Clarifications on the Open Letter

It appears that there are some questions about the content in the open letter that I posted earlier this week. Simon Phipps (Sun’s chief open source officer) posted a comment on my blog that summarizes these questions, so I will use this post to reply to it. The original text from Simon’s post will be indented and italicized, and my responses will be in plain text.

Hi Neil,

Despite the fact you didn’t actually contact the Sun ombudsman service[1], I have had several referrals of your postings. I’ve done a little investigation and I have some questions about your story.

Actually, I did contact the Sun ombudsman service. The exact same text that was included in my blog post was also sent as an e-mail message. That message was sent from neil.a.wilson[at] with a timestamp of “Wed, 28 Nov 2007 09:57:03 -0600” (9:57 AM US Central Time), and was addressed to neil.a.wilson[at] It was blind copied to the following recipients:

  • users[at]
  • dev[at]
  • jis[at]
  • ombudsman[at]

I did not receive any bounce messages in reply, and my mail server logs confirm that Sun’s mail server did in fact accept the message for delivery. If my message never made it into the ombudsman[at] inbox, then perhaps the problem is on your end (e.g., over-eager spam filtering, which happened to me on more than one occasion when I was a Sun employee).

It’s very regrettable that you were laid off, no question. That’s not a part of your narrative I can comment on for HR/legal reasons, but it’s always sad when business pressures force layoffs.

Thank you for the sentiment. While I wasn’t particularly happy about being laid off, I don’t hold a grudge against Sun because of it. Regardless of whether I think it was an intelligent move, Sun did have a justification for it (geographic consolidation). If the only thing that had happened was that I got laid off, then I fully expect that I would still be actively participating in the project. I believe I demonstrated that through my continued involvement in the project even after having received my layoff notification.

However, I do question how you characterize the requests to change the OpenDS governance. I note that the OpenDS governance was changed on April 28 by sshoaff[2] and that the original line reading:

“This Project Lead, who is appointed by Sun Microsystems, is responsible for managing the entire project”

was replaced by one reading

“This Project Lead, who is appointed and removed by a majority vote of the Project Owners, is responsible for managing the entire project”

I have not been able to find a discussion of this change anywhere, and I understand from your former managers that they were unaware of this change. While you characterize the request made of you as:

“demanded that the owners approve a governance change that would grant Sun full control of the OpenDS project”

it seems to me that what in fact happened was you were (collectively) asked to revert that change to its original state. On present data, it appears to me that far from Sun acting in bad faith over the governance, they were in fact making a reasonable request to correct an earlier error. Indeed, all that has happened to the governance document since then is to revert the change[3].

This is not the whole story.

First, the change to which you refer (committed in revision 1739 by Stephen Shoaff on April 28, 2007) was absolutely not unauthorized. Stephen Shoaff and Don Bowen both served as officers of the company (Stephen as the director of engineering for directory products, and Don as a director of product marketing for all identity products), and David Ely was the engineering manager and the Sun-appointed project lead for OpenDS under the original governance. This change was also discussed with Sun’s open source office, and while you (Simon) may not have been directly involved with those discussions, Don Bowen has informed me that there was a telephone conversation in which you told him that each project should make the decisions that are best for its respective community. We also involved the OpenDS and Identity Management communities in the process, although those conversations were on a personal basis with key members rather than at large on the public mailing lists. Unfortunately, none of us can currently produce any evidence to support these claims. When we received the layoff notification we were required to return or destroy any Sun property that we may have had, and since all of these discussions would be considered Sun-internal communication we no longer have access to any record of them in compliance with the notification requirement. However, full documentation to support all of these claims should exist within Sun should you feel the need to verify them.

Second, this was not the governance change to which I referred in my original post. In the meeting that the owners (including Ludovic) had on November 13, 2007, we were informed that it was Sun’s intention to replace the governance with something different and that the new governance would be chosen and managed by a Sun-selected committee. This change has not yet been applied, and as I am no longer involved with the project I cannot comment on whether there is still intent to make it. However, Eduardo referenced this future change on the OpenDS user mailing list today ( when he said “We want to improve these governances, ideally in a consistent way.”

