Microsoft Open Specification Promise

The Microsoft Open Specification Promise (or OSP) is a promise by Microsoft, published in September 2006, to not assert its patents, in certain conditions, against implementations of a certain list of specifications.

The OSP is not a licence, but rather a covenant not to sue. It promises protection but does not grant any rights.

The OSP is limited to implementations to the extent that they conform to those specifications. This allows for conformance to be partial. So if an implementation follows the specification for some aspects, and deviates in other aspects, then the Covenant Not to Sue applies only to the implementation's aspects which follow the specification.

Relations with free software / open source projects
The protections granted by the OSP are independent to the licence of implementations. There is disagreement as to whether the conditions of the OSP can be fulfilled by free software / open source projects, and whether they thus gain any protection from the OSP.

An article in Cover Pages quotes Lawrence Rosen, an attorney and lecturer at Stanford Law School, as saying,

"I'm pleased that this OSP is compatible with free and open-source licenses."

Linux vendor Red Hat's stance, as communicated by lawyer Mark Webbink in 2006, is:

"Red Hat believes that the text of the OSP gives sufficient flexibility to implement the listed specifications in software licensed under free and open-source licenses. We commend Microsoft's efforts to reach out to representatives from the open source community and solicit their feedback on this text, and Microsoft's willingness to make modifications in response to our comments."

Standards lawyer Andy Updegrove said in 2006 the Open Specification Promise was

"what I consider to be a highly desirable tool for facilitating the implementation of open standards, in particular where those standards are of interest to the open source community."

However, the Software Freedom Law Center, a law firm for free software and open source software, has warned of problems with the OSP for use in free software / open source software projects. In a published analysis of the promise it states that "...it permits implementation under free software licenses so long as the resulting code isn't used freely."

Their analysis warned of a possible inconsistency with GPL. This applies specifically to the patent promise scope being limited to conforming implementations of covered specifications only.

Effectively when an implementer owns a patent and builds that patent technology in GPL3 licensed code, the implementer grants those first party patent rights downline to all re-users of that code. When the code is reused, the OSP only applies as long as the reuse of that code is limited to implementing the covered specifications.

Other patent promises with similar limitations include IBM's Interoperability Specifications Pledge (ISP) and Sun Microsystems' OpenDocument Patent Statement. This means, for example, that use of the required Sun patented StarOffice-related technology for OpenDocument should be protected by the Sun Covenant, but reuse of the code with the patented technology for non-OpenDocument implementations is no longer protected by the related Sun covenant.

For this reason the SFLC has stated: "'The OSP cannot be relied upon by GPL developers for their implementations not because its provisions conflict with GPL, but because it does not provide the freedom that the GPL requires.'"

The SFLC specifically point out:
 * new versions of listed specifications could be issued at any time by Microsoft, and be excluded from the OSP.
 * any code resulting from an implementation of one of the covered specifications could not safely be used outside the very limited field of use defined by Microsoft in the OSP.

The Microsoft OSP itself mentions the GPL in two of its FAQs. In one it says, "'we can't give anyone a legal opinion about how our language relates to the GPL or other OSS licenses'."

In another, it specifically only mentions the "developers, distributors, and users of Covered Implementations", so excluding downstream developers, distributors, and users of code later derived from these "Covered Implementations" and it specifically does not mention which version of the GPL is addressed, leading some commentators to conclude that the current GPLv3 may be excluded. "Q: I am a developer/distributor/user of software that is licensed under the GPL, does the Open Specification Promise apply to me? A: Absolutely, yes. The OSP applies to developers, distributors, and users of Covered Implementations without regard to the development model that created such implementations, or the type of copyright licenses under which they are distributed, or the business model of distributors/implementers. The OSP provides the assurance that Microsoft will not assert its Necessary Claims against anyone who make, use, sell, offer for sale, import, or distribute any Covered Implementation under any type of development or distribution model, including the GPL."

