We might not be out of the woods quite yet.
The Problem
It seems the Software Freedom Law Center didn’t like what it saw when it looked at the Open Specification Promise last year. Combine this with the question that the Community Promise is more restrictive than the Open Specfication Promise, and things are looking a little less rosy.
The 3 points the SFLC raises with the OSP all exist in the CP:
- Irrevocable but Only for Now
- Covers Specifications, Not Code
- No Consistency with the GPL
The author also warns: “It is true that a broad audience of developers could implement the specifications, but they would be unable to be certain that implementations based on the latest versions of the specifications would be safe from attack. They would also be unable to distribute their code for any type of use, as is integral to the GPL and to all free software.” The whole thing ends with the SFLC cautioning “GPL implementers not to rely on the OSP.”
It reads to me like the SFLC is saying the OSP is not GPL-safe, even though Microsoft suggests it is. Microsoft does use a bit of strange language on that point:
Because the General Public License (GPL) is not universally interpreted the same way by everyone, we can’t give anyone a legal opinion about how our language relates to the GPL or other OSS licenses, but based on feedback from the open source community we believe that a broad audience of developers can implement the specification(s).
The Twist
I can’t believe I’m about to argue in favor of Microsoft, but consider this: Microsoft is explicitly saying right there they believe the OSP (and CP) can be used with the GPL. It seems to me then, that would prevent Microsoft from coming in later and saying it doesn’t! It only seems to open up some strange situation like the original GPL project attacking a GPL fork and arguing that the OSP attached to the original doesn’t confer to the fork or something. My head hurts even thinking about how it could be twisted into an attack.
And believe me, I think about how Microsoft could attack Open Source all day long. If I worked for Microsoft all you hippies would be running Vista.
Seriously though, Red Hat’s General Counsel has said the OSP is “sufficient”. I don’t trust Microsoft and I don’t trust Novell but I do trust Red Hat’s lawyers to get it right.
Summary
I’m not seeing this as a valid attack. Right now if there is a problem with the promise it is in the difference between the OSP and the CP.
#1 by AH on July 8th, 2009
Key word is politics. The SFLC announcement came out before OOXML made it through ISO. I’m not saying the analysis is necessarily wrong (clearly, the “future revisions” thing is bang-on) but maybe they didn’t work too hard at looking for the positives.
What really counts is actions, not words. OSP cannot be that unsafe; OpenOffice.org relies on it for its native OOXML support (which is being built by Sun and is unrelated to the earlier Novell work). It’s also the thing Microsoft use to cover their OASIS-based work on OpenDocument.
The MCP isn’t great; it could be better written, it could cover future versions, it could allow people to experiment with the platform incompatibly and not be at patent risk. The mandatory sections thing is a slight pain. That all said, it’s good enough.
#2 by nachokb on July 8th, 2009
Sadly, if you read that again, it doesn’t state clearly that they believe GPL licensed software is covered.
That is broad enough to argue “I didn’t say so”…
nachokb
#3 by Jason on July 9th, 2009
nachokb,
I’m not sure I buy that – consider the very next FAQ:
That is Microsoft being directly asked by a GPL developer if the CP applies to them, and Microsoft answering (strongly) in the affirmative. I just don’t think Microsoft can come behind this later and pretend the promise doesn’t apply. I really think if you consider all of the Q&A (because a single Q&A might not give a comprehensive answer) that it looks pretty good.
I’m not saying this isn’t a slight concern – even “real” Open Source entities sometimes clash over licensing issues – but I don’t think there’s enough ground here to build much on, either.