’s intellectual property on the use of an undefined data field left open for Kerberos Version 5.0, which allowed developers to store authorization data for the Windows 2000 operating system. While Microsoft published this code, it forced users to agree to a licensing restriction that identifies the material as “confidential information and a trade secret.”