Licensed technologies
Technologies on which the Open Specification Promise applies are:

Web Services

 * Devices Profile for Web Services (DPWS)
 * Identity Selector Interoperability Profile v1.0
 * Identity Selector Interoperability Profile v1.5
 * Open Data Protocol (OData)
 * Remote Shell Web Services Protocol
 * SOAP
 * SOAP 1.1 Binding for MTOM 1.0
 * SOAP MTOM / XOP
 * SOAP-over-UDP
 * Web Single Sign-On Interoperability Profile
 * Web Single Sign-On Metadata Exchange Protocol
 * WS-Addressing
 * WS-Addressing End Point References and Identity
 * WS-AtomicTransaction
 * WS-BusinessActivity
 * WS-Coordination
 * WS-Discovery
 * WSDL
 * WSDL 1.1 Binding Extension for SOAP 1.2
 * WS-Enumeration
 * WS-Eventing
 * WS-Federation
 * WS-Federation Active Requestor Profile
 * WS-Federation Passive Requestor Profile
 * WS-I Basic Profile
 * WS-Management
 * WS-Management Catalog
 * WS-MetadataExchange
 * WS-Policy
 * WS-PolicyAttachment
 * WS-ReliableMessaging
 * WS-RM Policy
 * WS-SecureConversation
 * WS-Security: Kerberos Binding
 * WS-Security: Kerberos Token Profile
 * WS-Security: Rights Expression Language (REL) Token Profile
 * WS-Security: SAML Token profile
 * WS-Security: SOAP Message Security
 * WS-Security: UsernameToken Profile
 * WS-Security: X.509 Certificate Token Profile
 * WS-SecurityPolicy
 * WS-Transfer
 * WS-Trust

Web

 * OpenService Format Specification (a.o. Accelerator)
 * Web Slice Format Specification introduced with Internet Explorer 8
 * XML Search Suggestions Format Specification

Virtualization Specifications

 * Virtual Hard Disk (VHD) Image Format Specification
 * Microsoft Application Virtualization File Format Specification v1
 * Hyper-V Functional Specification

Security

 * RFC 4406 – Sender ID: Authenticating E-Mail
 * RFC 4408 – Sender Policy Framework: Authorizing Use of Domains in "Mail From"
 * RFC 4407 – Purported Responsible Address in E-Mail Messages
 * RFC 4405 – SMTP Service Extension for Indicating the Responsible Submitter of an E-Mail Message
 * RFC 7208 – Sender Policy Framework (SPF) for Authorizing Use of Domains in Email
 * U-Prove Cryptographic Specification V1.0
 * U-Prove Technology Integration into the Identity Metasystem V1.0

XML file formats

 * Office 2003 XML Reference Schemas
 * Office Open XML 1.0 – Ecma-376
 * Office Open XML ISO/IEC 29500:2008
 * OpenDocument Format for Office Applications v1.0 OASIS
 * OpenDocument Format for Office Applications v1.0 ISO/IEC 26300:2006
 * OpenDocument Format for Office Applications v1.1 OASIS

Binary file formats

 * Word 97-2007 Binary File Format (.doc) Specification
 * PowerPoint 97-2007 Binary File Format (.ppt) Specification
 * Excel 97-2007 Binary File Format (.xls) Specification
 * Excel 2007 Binary File Format (.xlsb) Specification
 * Office Drawing 97-2007 Binary Format Specification

Structure specifications

 * [MS-DOC]: Word Binary File Format (.doc) Structure Specification
 * [MS-PPT]: PowerPoint Binary File Format (.ppt) Structure Specification
 * [MS-XLS]: Excel Binary File Format (.xls) Structure Specification
 * [MS-XLSB]: Excel Binary File Format (.xlsb) Structure Specification
 * [MS-ODRAW]: Office Drawing Binary File Format Structure Specification
 * [MS-CTDOC]: Word Custom Toolbar Binary File Format Structure Specification
 * [MS-CTXLS]: Excel Custom Toolbar Binary File Format Structure Specification
 * [MS-OFORMS]: Office Forms Binary File Format Structure Specification
 * [MS-OGRAPH]: Office Graph Binary File Format Structure Specification
 * [MS-OSHARED]: Office Common Data Types and Objects Structure Specification
 * [MS-OVBA]: Office VBA File Format Structure Specification
 * [MS-OFFCRYPTO]: Office Document Cryptography Structure Specification

