Web dev in DC http://ross.karchner.com
754 stories

Microsoft and Open Source: An unofficial timeline

1 Share
Microsoft and Open Source: An unofficial timeline

The profound cultural shift towards open source did at Microsoft was the result of sustained efforts within the company by open source advocates. Microsoft's shift is a model for positively transforming organizations. It is also a testament to the power of collaboration in technology. After Build 2020 it is now clear Microsoft is a Linux and open source company.

This is a very brief timeline of Microsoft's evolution into an open source leader. It is an attempt to provide historical context of a two-decades-long process. An open source version of this post is maintained on GitHub.

This is not endorsed by Microsoft, Canonical, or any person, company, or project mentioned here.



  • Microsoft begins experimenting with 'shared source', including SSCLI, the core of .NET


  • WiX, the first project from Microsoft under an OSS approved license, is released
  • Begins cross-licensing software patents with Linux vendors


  • F# released under the Apache 2.0 license


  • CodePlex announced
  • Ports PHP to Windows, upstreams code under PHP license
  • Partners with Novell to improve open source interoperability


  • Open Source Initiative approves Microsoft Public License
  • Provides access to Windows NT kernel source for research to universities
  • Open sources IronRuby and IronPython
  • Reaches agreement with EU to reduce costs of licensing patents and specifications
  • Scheduled to exit US DOJ antitrust oversight, voluntarily agrees to extended oversight


  • Forms Open Web Foundation with Google, Facebook, Sun, IBM, and Apache
  • Joins Apache Software Foundation
  • Releases source for Singularity, an experimental OS to CodePlex
  • Begins distributing the open source jQuery JavaScript library with Visual Studio
  • Acquires Powerset, it's first open source acquisition, upstreams code from HBase to Apache Hadoop


  • Begins contributing to Linux kernel
  • Forms independent CodePlex Foundation, later known as Outercurve Foundation to promote open source
  • Apologizes after download on website is found to have GPL code, properly open sources download
  • Promises not to enforce patents against open source implementations of C#, e.g. Mono
  • Settles a dispute with TomTom over FAT32 software patents, avoiding further conflict with open source
  • Reaches settlement with EU to provide users a choice of web browsers on Windows installation
  • Platform Strategy Group begins an internal push for embracing open source
  • "Burning the Ships: Transforming Your Company's Culture Through Intellectual Property Strategy" is published on Microsoft's embrace of open collaboration
  • "Has Microsoft lost its war on open source?" InfoWorld



  • Acquires Skype, maintains Linux client
  • Begins contributing code to Samba
  • Exits antitrust oversight by US DOJ
  • Ports Node.js to Windows, upstreams code under Apache License 2.0
  • 📰 "Microsoft Embraces Elephant of Open Source" Wired


  • Azure begins hosting Linux virtual machines
  • Codeplex supports git
  • Begins contributing to git and collaborates with GitHub on LibGit2
  • Ports Apache Hadoop to Windows, upstreams code under MIT
  • Open sources ASP.NET, MCV, Razor, and Web API under Apache 2.0
  • Forms Microsoft Open Technologies, Inc.
  • Releases TypeScript under Apache 2.0, first Microsoft project on GitHub
  • Canonical closes Ubuntu bug #1
  • 📰 "Microsoft opens up" O'Rielly


  • Steve Ballmer resigns
  • VM Depot announced, community-driven repository of Linux and BSD virtual machines for Azure
  • Microsoft challenges broad US warrant for overseas e-mails and helps create a new law improving e-mail privacy
  • 📰 "Microsoft's Open Source Company Is a Year Old. But What Is It?" Wired


  • Satya Nadella appointed CEO
  • The full .NET stack, Microsoft's flagship development toolkit, is open sourced and contributed to .NET Foundation
  • Implements AllJoyn support in Windows, contributes code upstream
  • Creates official GitHub presence
  • Contributes to OpenJDK
  • "Microsoft loves Linux." - Satya Nadella
  • 📰 "More open-source at Microsoft? You'd better believe it" VentureBeat


