|
I write as the executive director of the Email Service Provider Coalition (ESPC). The ESPC is a trade association made up of 54 email service providers. We estimate that our members provide delivery services to over 250,000 senders in the US alone. And according to Ironport’s SenderBase, our members deliver approximately 12% of all email.
Both in a personal capacity and as a trade association, I write today to express strong support for Sender ID. The ESPC has been advocating for authenticated email solutions for almost two years and feel that this is a critical first step toward more comprehensive solutions to the spam problem. Last year, the ESPC published a white paper on our vision for authenticated email (Project Lumos, authored by Hans Peter Brondmo and Margaret Olson).
Within our organization, we have had three corporate attorneys from member companies review the Microsoft license (I too am an attorney, although not trained or licensed in patent law). Resoundingly, we have found that the issues raised within MARID are addressable, or at worst understandable, given the context of situation. I personally believe that Microsoft is acting in good faith and in a rational manner and has moved forward with patent protections as a defensive response to very real risks. (See http://www.groklaw.net/article.php?story=20040901004705872 for a decent discussion on the reasoning behind a defensive patent claim on an otherwise “free” license.)
Based on our review, the license terms have been deemed acceptable. The fact that pending patent claims are present is nothing new to the IETF. Many RFCs have gone forward with IPR claims. The issue should then distill to whether the license presented is consistent with IETF standards. I believe that Microsoft has complied with, and indeed exceeded, the standards. The IETF has been notified of the IPR claims and royalty-free, non-discriminatory license terms have been offered. What more is required?
Much has been made of the fact that the pending patent content has not been disclosed. While this may be disconcerting to some, it represents a balanced strategy to protect against predatory claims downstream. A patent application is the first time that a company exposes proprietary information. Any attorney representing a corporation would counsel against disclosure of the patent at this stage in the process. Suggestions that this inappropriate (particularly from attorneys) fail to recognize the risks associated with disclosure of the patent content.
Even more has been said about the sub-licensing of Sender ID. While I do acknowledge the concerns of many on this list, we feel that the friction caused by sub-licensing is a worthwhile quid pro quo for the greater value of broad implementation of an authenticated email solution. Again, any attorney acting as counsel for a corporation would seek such terms. They are neither surprising, nor objectionable.
I do want to raise one issue that has not been discussed on MARID yet (at least as far as I have seen). The eyes of the world are upon industry at this time and great expectations have been created for authenticated email technologies to emerge quickly and broadly. The Federal Trade Commission recently issued a report to Congress and strongly advocated for authenticated email solutions. They will be holding a workshop on the topic later this fall. Failure to move forward with Sender ID at this juncture will likely put us back at least 6 months and perhaps more. Such a delay will only invite interference from legislators and regulators. I certainly do not think that is in the best interests on anyone!
Finally, I want to share a dystopian vision of how things may play out if we fail to move Sender ID forward. Multiple IP-based authentication mechanisms will be a disaster for email. We run the risk of balkanized ISP solutions – and the ensuing demands of multiple protocols on all senders. Not a good result coming out of an effort to create a standard!
I urge the participants on this list to consider the greater good that will be borne from the wide adoption of Sender ID. This is a good tool. The actions of the various parties involved are understandable and reasonable. The license terms are workable and within the scope of IETF standards and history. And it will have a positive effect on our ability to reduce phishing and protect legitimate email.
J. Trevor Hughes Executive Director NAI
207 351 1500 (o) 207 351 1501 (f)
|