There was no discussion at all during the November 13 meeting of the change made in revision 1739, and it was not brought to our attention until the following evening. To the best of my knowledge the request to revert the change made in revision 1739 was never discussed with anyone other than Stephen Shoaff. I know that I personally never received any communication from anyone within Sun asking me to approve reverting this change.

Finally, I would ask Sun to justify their subsequent reversion of that change and how they believe that it was in the best interests of OpenDS, or how doing so was consistent with Sun’s public stance on the importance and value of community-led projects. Despite the fact that the change we made had more than sufficient authorization, I fail to see how reverting it is in any way an improvement. How is reverting to a Sun-appointed absolute authority better for the community than the consensus-driven model we thought Sun wanted?

I would be happy to continue to investigate this case, so if you would like to submit a complaint to with full data supporting your accusations I would be pleased to investigate further. I’m afraid I don’t usually read your blog so you’ll need to alert me ( to any postings here that need my attention.




I am afraid that there may not be any benefit to further investigation. It appears that you are using your position to attack my credibility and focus on damage control for Sun rather than acting impartially on my behalf as per your claim at Even if for some reason you did not receive the message that I originally sent to ombudsman[at], I find it very discouraging and disappointing that Sun’s community advocate would choose to respond in such an inflammatory manner via e-mail messages and blog comments without even making an attempt to contact me for further clarification. You have accused me of launching an attack with partial facts but apparently have made no attempt to contact me to get the complete facts for yourself. I had gone out of my way to indicate that I felt that this was an isolated incident and not in-line with Sun’s true stance on open source, but it’s hard to continue to hold that position when Sun’s ombudsman and chief open source officer behaves in such a manner.

10 thoughts on “Clarifications on the Open Letter

  1. I’m sorry you feel that way and mistrust my motives so much, Neil, since I am genuinely researching the situation. I don’t actually receive ombudsman mail directly as it is cleared through someone else to make sure that the identity of the correspondent is protected in case the complaint is against me. But cc-ing on a public attack on Sun is hardly “contacting the Ombudsman first”.I’m keen to gather all the data needed to make a reasonable assessment of the issue, and I believe that the approach of conducting a public campaign is generally flawed since it will inevitably lead to public exchanges that will be regretted in hindsight.I’m building a picture as I go, and further data continues to be valuable. I encourage you to correspond with me directly rather than in public. If you’d like to speak on the phone that’s fine too, I’ll be pleased to send you a direct number.


  2. As an outsider who has used Directory Server from the Netscape 4.x days, to what it is now as a Sun product, I have to admit that this public exchange is somewhat appalling.I’ve read your blog for some time, Neil, and I think you’re a valuable asset to the community. I was (am?) anticipating the release of OpenDS mostly because I saw what Sun had done with Glassfish (we’re licensed to run 9.1 Enterprise and DS EE as well) and was hoping that Sun could deliver another great open source product that would improve on the already good proprietary directory offering. The architecture and feature set got me excited. You have even answered a question or two of mine in the comments on your blog.Having said that, I honestly don’t like that you have decided to air your dirty laundry in a concerted effort with your (ex) colleagues. You sent an email to Simon 2-3 days ago, with BCC’s (read: you had an agenda) and decided to launch an assault rather than engage in a more formal dialog and/or potentially exhaust all options with Sun before doing so. You sat on your hands while you were collecting a check, and as soon as that ran out, you came out with guns blazing. It sounds like you weren’t getting support from your old management team, granted, but why didn’t you try to give Simon more of a shot?Don’t get me wrong, I understand your position completely, and think that you have a legitimate bone to pick. I just don’t agree with the public method that you and your cohorts chose to handle it. It’s very immature and unprofessional. I’m sure the bridge with Sun is smoldering in the ashes by now, so what have you accomplished? The product you cared so much for will potentially be marred in the minds of people like me, because of the actions that you and your friends have chosen to take.Remember, the IT community is a small one, and the Directory/Identity community is even smaller. One would be wise to watch who they tread on.-Jeff the Grumpy sysadmin