  • Visual Studio Code released, releases Linux build
  • Co-founds Node.js Foundation
  • Joins R Foundation
  • Open sources Matter Center, Microsoft's legal practice management software
  • Open sources Chakra, legacy Microsoft Edge’s JavaScript engine
  • 📰 "How Open Source Is Shaping Microsoft's Future" RedmondMag


  • Windows Subsystem for Linux announced in partnership with Canonical
  • Joins Linux Foundation
  • Open sources PowerShell, releases Linux build
  • Begins porting Sysinternals to Linux
  • Acquires Xamarin, relicenses Mono under MIT license
  • Acquires LinkedIn, maintains Apache Kafka as open source
  • SQL Server released for Linux
  • Begins hosting Linux Foundation courses on edX
  • SONiC released, based on Debian GNU/Linux
  • "The company has become an enthusiastic supporter of Linux and of open source and a very active member of many important projects." - Jim Zemlin, Executive Director of The Linux Foundation
  • 📰 "Why Microsoft is turning into an open-source company" ZDNet


  • Satya Nadella releases "Hit Refresh: The Quest to Rediscover Microsoft's Soul and Imagine a Better Future for Everyone" describing his vision for an open and collaborative Microsoft
  • Forms Open Source Programs
  • Joins Open Source Initiative
  • Joins Cloud Native Computing Foundation
  • Joins MariaDB Foundation
  • Acquires Deis
  • Open sources Git Virtual File System (GVFS), the work done moving Windows to git
  • Opens Microsoft Store to open source applications
  • Better privacy controls, privacy dashboard, and diagnostic data transparency introduced in Windows
  • Announces Linux development with C++ in Visual Studio
  • Gives keynote at Open Source Summit North America
  • Moves Windows development to git
  • 📺 Microsoft Loves Open Source: Becoming the Largest Contributor - GitHub Universe 2017
  • 📰 "How Microsoft Is Shifting Focus to Open Source" The New Stack
Microsoft and Open Source: An unofficial timeline
Satya Nadella gives background on Microsoft transformation


  • Joins Open Innovation Network, cross-licenses 60,000 patents with open source community
  • Acquires GitHub
  • "We are all in on open source." - Satya Nadella
  • GitHub Actions is released, providing free CI/CD for open source projects
  • Windows Subsystem for Linux 2 announced powered by Linux kernel
  • Begins using Citus and PostgreSQL on Ubuntu to analyze telemetry from Windows test builds on employee devices
  • PowerShell released as a snap
  • OpenSSH included in Windows
  • Shifts their mobile application strategy to Android, begins contributing to Android developer ecosystem
  • Windows Calculator released as open source
  • 📰 "Microsoft may be the world's largest open source contributor" TechRepublic


  • Visual Studio Code released as a snap
  • GitHub announces GitHub Sponsors, lowers prices
  • Edge browser released based on open source Chromium
  • Linux surpasses Windows usage on Azure
  • Begins adopting open source-style collaboration internally
  • Teams released for Linux
  • Acquires Citus Data, maintains open source project
  • Joins OpenChain
  • Files amicus brief at the US Supreme Court in support of open source and Linux
  • Creates Open Application Model with Alibaba Cloud as a Open Web Foundation project
  • Releases new Windows Terminal and PowerToys as open source
  • Published exFAT as open specification, contributes patents to OIN, and upstreams driver to Linux kernel
  • Stores all public GitHub repos for 1,000 years in Svalbard, Norway
  • Joins Unified Patents Open Source Zone to defend open source from patent trolls
  • Announces Android-based smartphone, Surface Duo, with a Linux kernel
  • Open sources SPTAG, a crucial search algorithm used by Microsoft
  • Open sources SandDance, a data visualization tool
  • Open sources the Microsoft C++ Standard Library
  • Open sources Interpret ML
  • Open sources Quantum Development Kit, a quantum computing SDK
  • Satya Nadella speaks at Red Hat Summit
  • Richard Stallman speaks at Microsoft, states "we should not maintain a burning grudge over actions that ended years ago"
  • Linux Torvalds quoted at Linux Plumbers Conference as saying Microsoft "have changed"
  • JS Foundation and Node.js Foundation merge to form OpenJS Foundation, Microsoft contributes Electron to OpenJS Foundation
  • Scott Hanselman gives keynote at NDC London laying out Microsoft's open source vision
  • 📰 "Microsoft: The open source company" Ars Technica


