Microsoft Plans Shared Source .NET

On Wednesday, Microsoft announced plans to release what amounts to a shared-source version of its .NET infrastructure for Windows and FreeBSD.

Specifically, Microsoft says it has been working with the ECMA standards body and will release ECMA versions of the Common Language Infrastructure (CLI), a C# compiler, and an ECMAscript compiler. The CLI is similar to the Java virtual machine, in that it acts as a translator between the .NET infrastructure and other platforms. Program manager Dave Stutz says Redmond will work with Corel to develop the code.

The announcement comes against a backdrop of Microsoft's recent attack on some aspects of open source software development, particularly against the GNU General Public License (GPL). Microsoft considers the GPL impractical for business because of what it calls its viral nature, which forces developers to return any modifications to the community.

The day before the announcement, O'Reilly & Associates CEO Tim O'Reilly, Editor John Osborne, and O'Reilly Network's Rael Dornfest talked to Dave Stutz about Microsoft's first dip into the waters of public source.

Dave Stutz: One of the things we've talked about, and has been lost in the noise of the GPL issue is that there are a number of positive things about the open source movement, and we've tried to learn from those things. And we've actually been developing a family of licenses that are tools for preserving people's valuable property while enabling people to work together in business relationships ...

Certainly we are highly protective of the intellectual property that forms our crown jewel, which is Windows.... But one of the other licenses we've been working on will be associated with the code base we're talking about today. In this type of license, the goal is to put the body of the content and get as much uptake as possible, both in commercial implementations of the CLI and/or the C# language, and in terms of non-commercial derivative work.

Our intent is to have a license that is absolutely clear about people who want to look at the source code and then use what they've learned in their own source code. It will be permitted. The goal is to make that very clear, up front.

Additionally we want to make it possible for people who are doing non-commercial work, either personal hacking or research or teaching or courseware -- we want to make it very easy to use and easily available for those people ...

The licensing terms are designed so that people who want to do non-commercial ports to Linux [can do so]. That's well within the intended purpose of the license. We don't feel comfortable with Linux because of the GPL nature of the kernel ...

FreeBSD has traditionally been an operating system that encouraged unencumbered experimentation. ... And that's what we're using it for. We're using it to prove the point that you can actually implement the CLI on Unix. It's been around a long time, people use it commercially. Microsoft uses it commercially, actually. And the academic community is quite familiar with it as well.

John Osborne: So you're favoring FreeBSD over Linux because of the licensing?

Stutz: We have chosen FreeBSD because of licensing issues, yes.

Dave Stutz is speaking at the O'Reilly Open Source Convention in San Diego, CA, July 23 - 27, 2001. Stutz will speak on a panel following Craig Mundie's talk on Microsoft's views on open source development and licensing. Dave will also speak at a session specifically on the ECMA shared source implementation. For more information, visit our conference home page.

Tim O'Reilly on Microsoft's Participation at the Open Source Convention -- Microsoft senior vice president Craig Mundie will speak at O'Reilly's upcoming Open Source Convention, and he'll debate Red Hat's Michael Tiemann and other open source leaders. Tim O'Reilly talks about how this came about and what he hopes to accomplish by bringing together Microsoft representatives and open source advocates at the O'Reilly Open Source Convention.

Microsoft's announcement is really a double announcement: They're releasing shared-source versions of their .NET framework to the curious eyes of the developer world, but they're also signalling that they're willing to work more closely with the open source community. Which part of this do you find more interesting? Post your comments

What about commercial ports? Since Microsoft intends to license the Common Language Infrastructure commercially itself, it wants to license any others who want to make a business out of it.

Stutz: The terms of the licenses will be that if you're distributing it, you're distributing it for non-commercial use.

However, if somebody wanted to do a commercial implementation of the CLI on Linux, they could certainly look at our shared source implementation and learn from it. But then, we would insist that they use their own code, in that case.

We are definitely in the business of selling a commercial implementation of the CLI, which is what we call the .NET framework. Because we're in the business of making money on that, that's sort of where these restrictions on the commercial port side of it come from.

If people thought they were interested in licensing the commercial version, or a commercial license of the shared source version. We're willing to talk. We usually are.

Appealing to academia and open source communities

Throughout the interview, Stutz stressed the importance of offering code and tailoring a license that would appeal to the academic community.