Windows compound formats

 * [MS-CFB] Windows Compound Binary File Format Specification

Graphics formats

 * Windows Metafile Format (.wmf) Specification
 * Ink Serialized Format (ISF) Specification
 * JPEG XR (.jxr) Format

Microsoft computer languages

 * [MS-XAML]: XAML Object Mapping Specification 2006 (Draft v0.1)
 * [MS-XAML]: XAML Object Mapping Specification 2006 (v1.0)
 * [MS-WPFXV]: WPF XAML Vocabulary Specification 2006 (Draft v0.1)
 * [MS-WPFXV]: WPF XAML Vocabulary Specification 2006 (v1.0)
 * [MS-SLXV]: Silverlight XAML Vocabulary Specification 2008 (Draft v0.9)

Robotics

 * Decentralized Software Services Protocol – DSSP/1.0

Synchronization

 * FeedSync v1.0, v1.0.1

Windows Rally Technologies

 * Windows Connect Now – UFD and Windows Vista
 * Windows Connect Now – UFD for Windows XP

Published protocols
In Microsoft's list of covered protocols there are many third-party protocols which Microsoft did not create but for which they imply they have patents which are necessary for implementation:


 * AppleTalk
 * [MC-BUP]: Background Intelligent Transfer Service (BITS) Upload Protocol Specification
 * [MC-CCFG]: Server Cluster: Configuration (ClusCfg) Protocol Specification
 * [MC-COMQC]: Component Object Model Plus (COM+) Queued Components Protocol Specification
 * [MC-FPSEWM]: FrontPage Server Extensions: Website Management Specification
 * [MC-SMP]: Session Multiplex Protocol Specification
 * [MC-SQLR]: SQL Server Resolution Protocol Specification
 * 1394 Serial Bus Protocol 2
 * IBM NetBIOS Extended User Interface (NetBEUI) v 3.0
 * IEC 61883-1
 * IEEE 1284 – Interface - Parallel
 * IEEE 802.1x - 2004
 * Infrared Data Association (IrDA) Published Standards
 * Intel Preboot Execution Environment (PXE)
 * Novell Internetwork Packet Exchange (IPX)
 * Novell Sequenced Packet Exchange (SPX)
 * Novell Service Advertising Protocol (SAP)
 * and – NetBIOS over TCP (NETBT)
 * Serial Line Internet Protocol (SLIP, )
 * ,, and – Routing Information Protocol 1.0, 2.0 (RIP)
 * ,, and – Internet Group Management Protocol (IGMP) v1, v2, and v3
 * ,, , , , , , , , , , and : Simple Network Management Protocol v2 (SNMP)
 * – Line Printer Daemon (LPD)
 * ,, , and – TCP/IP Extensions
 * – ICMP Router Discovery Messages
 * and – Remote LOGIN (rlogin)
 * and – Internet Protocol Control Protocol (IPCP)
 * – Password Authentication Protocol (PAP)
 * – Traceroute
 * – Internet Gopher
 * ,, and – Internet Protocol over Asynchronous Transfer Mode (IP over ATM)
 * and – Kerberos Network Authentication Service (v5)
 * – PPP Internetwork Packet Exchange Control Protocol (IPXCP)
 * – Point-to-Point Protocol (PPP)
 * Section 2.2 – Packet Internet Groper (ping)
 * and – Real-Time Transport Protocol (RTP)
 * and – Post Office Protocol, v3 (POP3)
 * – Compression Control Protocol (CCP)
 * – Multilink Protocol (MP)
 * – MD5 Challenge Handshake Authentication Protocol (MD5-CHAP)
 * – NetBIOS Frames Control Protocol (NBFCP)
 * – Microsoft Point-to-Point Compression (MPPC)
 * – Bandwidth Allocation Protocol (BAP)
 * ,, and – Dynamic Host Configuration Protocol (DHCP)
 * ,, and – Resource Reservation Setup (RSVP)
 * – Simple Authentication and Security Layer (SASL)
 * – Asynchronous Transfer Mode
 * Server Message Block
 * Sun Microsystems Remote Procedure Call (SunRPC)
 * T.120
 * Tabular Data Stream (TDS) v7.1, 7.2, 7.3
 * Universal Plug and Play (UPnP)
 * Universal Serial Bus (USB) Revision 2.0