  • Acquires npm, the Node package manager
  • Hosts WSLConf, the first conferenced dedicated to WSL
  • Microsoft president Brad Smith admits being wrong about open source
  • Edge browser port to Linux seen at Build
  • Pushes improvements to Chromium upstream
  • Releases open source Windows Package Manager
  • Open sources dataset to help fight COVID-19-related cybersecurity threats
  • Open sources Java extension for SQL Server
  • Open sources MSQuic, a Windows NT kernel library for QUIC
  • Open sources Petridish, a neural architecture search algorithm for deep learning
  • Open sources Project Rocket, a software stack to perform live video analysis by AI/ML
  • Open sources Project Bonsai, a machine teaching service
  • Open sources Application Inspector, cross-platform source code security analyzer
  • Open sources TensorWatch, a debugging tool for AI and deep learning
  • Open sources Project Verona, a Rust-inspired research language
  • Upstreams open source improvements to QNNX natural language model
  • Linux-based Azure Sphere OS released
  • Announces plans to open source Fluid Framework
  • Announces Python for Excel
  • Ad features Ubuntu on Surface Book 3
  • 📰 "Microsoft’s romance with open source software is on display at Build 2020" Ars Technica

Known Open Source Collaborations

  • Canonical
  • Red Hat
  • SuSE
  • Debian
  • IBM
  • Oracle
  • Google
  • Kali Linux
  • HashiCorp
  • Whitewater Foundry
  • Redis Labs
  • Elastic
  • Samsung
  • Cloudera
  • Docker
  • Nokia
  • Allianz
  • Chef
  • Puppet
  • React Native
  • Flutter
  • HashiCorp
  • Nvidia
  • BMW
  • Apache Cassandra
  • Apache Kafka
  • Apache Hadoop
  • Apache Spark
  • Linux Foundation
  • Cloud Native Computing Foundation
  • OpenDaylight
  • Open Container Initiative
  • R Consortium
  • F# Foundatoin
  • .NET Foundation
  • Open API Initiative
  • Confidential Computing Consortium
  • OpenChain
  • TODO Group
  • Open Source Initiative
  • Apache Software Foundation
  • iZootoo

Select Open Source Projects

The list below is incomplete. opensource.microsoft.com current lists 1,155 open source projects at Microsoft and it would not be possible to curate them all here.

Microsoft and Open Source: An unofficial timeline

Here is a list of selected projects:

Dev Tools


Web Dev Tools

  • Edge dev tools
  • Playwright - Node library to automate Chromium, Firefox and WebKit with a single API
  • Blazor




  • Azure CLI
  • Open Enclave SDK - A hardware-agnostic open source library for developing applications that utilize hardware enclaves.




  • WorldWide Telescope - A visualization environment that brings together imagery from the world's best ground- and space-based telescopes
  • Project Mu - The UEFI core used in Microsoft Surface and Hyper-V

Programming Languages

  • TypeScript - Programming language similar to JavaScript, among the most popular on GitHub
  • Bosque - An experiment in regularized design for a machine assisted rapid and reliable software development lifecycle
  • Verona - Research programming language for concurrent ownership
  • SPTAG - A library for fast approximate nearest neighbor search
  • P - A language for asynchronous event-driven programming