Tim: You've mentioned the academic community a couple of times. And I know from previous conversations with people at Microsoft that one of your biggest concerns about Java is its penetration in university computer science curricula. It seems in that area at least that you have Java envy. Is this designed to attack that problem?

Stutz: We are certainly interested in making this something the academic community would embrace warmly. I would certainly not describe it as Java envy. We believe there's a lot of interesting content in the CLI, lots of very interesting language infrastructure there. The C# language is a great language. It's a nice modern language that fixes a lot of the things that were wrong with VB and fixes a lot of the things that were wrong with Java, and other languages that use runtimes in that way. So we definitely are trying to appeal to the academic community on this.

Tim: So when is it actually going to happen?

Stutz: I think that in fourth quarter we'll have beta bits. We're working with Corel. We have started, we do have dev teams in place. But it's not to the point where it's ready. You wouldn't want to look at it right now. It's limping along pretty badly.

Tim: So one of the differences between open source and shared source is no release-early, release-often?

Stutz: Well, actually that's good feedback. I think this is a pretty significant new development at Microsoft, this style of development. And I intend to learn from the community. And if you're giving me advice that we should think about releasing it earlier and in a more broken state, I'm willing to take that advice to heart and think about that and take that back to the team.

Tim: What are you doing to foster community?

Stutz: We're definitely going to try to foster multiple communities around this code base. ... In an independent announcement last week, Microsoft has started with a thing that's called the shared development process. We may try to be part of that kind of process. We will also certainly try to be part of the more traditional open source communities. This is going to be a learning adventure, for me.

Of course it won't be easy. Microsoft and the open source community have a history based on mutual suspicion.

Tim: There's a lot of skepticism about the subject of Microsoft and standards. Just for example, recent moves, such as changes to the SAMBA protocol are actually patented, so that people can't reverse engineer it without running into patent infringement. These are the kinds of things that make people say, are these really standards, or are they just standard when you can't get people by the short hairs?

Stutz: Tim, I would point you to the book you recommended to me, Cass Sunstein's book, Republic.com. He talks about this concept of deliberative discourse. And I think that's a great word to use for standards groups. Standards bodies don't exist just to stamp an existing implementation. They exist so that the members can actually work out consensus among themselves. And that is something we have been very good for the last n number of years. Certainly since the web services stuff has come up. We've really tried to create a basis based on standards coming from recognized standards organizations. I think that it's not fair to characterize us as someone who's not playing by the rules. We're definitely trying to be a good citizen when it comes to participating in these standards bodies, and now in granting our intellectual property into them.

Tim: I understand that, and in a lot of ways I agree. I guess what I'm trying to address is the feeling that whenever Microsoft says we'll play the standards game here, where's the other shoe? Where's the other piece that you think is going to be where the real value is?

Stutz: I don't think that's a fair characterization. We are in business to make money. We've never minced words about that. We believe in the commercial software model ... which says that we're in a purely intellectual property basis, which Microsoft is, and it's important to us to make money and have a sustainable business model around that.

Tim: But Cisco's in business to make money, as well. And there's a pretty clear dividing line between their standards work and their proprietary software.

Stutz: I think there's a very clear dividing line in our case as well.

Tim. Yeah, but when you take something like Kerberos and you say, let's extend it a little bit and --

Stutz: No, no, no. Let's look at that. Let's take the Kerberos case. We've been very clear about that. The Kerberos case is that, as part of the standards creation process it was recognized that all vendors would be interested in having an extensibility hook so that they could essentially incorporate their own native authentication into the Kerberos web of trust. And that's precisely what we did. We used that hook in a way that was intended. And we are willing to strike business deals with people who want to strike a business deal for that implementation detail. That is not a misuse of that standard. ...

Tim: It seems to be one of the sore points that people keep coming back to.

Stutz: There seems to be this belief that people should just give away what they've done to differentiate themselves, arbitrarily. And we're very up front about working with standards organizations and moving those standards forward. And at the same time, we are interested in having things that will allow us to differentiate ourselves in the marketplace and have a sustainable business model.

Tim: That's fair. I understand the concept. I think there is a trust issue that goes back to the Halloween Documents.

Stutz: There may be, with some communities, a trust issue. I agree with that. One of the intents of the project I'm working on, the CLI implementation, is to start to reach out to those communities.

