This thread over on Twitter about the 2018 effort to deploy end-to-end encrypted DMs is amusing. TL;DR: Licensing negotiations fell through because Moxie went on a sailing trip and stopped answering email. https://twitter.com/bhcarpenter/status/1596691905898811393?s=46&t=tqmsclr-6WclRPKi5dpw-g
But it raises a serious question I’ve never gotten a great answer to: *why* were corporations conditioning their use of Signal protocol on a license from Moxie/OWS?
Signal is a slightly over-complicated protocol but purportedly it’s an open one. Surely there’s no need for a license to use the protocol. So presumably the stumbling block here is that people feel uncomfortable using the software without Moxie/OWS/SF’s proprietary implementation?
That seems very bad to me. I’m obviously 100% in favor of protocol designers and developers earning money for good things. But “private industry literally can’t do encrypted DMs without signing a license” is a crap place for us to be.
To be clear, I understand the GPL licensing issues. Ordinarily one gets around those through re-implementation.
I am in favor of OSS and GPL but if the “cost” of the GPL is that we, as a society, don’t get privacy? Then screw the GPL and re-implement with MIT.
To be clear I posted a meme implying that this killed the encrypted DMs project. It didn’t. The licensing issues merely delayed it, which I’m sure was harmful. Twitter still deserves loads of credit for failing to implement this, all on their own.