More Open Source at Microsoft

Historic Open Source Contributions

  • Linux® is a registered trademark of Linus Torvalds in the United States and/or other countries. *
  • Windows®, Windows 10®, Microsoft®, Visual Studio®, Azure®, and PowerShell® are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. * **
  • Ubuntu® and Canonical® are registered trademark of Canonical Limited in the United States and/or other countries. *
  • SUSE® is a registered trademark of SUSE in the United States and/or other countries. *
  • Red Hat® is a trademark or registered trademark of Red Hat, Inc. in the United States and/or other countries. *
  • Debian® is a registered trademark of Software in the Public Interest, Inc. in the United States and/or other countries. *
  • Kali Linux® and Offensive Security® are registered trademarks of OffSec Services, Ltd. *
  • Docker® and Docker Hub® are registered trademarks of Docker, Inc. *
  • Oracle and Oracle Linux are trademarks or registered trademarks of Oracle, Inc. *

All other trademarks mentioned herein are the property of their respective owners and may be registered in the United States and/or other countries.

If you like my list making skills, check out Awesome WSL and Awesome UNIX.

Read the whole story
1 day ago
Share this story

AWS CLI v2 now available for Linux ARM

1 Comment and 2 Shares

With the release of 2.0.15 of the AWS CLI v2, we are excited to announce the availability of aarch64 builds of the AWS CLI v2. This launch includes a new Linux ARM installer to add to the current AWS CLI v2 installation mechanisms:

The Linux ARM installer supports 64-bit ARM-based platforms such as Amazon EC2 A1 instances with the most recent distributions of Amazon Linux 2, Ubuntu, Fedora, Debian, or CentOS.

Installer usage

To demo the Linux ARM installer, I’ll be running all commands from an Amazon EC2 A1 instance:

$ uname -r

If you are familiar with the AWS CLI v2 Linux x86 installer, the installation steps are the same, except the installer is prebuilt for ARM instead of x86. First, download the Linux ARM installer:

$ curl -O 'https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip'

Once downloaded, unzip the ZIP file and run the install script:

$ unzip awscli-exe-linux-aarch64.zip
$ sudo ./aws/install
You can now run: /usr/local/bin/aws --version

Once the install script completes, you can now use the AWS CLI v2:

$ aws --version
aws-cli/2.0.15 Python/3.7.3 Linux/4.14.173-137.229.amzn2.aarch64 botocore/2.0.0dev19

Next steps

To learn more about managing your AWS CLI v2 installation for ARM-based Linux machines please visit its section in the AWS CLI v2 user guide. For more information about the other AWS CLI v2 installation mechanisms, please visit the installation section. For any feedback on the Linux ARM installer or the AWS CLI v2, please open an issue in the AWS CLI GitHub repository. We look forward to hearing your feedback.

Read the whole story
5 days ago
4 days ago
Akron, OH
Share this story

It’s a good day.


I WHEEZED like a busted accordion after carrying a bag of empty bottles down the hall to the recycling room in my apartment building, a journey of no more than 20 paces in each direction. I breathe normally as long as I don’t expend more physical energy than it takes to sit still in bed.

I first noticed I was sick on February 20, and figured it was a cold. When I hadn’t improved after three weeks, I consulted a physician, who informed me I had COVID-19. A week later, he told me I had pneumonia as well. If you’re doing the math, I’ve been sick for three months and counting.

My daughter and her mother have it too. We took every precaution, and still do. We’re zealots about following the doctor’s (and our kid’s pediatrician’s) advice, along with the instructions of the CDC and state and local authorities. We read all five hundred daily news articles about the disease. We rest, hydrate, quarantine, and wash our hands slightly less obsessively than Lady Macbeth.

Mainly we sleep.

Oh, how we sleep. I just now woke up from three hours of narcosis-tinged, nightmare-filled, exhausted napping, and can’t wait to hit the pillow again for more.

On weekdays, from 8:00 AM ‘til noon, I make myself get out of bed, sit at my desk, and work at my job. It’s a great job and I’m beyond privileged to work remotely for a company I believe in. I wish I could do more, but by 12:00 I’m ready to pass out.

Instead, I bid good day to my colleagues and wake my daughter, who’s too sick to remotely attend her closed school, and who sleeps straight through daddy’s work day. I make us both brunch and we consume it on the couch. While eating, wrapped in blankets, we watch 20 minutes of video and then go back to sleep.