What's In, What's Not, What's Next

Stutz says that the CLI being offered as shared source is a subset of what's in the .NET framework. The offerings include:

• the ECMAscript compiler, written in C#, which runs on both platforms (Windows, FreeBSD)
• the C# compiler, which also runs on both platforms
• and the shared-source CLI.

It doesn't include

• ASP.NET
• ADO.NET
• Windows Forms

Also, there are high performance memory managers, garbage collectors and compilers that are in the commercial version, but not in the shared source version. "That's something that we want to charge for."

When this shared license is revealed, it will certainly be the most liberal software license Microsoft has offered. But Stutz says it's not out of the question that in the future, Microsoft's licenses will become ever more open.

"This is all about Microsoft getting serious about sharing source code in a very wide way," he said. "And it's also a serious long-term commitment to establishing the CLI as a basis for web services. It's really not a short-term, tactical Java battle."

That said, Microsoft has yet to reveal a draft of the shared source license being announced today.

"We don't actually have a license for you because they're lawyers," Stutz said. "If it was me, I'd have the license."

David Sims was the editorial director of the O'Reilly Network.

Tim O'Reilly is the founder and CEO of O'Reilly Media, Inc., thought by many to be the best computer book publisher in the world. O'Reilly Media also hosts conferences on technology topics, including the Web 2.0 Summit, the Web 2.0 Expo, the O'Reilly Open Source Convention, and the O'Reilly Emerging Technology Conference. Tim's blog, the O'Reilly Radar, "watches the alpha geeks" to determine emerging technology trends, and serves as a platform for advocacy about issues of importance to the technical community. Tim is an activist for open source and open standards, and an opponent of software patents and other incursions of new intellectual property laws into the public domain. Tim's long-term vision for his company is to change the world by spreading the knowledge of innovators. For everything Tim, see tim.oreilly.com.

Rael Dornfest is Founder and CEO of Portland, Oregon-based Values of n. Rael leads the Values of n charge with passion, unearthly creativity, and a repertoire of puns and jokes — some of which are actually good. Prior to founding Values of n, he was O'Reilly's Chief Technical Officer, program chair for the O'Reilly Emerging Technology Conference (which he continues to chair), series editor of the bestselling Hacks book series, and instigator of O'Reilly's Rough Cuts early access program. He built Meerkat, the first web-based feed aggregator, was champion and co-author of the RSS 1.0 specification, and has written and contributed to six O'Reilly books. Rael's programmatic pride and joy is the nimble, open source blogging application Blosxom, the principles of which you'll find in the Values of n philosophy and embodied in Stikkit: Little yellow notes that think.

Return to the .NET DevCenter.

Microsoft's announcement is really a double announcement: They're releasing shared-source versions of their .NET framework to the curious eyes of the developer world, but they're also signalling that they're willing to work more closely with the open source community. Which part of this do you find more interesting?
You must be logged in to the O'Reilly Network to post a talkback.

Showing messages 1 through 13 of 13.

• Standards
  2004-03-03 07:10:53  alder [Reply | View]
  
  
  Kerberos case is ...[skipped]... not a misuse of that standard.

  Well, it was not a misuse of the standard, but IMHO clear violation of the spirit. And the latter is apparently a point they refuse to recognize.

• Good move
  2004-02-26 19:06:11  sword [Reply | View]
  
  
  Before I get into the subject, I just want to say a few things about Microsoft and the open-source community.
  
  I may not have liked Microsoft's earliest editions of Windows (95-98-ME), but since XP kicked in I'm loving the kind of stability it has.
  as we speak, I have 2 operating systems on my computer, a Windows XP and FreeBSD 5.1.2 with XFree86 and Gnome 2.2.4 installed.
  
  Let's face it, Microsoft "has" the biggest share in market because windows is easy to use and maintain.
  Don't get me wrong, I like the open-source community and all, but, is it reliable to get any easy work done?
  I'm not talking about servers or hardcore programmers, I'm talking about the day to day computer users, the ones that open Microsoft word, check their email and log out.
  I haven't tried working with Linux yet, but I've used its desktop environments (GNOME and KDE) on FreeBSD, and it's so far away from Windows, in terms of stability, ease of setting up and most importantly software available.
  
  Sure, there's OpenOffice, there's GIMP, etc., but compare them to their windows peers, does GIMP for instance stand a chance againest Photoshop?
  Of course we can say that Apache kicks IIS in the behind, but I'm still talking about the "normal" usage of computers.
  
