'

Halloween XII: What's really behind those Microsoft licenses?

A look back at the Halloween Documents, scary movies, and open source.

The Grudge

Last night I stayed up late to watch a scary movie called The Grudge. It's a remake of a Japanese film, set in Japan, with English actors including Sarah Michelle Geller. It's not gory but it sure gave me the creeps. Tonight after all the trick-or-treating is done and the lights are turned down I plan on watching the sequel.

One unique thing about The Grudge is that the house is almost the main character. I don't mean in an anthropomorphic way like Monster House, but the house is where it all started, and is the only constant throughout the years of the story. People come and go but the house remains. It doesn't matter how many muscular boyfriends, police detectives, social workers, etc., you bring with you. If you enter the house, you're doomed, period. You can try to move away or burn the house down but nothing works. The house, and all the emotions and baggage that comes with it, cling to you forever.

So what does this have to do with software development? In the last week of October 1998, a confidential Microsoft memo detailing their strategy against Linux and Open source was leaked to Eric S. Raymond, who annotated it and posted it on the web. This became known as the first Halloween Document. Between 1998 and 2004 Eric posted 10 other Halloween Documents. You can see them all at this site.

Now it's 2007, and the Open Source Initiative, an organization that Eric Raymond co-founded, has approved two new open source licenses written by Microsoft. The Microsoft Public License (Ms-PL) is a permissive license in the spirit of Apache and BSD, while the Microsoft Reciprocal License (Ms-RL) adds a clause requiring you to release the source code of any files that contain any covered code. Ms-RL has similaries to GPL and MPL, but isn't quite the same as either one.

Given the OSI's stated desire to reduce the number of open source licenses, not increase them, I asked the OSI board why they had approved it. "We won't approve licenses that are too similar to existing licenses", board member Russ Nelson responded in an email. However he praised the licenses for being simply written, for addressing trademarks and patents, and for not naming a specific jurisdiction.

Is that enough to differentiate them? Not according to Greg Stein of the Apache Foundation, who is opposed to the creation and use of new licenses when existing, popular licenses already do the job. "License proliferation," he writes, "slows development and discourages usage by making it more difficult to combine and remix code."

What about the name? Is anybody besides Microsoft going to use a "Microsoft anything" license? Nelson claims the name is irrelevant. "Lots of people who aren't at Berkeley or MIT use the Berkeley and MIT licenses," he points out. However discussion was reportedly quite lively at the OSI board meetings. Participants say they treated Microsoft like any other applicant, but Nelson concludes:

The licenses are reasonable. People's reaction to the name Microsoft on an Open Source license is not reasonable.

The house of Microsoft still stands. But is it safe to go in?