Ava sleeps in her loft bed with our 11-year-old cat Snow White. If we are late for our afternoon sleep, Snow White climbs up to the loft bed alone, and stares down the hall at Ava until she gets the message.

I sleep in my king-size formerly marital bed, alone except for an iPad. Thanks to the Criterion Channel, I’ve slept through several dozen masterpieces of world cinema.

On Thursday of last week, wanting to test the upper limits of my recovery, I experimentally pushed myself to put in an extra hour of work by attending a phone meeting for my conference business, but the experiment failed: I fell asleep midway through the call. Fortunately my colleagues didn’t need me—they’ve been soldiering on without me since mid-March. I was muted and they probably didn’t even know I’d fallen asleep. I should be embarrassed to confess having fallen asleep during a meeting, but hey, it wasn’t my doing: it was COVID-19 and pneumonia’s idea.

This is our normal, now.

This is what recovery looks like for my family: an endless sleeping sickness.

Every weekday I wake up energetic, convinced that I’m definitely getting better. Even with all the sleeping, I really am sure I am recovering. People who care ask how I’m doing. It’s hard tell them. They want to hear I’m getting better. I try not to disappoint them. But I don’t lie. Things are about the same. And about the same. And about the same. Yes, I’m getting better. No, nothing has really changed.

Our fevers are long gone. We are not contagious. We wheeze and are exhausted.

This what recovery looks like on weekdays. On weekends, I sleep all day.

Penne? Or big penne?

Unlike healthy people, I don’t resent my quarantine. I’m grateful to have shelter. I know that shelter, like health and financial security, can be taken away at any time. If we didn’t all know that before, surely we know it now. But I don’t think about it.

I think about bed, and sleeping, and what kind of pasta to make for dinner, and whether 20 more minutes of awake time is worth the heartburn and jitters two more espressos will gift me along with the continued alertness.

I don’t worry about the wheezing, or whether I’ll ever see the inside of a gym again, or the long term ramifications of school closings and sickness on my daughter’s higher educational prospects. I don’t even think about November. We are alive. It’s a good day.

The post It’s a good day. appeared first on Zeldman on Web & Interaction Design.

Read the whole story
8 days ago
Washington, DC
9 days ago
Share this story

DEVO making Energy Dome face shields

1 Share
the covid merch u want
Read the whole story
10 days ago
Share this story


1 Share

I’ve read two of the Martin Beck series back to back.  Book four, THE LAUGHING POLICEMAN, and book five, THE FIRE ENGINE THAT DISAPPEARED.

Ten yards away stood a lone dismal figure, a pipe in his mouth and his hands thrust deep down in his coat pockets. This was Fredrik Melander of the Murder Squad in Stockholm and a veteran of hundreds of difficult investigations. He was generally known for his logical mind, his excellent memory and unshakeable calm. Within a smaller circle, he was most famous for his remarkable capacity for always being in the toilet when anyone wanted to get hold of him.

The Martin Beck sequence was famously written by two left journalists, Maj Sjöwall and Per Wahlöö, and accidentally invented what we now call Nordic Noir.  The books are about the homicide team centered around Martin Beck, who is introduced in book one as the best criminal investigator in Stockholm.

It took Martin Beck less than thirty seconds to open the door, which was considered a long time, as he had already got the key from the estate agent.

What’s Martin Beck like?

As usual he was not hungry, only slightly sick, and he drank coffee in order to make his condition a little worse.

He constantly has a cold, his stomach hates him, he’s trapped in a dismal marriage, and he has precisely one friend; his voracious, priapic and obese colleague Kollberg, who lumbers and squelches around the books abusing people because he thinks it’s character-building and regularly bunking off home to his wonderfully happy marriage.

The authors, on Xmas:

The epidemic swept all before it and there was no escape. It ate its way into houses and flats, poisoning and breaking down everything and everyone in its path. Children were already howling from exhaustion and fathers of families were plunged into debt until their next holiday. The gigantic legalized confidence trick claimed victims everywhere. The hospitals had a boom in cardiac infarctions, nervous breakdowns and burst stomach ulcers.

