On Friday the EC rejected Microsoft's proposed server interoperability licence, saying it had concerns that the licence excluded open-source vendors and charged unjustifiably high royalty fees.
ZDNet UK examined a copy of Microsoft's proposed licensing agreement to see the source of the EC's concerns.
First of all, why is this licence necessary?
Microsoft has been found guilty of breaking EU competition law by "leveraging its near monopoly in the market for PC operating systems onto the markets for work group server operating systems and for media players".
OK, so Microsoft broke the law and was found guilty. What's the punishment?
Well, a fine of 497 million euros (AU$833 million) for a start. But the more important part of the punishment is the software giant has to open its protocols to competitors, to help them produce software that interoperates with Windows, both on the client and the server side.
No bird then?
No, nobody's going to prison. Let's call this community service.
Great, so I get a licence to use Microsoft's interoperability APIs in my software and go right ahead, right?
Not quite. Microsoft's draft copy of the licence requires you to pay royalties.
So they're asking to be paid for their community service?
OK, so just what does the licence cover?
Implementation of the Microsoft Work Group Sever Protocol Program, or WSPP. This program comprises two types of software: operating systems that implement Microsoft Windows file and print protocols; and operating systems that implement Windows protocols for administration of users and groups, for things like directory services.
So any operating system that will let me access files on Microsoft servers, or provide file or printing services for Windows PCs or servers, or any operating system that will let me do any authentication, authorisation or directory services in an environment where I have Windows servers?
But surely this will only affect companies writing operating system software?
Directly, yes, but the royalties will be passed on.
Continued ... (continued from previous page)
You mentioned those. Just how high are they?
Well, if you're the one applying for a licence, Microsoft has proposed a royalty fee of 5 percent of your company's net revenue obtained from a software product that has used Microsoft's file and print protocols, and 2.5 percent if the protocols are used for an embedded product. The minimum royalty per server product sold or distributed is US$80 (AU$101), with a maximum royalty of US$1,900 (AU$2,393). There is no minimum royalty payable for embedded products.
For the user and group administration protocols, Microsoft has split these into two categories: those that provide functionality equivalent to Microsoft's Domain Controller, which includes authentication, authorisation and the management of access to network resources such as applications and printers; and those that provide functionality equivalent to Microsoft's Global Catalog, which provides directory services.
Companies that use Microsoft's Domain Controller protocols for their product must pay a per-user royalty fee of US$1.90 for every server sold. Companies that use Global Catalog protocols must pay a per-user royalty fee of US$0.15 for every server sold. The minimum per-server royalty fee is US$100, while the maximum is US$600. If companies implement both Domain Controller and Global Catalog functionality they must pay royalties for both protocols.
That's a lot of money. Is Microsoft strapped for cash?
Well, in the 12 months to July 2004, it was making US$100 million a day.
And now it's looking to make more money for breaking the law? So surely Microsoft must be flush enough to give the open-source guys a break? Do they have to pay royalties too?
Well that's good, right?
Not really. The licence specifically excludes open source. Section 2.4 states: "The licenses granted in Section 2.1(a) do not include any license right, power or other authority to subject Licensed Server Implementations or derivative works thereof in whole or in part to any of the terms of any other license that requires such Licensed Server Implementations or derivative works thereof to be disclosed or distributed in source code form."
And this is the same Microsoft whose chairman Bill Gates recently lectured the industry that boosting interoperability "will be the only way for companies to make customers' lives easier"?
The very same.
OK, so what if I reverse engineer the protocols?
The licence does have a provision for 'independent software' which basically says that software entirely developed without any reference to Microsoft confidential information by those who have not had access to Microsoft confidential information for at least a year prior to development, is not covered by the licence.
That's nice of them.
Continued ... (continued from previous page)
Presumably this licence refers to Windows Server 2003. What about future releases of Windows?
Microsoft says it will make WSPP documentation available in a 'timely manner'.
Oh yes? What's that then?
It doesn't say.
Are there any other surprises in there?
Yes, if Microsoft implements any content protection mechanism in the WSPP protocol (part of what it calls its System Integrity Specifications), then you must also build that into your software. You will have 120 days after Microsoft publishes these System Integrity Specifications to conform.
Content protection mechanism? What does that mean?
Microsoft says it could be anything from anti-piracy systems and antivirus technology to licence enforcement mechanisms, authentication security and intellectual property mechanisms (presumably digital rights management).
So how will Microsoft know what we've done with the WSPP anyway?
It will ask for an audit trail. You will have to keep copies of all EULAs, and other agreements such as non-disclosure agreements. Within 14 days of a request from Microsoft, you will have to provide these to a Microsoft-selected auditor.
How do I know Microsoft won't use this as an excuse to glean confidential information about my business relationships?
Microsoft says its auditor(s) will use all due care to guard confidentiality of the information.
Can I trust that?
This is Microsoft.
Good point. So anyway, is there anything else I'll have to provide?
Yes. Source code of your applications that implement the WSPP to an independent company designated by Microsoft, who will be able to compile the code and make as many copies as they like.
How do I know Microsoft won't look at the source code?
Because the company says so.
Sounds like Microsoft's version of open source is your source code opened for them?
Now you're just being cynical.
Can I trust that?
What if the audit finds anything wrong?
You'll have to pay the costs of the audit, up to US$50,000.
And beyond that?
Take all commercially reasonable steps to correct that non-compliance. And then Microsoft may still take you to court.
ZDNet UK's Matt Loney and Ingrid Marson reported from London. For more coverage on ZDNet UK Insight, click here.