BOSTON (06/02/2000) - The Kerberos security protocol, which has been adopted by the Internet Engineering Task Force as an open standard, is the subject of an ongoing dispute between Microsoft Corp. and the Slashdot.org Web site, which hosts discussions about open-source software.
Microsoft claims that a Slashdot discussion thread that posted Microsoft's proprietary extensions to the open-source Kerberos protocol violates Microsoft's copyright and is illegal under the Digital Millennium Copyright Act (DMCA).
However, "Microsoft is in no way trying to limit industry dialog on this topic," said Microsoft spokeswoman Luisa Vacca.
Members of the Slashdot community argue that Microsoft is attempting to stifle free speech within the open-source community.
The Kerberos security protocol, which was designed at MIT in the 1980s, is used in Windows 2000 in a form that is partially incompatible with widely used versions of the standard. To read Microsoft's version of the specification, developers have to run an executable file that compels them to agree to a confidential licensing agreement. This angered some visitors to Slashdot, which posted instructions that tell users how to download the specification without having to agree to the restrictive licensing agreement.
On May 10, Microsoft attorney J.K. Weston fired off a letter to Acton, Massachusetts-based Andover.net Inc., which publishes Slashdot, demanding that the instructions be removed.
"That entire mentality is completely against the whole open-source objective.
Microsoft just doesn't get it," said Dean Williams a network engineer at Yesmail.com, a Chicago-based permission e-mail marketing company that uses Windows 2000. "You can charge money for anything that you add to open-source, but you have to make the source code available to anyone who wants to use it."
Slashdot editor in chief Robin Miller refused to delete the 11 messages that Microsoft insists are illegal under the DMCA. Instead, Slashdot shot back with a letter from its attorney, Mark D. Robbins, questioning Microsoft's legal claims. Robbins said Andover.net is concerned about deleting the user postings "given their apparent relevance to issues in the current antitrust litigation between the Microsoft and the government."
Microsoft appeared to be backing down from the dispute last week.
"Was Slashdot the right battle to pick? Maybe, maybe not," said Adam Sohn, public relations manager for Microsoft's inside platforms division. Sohn said the letter drafted by Robbins disregarded Microsoft's copyright concerns, but he declined to comment on whether the company would continue to pursue Slashdot on alleged copyright violations.
According to Microsoft, the Kerberos licensing agreement was put in place to protect Microsoft's intellectual property on the use of an undefined data field left open for Kerberos Version 5.0, which allowed developers to store authorization data for the Windows 2000 operating system.
"That field was set out by the framers of the standard for the special purpose of allowing vendors to put authorization data in it, so that was a space for innovation," said Sohn. "We felt we wanted to protect that innovation and that investment."