Thing is: the books are funny.  You don’t get many laughs in Wallander.

“Don’t let him say one word to the witness until you’ve seen the death certificate.”

The team are misfits and human horrors, Beck is a fine mind locked inside a fast-decaying body and a miserable life, Stockholm is… well…

There was little to be said in favour of this repulsive Wednesday.

And the cases are notable not for the brilliance of the villains or the exoticism of the crimes, but for their awkwardness and the way the books sell the basic quotidian difficulties of ordinary flawed tired people solving ordinary nasty crimes.  The laugh at the end of THE LAUGHING POLICEMAN is an incredibly sad, bleak, rueful laugh.

In the sixties, these books must have been a hard shock. A unique one. Today, what’s most interesting about them — aside from the quality of the writing and the plotting and the clever mix of materials — is what was left after everyone else plundered them.  That acid, ruthless sense of humour.



Read the whole story
13 days ago
Share this story

What the heck happened with .org?

1 Comment and 4 Shares

If you are following the tech news, you might have seen the announcement that ICANN withheld consent for the change of control of the Public Interest Registry and that this had some implications for .org.  However, unless you follow a lot of DNS inside baseball, it might not be that clear what all this means. This post is intended to give a high level overview of the background here and what happened with .org. In addition, Mozilla has been actively engaged in the public discussion on this topic; see here for a good starting point.

The Structure and History of Internet Naming

As you’ve probably noticed, Web sites have names like “mozilla.org”, “google.com”, etc. These are called “domain names.” The way this all works is that there are a number of “top-level domains” (.org, .com, .io, …) and then people can get names within those domains (i.e., that end in one of those). Top level domains (TLDs) come in two main flavors:

  • Country-code top-level domains (ccTLDs) which represent some country or region like .us (United States), .uk (United Kingdom, etc.)

Back at the beginning of the Internet, there were five gTLDs which were intended to roughly reflect the type of entity registering the name:

  • .com: for “commercial-related domains”
  • .edu: for educational institutions
  • .gov: for government entities (really, US government entities)
  • .mil: for the US Military (remember, the Internet came out of US government research)
  • .org: for organizations (“any other domains”)

It’s important to remember that until the 90s, much of the Internet ran under an Acceptable Use Policy which discouraged/forbid commercial use and so these distinctions were inherently somewhat fuzzy, but nevertheless people had the rough understanding that .org was for non-profits and the like and .com was for companies.

During this period the actual name registrations were handled by a series of government contractors (first SRI and then Network Solutions) but the creation and assignment of the top-level domains was under the control of the Internet Assigned Numbers Authority (IANA), which in practice, mostly meant the decisions of its Director, Jon Postel. However, as the Internet became bigger, this became increasingly untenable especially as IANA was run under a contract to the US government. Through a long and somewhat complicated series of events, in 1998 this responsibility was handed off to the Internet Corporation for Assigned Names and Numbers (ICANN), which administers the overall system, including setting the overall rules and determining which gTLDs will exist (which ccTLDs exist is determined by ISO 3166-1 country codes, as described in RFC 1591). ICANN has created a pile of new gTLDs, such as .dev, .biz, and .wtf (you may be wondering whether the world really needed .wtf, but there it is). As an aside, many of the newer names you see registered are not actually under gTLDs, but rather ccTLDs that happen to correspond to countries lucky enough to have cool sounding country codes. For instance, .io is actually the British Indian Ocean’s TLD and .tv belongs to Tuvalu.