  Back again to the ease of use subject, tell a guy who works at a computer shop to install FreeBSD, work through the Kernel, compile it, configure the make files and compile the WM and the desktop environment to have a working X-Window system, don't you think he'd freak out?
  Compare that to the "Next - Next - Next [oh this is where I put that number thing on the back of the case thing] - Next.... Welcome to Windows".
  
  Another point is the open-source thing, people, Microsoft does this for a living, can you go and tell KFC to give away their secret recipe because chefs from around the world would be able to improve it?
  Sure, open-source can be helpful for improving your code, and the technology, etc. But it won't put food on your table.
  Yea, I know all about RedHat and their movement towards profitable open-source products, but then again, do you think they'll ever reach the same profitability of Microsoft's?
  Now, all of you open-source die hards, can you count the people who actually hacked through the source code? did you read all of it and made sure there are no bugs or security holes whatsoever?
  
  Security? bugs? viruses? it's not just Microsoft's, Linux had them, even the all mighty FreeBSD, and very serious bugs as well.
  
  My point is, it's no battle, Microsoft is there for everybody, *nix is there for people who like to do things the hardway and learn more about computers.
  
  Too bad the main subject would get a one liner which is:
  I think it's a very good move from Microsoft, as it'll reach out the hearts and minds of open-source diehards, It'll help power their new .NET technology and C# (when all those FreeBSD servers have an option to use C#), plus we'll get to know what their code really looks like ;)
  
  Don't be hating.
  
  - Eihab E. Ibrahim

• Why MS Prefers The BSD License
  2002-02-24 11:05:39  eldridgelinux [Reply | View]
  
  
  Why? Because BSD can be hijacked and resold, that's why. Where do you think the Win95 TCP/IP implementation came from, or Kerberos, huh? GPL can not be stopped. It is intangible in respect to Microsoft elimination techniques and can not be hijacked, stolen, vanquished, resold, bought out or otherwise raped. (And I mean that last part in a legitimate sense, of course.) In a nutshell, MS is DOOMED, DOOMED, DOOMED, doomed to an extinction they can not resist. Break out the lawn chairs and the caffeinated beverages, because the next five years will be the most spectacularly vindicative and relished years you will ever know! Thanks, MS!
  

• sidestepping the question
  2001-07-03 08:09:40  caldodge [Reply | View]
  
  
  You'll note that Mr. Stutz did NOT respond to the comment about patenting changes to the SAMBA protocol. Why is that, I wonder?

• What about updates?
  2001-06-29 12:52:31  bsalita [Reply | View]
  
  
  CLI for FreeBSD will be a watershed event. What about updates? Can we trust MS to have simultaneous Win/FreeBSD updates? Will FreeBSD CLI become the bastard child? How can it not?
  
  Can CLI everywhere strategy succeed without Linux?
  

• Microsoft's duplicity. Truth is they are using GPL
  2001-06-28 15:33:12  reajos [Reply | View]
  
  
  Microsoft has called the GPL a cancer, if not viral, they have told us, through Billy Gates himself. This is a blatant hyprocrisy (or duplicity). The link below proves that Microsoft themselves can benefit from the GPL without getting infected contrary to what Billy Gates and the top executives claim.
  
  http://www.thestandard.com/article/0,1902,27511,00.html
  
  

• Windows Forms Source not included
  2001-06-28 12:30:15  philwigglesworth [Reply | View]
  
  
  From my perspective Microsoft are not releasing the most useful code - that of the ASP.NET controls and the Windows Forms Controls.
  In Delphi we have been used to having full disclosure of the Windows classes source code. This wasn't used to go out & compete with Borland, but rather to understand what was *really* needed to implement controls and wrappers to make them "hot". The result was many high quality 3rd party components that worked well.

• Miguel de Icaza writes...
  2001-06-28 10:45:31  David Sims | [Reply | View]
  
  

  
  After reading Tim's interview, GNOME founder and Ximian co-founder and CTO Miguel de Icaza wrote to Tim:
  
  

  
  
  I have a theory about the Microsoft announcement 
  
  and the GPL:  I do not think that the GPL is a
  
  problem for them.  The fact that the kernel is 
  
  under the GPL is completely irrelevant.  For that 
  
  matter FreeBSD uses GPL tools (to compile its own 
  
  kernel for example) or in the form of 
  
  Samba/Perl/KDE/GNOME.
  