One of the other things that ICANN does is determine who gets to run each TLD. The way this all works is that ICANN determines who gets to be the registry, i.e., who keeps the records of who has which name as well as some of the technical data needed to actually route name lookups. The actual work of registering domain names is done by a registrar, who engages with the customer. Importantly, while registrars compete for business at some level (i.e., multiple people can sell you a domain in .com), there is only one registry for a given TLD and so they don’t have any price competition within that TLD; if you want a .com domain, VeriSign gets to set the price floor. Moreover, ICANN doesn’t really try to keep prices down; in fact, they recently removed the cap on the price of .org domains (bringing it in line with most other TLDs). One interesting fact about these contracts is that they are effectively perpetual: the contracts themselves are for quite long terms and registry agreements typically provide for automatic renewal except under cases of significant misbehavior by the registry. In other words, this is a more or less permanent claim on the revenues for a given TLD.

The bottom line here is that this is all quite lucrative. For example, in FY19 VeriSign’s revenue was over $1.2 billion. ICANN itself makes money in two main ways. First, it takes a cut of the revenue from each domain registration and second it auctions off the contracts for new gTLDs if more than one entity wants to register them. In the fiscal year ending in June 2018, ICANN made $136 million in total revenues (it was $302 million the previous year due to a large amount of revenue from gTLD auctions).

ISOC and .org

This brings us to the story of ISOC and .org. Until 2003, VeriSign operated .com, .net, and .org, but ICANN and VeriSign agreed to give up running .org (while retaining the far more profitable .com). As stated in their proposal:

As a general matter, it will largely eliminate the vestiges of special or unique treatment of VeriSign based on its legacy activities before the formation of ICANN, and generally place VeriSign in the same relationship with ICANN as all other generic TLD registry operators. In addition, it will return the .org registry to its original purpose, separate the contract expiration dates for the .com and .net registries, and generally commit VeriSign to paying its fair share of the costs of ICANN without any artificial or special limits on that responsibility.

The Internet Society (ISOC) is a nonprofit organization with the mission to support and promote “the development of the Internet as a global technical infrastructure, a resource to enrich people’s lives, and a force for good in society”. In 2002, they submitted one of 11 proposals to take over as the registry for .org and ICANN ultimately selected them. ICANN had a list of 11 criteria for the selection and the board minutes are pretty vague on the reason for selecting ISOC, but at the time this was widely understood as ICANN using the .org contract to provide a subsidy for ISOC and ISOC’s work. In any case, it ended up being quite a large subsidy: in 2018, PIR’s revenue from .org was over $92 million.

The actual mechanics here are somewhat complicated: it’s not like ISOC runs the registry itself. Instead they created a new non-profit subsidiary, the Public Interest Registry (PIR), to hold the contract with ICANN to manage .org. PIR in turn contracts the actual operations to Afilias, which is also the registry for a pile of other domains in their own right. [This isn’t an uncommon structure. For instance, VeriSign is the registry for .com, but they also run .tv for Tuvalu.] This will become relevant to our story shortly. Additionally, in the summer of 2019, PIR’s ten year agreement with ICANN renewed, but under new terms: looser contractual conditions to mirror those for the new gTLDs (yes, including .wtf), including the removal of a price cap and certain other provisions.

The PIR Sale

So, by 2018, ISOC was sitting on a pretty large ongoing revenue stream in the form of .org registration fees. However, ISOC management felt that having essentially all of their funding dependent on one revenue source was unwise and that actually running .org was a mismatch with ISOC’s main mission. Instead, they entered into a deal to sell PIR (and hence the .org contract) to a private equity firm called Ethos Capital, which is where things get interesting.

Ordinarily, this would be a straightforward-seeming transaction, but under the terms of the .org Registry Agreement, ISOC had to get approval from ICANN for the sale (or at least for PIR to retain the contract):

7.5              Change of Control; Assignment and Subcontracting.  Except as set forth in this Section 7.5, neither party may assign any of its rights and obligations under this Agreement without the prior written approval of the other party, which approval will not be unreasonably withheld.  For purposes of this Section 7.5, a direct or indirect change of control of Registry Operator or any subcontracting arrangement that relates to any Critical Function (as identified in Section 6 of Specification 10) for the TLD (a “Material Subcontracting Arrangement”) shall be deemed an assignment.

Soon after the proposed transaction was announced, a number of organizations (especially Access Now and EFF) started to surface concerns about the transaction. You can find a detailed writeup of those concerns here but I think a fair summary of the argument is that .org was special (and in particular that a lot of NGOs relied on it) and that Ethos could not be trusted to manage it responsibly. A number of concerns were raised, including that Ethos might aggressively raise prices in order to maximize their profit or that they could be more susceptible to governmental pressure to remove the domain names of NGOs that were critical of them. You can find Mozilla’s comments on the proposed sale here. The California Attorney General’s Office also weighed in opposing the sale in a letter that implied it might take independent action to stop it, saying:

This office will continue to evaluate this matter, and will take whatever action necessary to protect Californians and the nonprofit community.

In turn, Ethos and ISOC mounted a fairly aggressive PR campaign of their own, including creating a number of new commitments intended to alleviate concerns that had been raised, such as a new “Stewardship Council” with some level of input into privacy and policy decisions, an amendment to the operating agreement with ICANN to provide for additional potential oversight going forward, and a promise not to raise prices by more than 10%/year for 8 years. At the end of the day these efforts did not succeed: ICANN announced on April 30 that they would withhold consent for the deal (see here for their reasoning).

What Now?

As far as I can tell, this decision merely returns the situation to the status quo ante (see this post by Milton Mueller for some more detailed analysis). In particular, ISOC will continue to operate PIR and be able to benefit from the automatic renewal (and the agreement runs through 2029 in any case). To the extent to which you trusted PIR to manage .org responsibly a month ago, there’s no reason to think that has changed (of course, people’s opinions may have changed because of the proposed sale). However, as Mueller points out, none of the commitments that Ethos made in order to make the deal more palatable apply here, and in particular, thanks to the new contract in 2019, PIR ISOC is free to raise prices without being bound by the 10% annual commitment that Ethos had offered.

It’s worth noting that “Save dot Org” at least doesn’t seem happy to leave .org in the hands of ISOC and in particular has called for ICANN to rebid the contract. Here’s what they say:

This is not the final step needed for protecting the .Org domain. ICANN must now open a public process for bids to find a new home for the .Org domain. ICANN has established processes and criteria that outline how to hold a reassignment process. We look forward to seeing a competitive process and are eager to support the participation in that process by the global nonprofit community.

For ICANN to actually try to take .org away from ISOC seems like it would be incredibly contentious and ICANN hasn’t given any real signals about what they intend to do here. It’s possible they will try to rebid the contract (though it’s not clear to me exactly whether the contract terms really permit this) or that they’ll just be content to leave things as they are, with ISOC running .org through 2029.

Regardless of what the Internet Society and ICANN choose to do here, I think that this has revealed the extent to which the current domain name ecosystem depends on informal understandings of what the various actors are going to do, as opposed to formal commitments to do them. For instance, many opposed to the sale seem to have expected that ISOC would continue to manage .org in the public interest and felt that the Ethos sale threatened that. However, as a practical matter the registry agreement doesn’t include any such obligation and in particular nothing really stops them from raising prices much higher in order to maximize profit as opponents argued Ethos might do (although ISOC’s nonprofit status means they can’t divest those profits directly). Similarly, those who were against the sale and those who were in favor of it seem to have had rather radically different expectations about what ICANN was supposed to do (actively ensure that .org be managed in a specific way versus just keep the system running with a light touch) and at the end of the day were relying on ICANN’s discretion to act one way or the other. It remains to be seen whether this is an isolated incident or whether this is a sign of a deeper disconnect that will cause increasing friction going forward.

The post What the heck happened with .org? appeared first on The Mozilla Blog.

Read the whole story
14 days ago
14 days ago
Washington, DC
Share this story
1 public comment
14 days ago
> nothing really stops them from raising prices much higher in order to maximize profit as opponents argued Ethos might do (although ISOC’s nonprofit status means they can’t divest those profits directly).

Well that’s a pretty big fuckin difference right there, a non-profit whose execs can’t just loot the revenue vs a private faakin equity fund...
Bend, Oregon
Next Page of Stories