   
  
  My impression is that by providing a FreeBSD-only 
  
  version of .NET they are hoping to split the 
  
  open source server user base between a bunch of 
  
  systems;  Maybe they are hoping to slow down 
  
  Linux adoption for server applications as Linux 
  
  `won't have a .NET implementation, only FreeBSD'
  
  
  
   
  
  All in all, it was a smartly thought campaign ... 
  
  
  
  Best!
  
  
  
  Miguel.
  
  
  
  

  
  
  

• MS and the GPL world
  2001-06-28 07:46:11  lemery [Reply | View]
  
  
  Given the freedom of aplicability of open source, it really makes no sense for MS to inject itself into the arena. It would seem to me that MS is trying to corner yet another market by simply implying that it has software out there and owns it.
  
  In other words, if MS writes a specific application or utility and hangs it's name on it, then by the time some user has returned it to the pool, it will give MS a clear avenue to hang the poor user out to dry beacause of some obscure sentence MS has added to the souce code that doens't allow change wiht MS's say so.
  
  I would consider any intrusion into the open source arena as dangerous at the very least.

• its a shame
  2001-06-27 17:05:50  onepatrick [Reply | View]
  
  
  i think this complete article is a shame.
  i think this article demonstrates what much
  of what is wrong with the united states.
  one of the most wealthy american companies
  is terrified of the word Linux and will do anything
  in its power to destroy them. i think this
  article is a shame.

• Think Before Reacting
  2001-06-27 16:17:50  enloop [Reply | View]
  
  
  While I can't comment on the wording of a license that has been released yet, the response from the open source community should be well-considered and thoughtful. In other words, take this announcement for what it is worth and don't succumb to a visceral reaction equating All Things From Microsoft with Pure Evil. As the man says, they are in business to make money. That is not the same as being in business to foster an intellectual conversation or an altruistic pursuit of the "best" software. That Microsoft seems to be making a clear distinction between the GPL and the FreeBSD-style license is no surprise.

• Read between the lines. All your codes will belong to us.
  2001-06-27 12:01:29  reajos [Reply | View]
  
  
  If you remember the popular (sic) phrase
  "All your bases are belong to us!". Here's a nice summary about Microsoft's
  stance about open source:
  
  "All your open-source codes are belong to us. And all the source codes that we share for open-source are still belong to us. And if you read our shared open source codes, you are belong to us!"
  
  Overall, this is unfair. While Microsoft will freely use and make proprietary for profit, any contributions to the open source, they will not allow you to freely (without royalties and licensing) do a for-profit or commercial deployment using their shared open source. THIS IS VERY UNFAIR and ONE-SIDED OPEN-SOURCE scheme ever concocted!!!
  
  Let it be both or all ways. ANYBODY CAN FREELY USE IN ANY MANNER FOR PROFIT or other purposes to create proprietary derivatives or finished products from all the contributed open-sourced codes! Anybody can freely contribute likewise, for the world to see. Just like a scientific and academic contributions where the only reward is the recoginition of an author's contributions.
  
  

• Kerberos and SOAP Double-Speak
  2001-06-27 10:07:25  kentdorsey [Reply | View]
  
  
  Stutz talks about "hooks" in standards as a way to allow for MS and other vendors to add value and compete on implementation. Just as the GPL indirectly undermines the MS existing commercial software model, such "hooks" indirectly break the standards by destroying interoperability.
  
  MS is attempting this same tactic with SOAP. If one vendor's single proprietary extension becomes a "de facto" standard due to overwhelming market share, then the standard initiative has become pointless. The same problem occurs if the proprietary "hook" is used as a replacement to a competing and interoperable portion of the standard.
  
  The solution: No more of these "hooks" in standards. Compete purely on implementation of a pure standard with all elements equally owned by all. This model has inspired the vendor rush to adopt server-side Java.
  
  Stutz's legalistic defense of the crippling of the Kerberos standard by MS smacks of a disingenuous commitment to the spirit of a standard. When such "loopholes" are found in most standards, they are usually corrected and closed.
  
  Stutz talks - and apparently thinks - like a MS lawyer. There is no recognition in his words of the intangible benefits of sharing source code: the enhanced creativity and evolution of new ideas through knowledge sharing, open dialogue and meaningful community discourse. These benefits center on the architecture of community building.
  
  MS does not embrace these values; the words of Stutz in the article always center around the concept of "control". There is no altruism by MS present here.