  3. Neil,I would like to encourage you to work with Simon on this, I believe he is honest and trustworthy. From what you have said and what has been backed up by Trey it looks like there is a genuine issue here where Sun representatives interfered in the projects governance using strong-arm tactics.Let’s hope this can be resolved in the best interest of the OpenDS community.


  4. Neil,I commend you, I wish you were not put in this situation but your defense of the community’s interests is noble. SUN will no doubt try to smear you in an attempt to discredit what you say. I thought this might be relevant here as a repost from my blog here:OpenDS Reveals the Critical Flaw of Sponsored Commercial Open Source don’t understand why Simon Phipps would be attacking Neil Wilson’s motives when they are pretty clear and utterly noble. I’d like to give Simon more credit but it just seems to be part of his job function for SUN damage control. The reason I don’t understand is because Neil is trying his best to accommodate the users and community who would be put out because of this fiasco. He’s being very noble and using what tools he has (yes a public forum) to apply pressure on SUN and save this project. Hearing the SUN Open Source Officer recommend keeping critical aspects about an OPEN source project’s governance decisions behind CLOSED doors is a bit disappointing to me. It shows how little SUN and Simon Phipps actually know about Open Source. These reactions from SUN are expected. Sponsors of Open Source Projects often feel they own the project (the people and the code), they after all pay for resources and the employee salaries who contribute to the project. It becomes hard to differentiate between the different hats contributors might wear (as employees and as independent members of the community). Commercial interests get confused and sponsoring companies often try at all costs to maintain control. It’s all about recouping an investment. This dynamic is antithetical to the core aims of Open Source which at their foundations is based on community. There’s obviously more dimensions to Open Source than just having source code published openly. The code is nothing without the people (the community) behind it. These are the problems evident in most sponsored commercially driven projects as opposed to organic projects. There obviously are trade-offs however some are especially costly as we are all witnessing on this blog. Neil Wilson shows the caliber of someone who really understands the core tenets of Open Source as demonstrated by his struggle for the rights of the community. Kudos to Neil for that and I sincerely wish him the best. I hope he can turn this situation around. Unfortunately, as he has probably already seen, SUN has the upper hand legally because it’s lawyers have engineered the situation from the beginning with the CDDL and their more than obvious intensions driven by the bottom line: profitability. I am not making a moral judgment about this but rather stating the problems it causes when mixed with “Open Source”. However, OpenDS and Neil Wilson’s situation has flushed out a very important pitfall with sponsored commercial open source: the ability of a contributor to stick with the project across employers is at the discretion of the sponsor not the individual. The force of this flaw eventually erodes away at any community that could possibly gel (other than employee based members) while an organic community is immune to this dynamic and enjoys greater diversity.


  5. Simon Phipps said:”But cc-ing on a public attack on Sun is hardly “contacting the Ombudsman first”.why? this is not a sun internal issue. open in “openDS” is pretty clear to me.


  6. Of course you CC, its the only way you protect yourself, doubly so after being kicked around like that.Good luck, Neil.


  7. I have to second the sentiment that open means OPEN. Unfortunately, this sounds like a clash between the open source mentality and a company JUST beginning to realize the power of it. I honestly believe that, in Sun’s current mindset, the openness one sees in development mailing lists like the one for the Linux kernel are downright scary for Sun. There are two things that would concern me if I were part of the user community for this product. 1. That Sun demands they have control over the product, even though it is supposed to be OPEN. Someone had commented they understood the reason for this since they have to pay the resources for this. However, I feel this argument to be flawed since there are quite a few corporations that contribute to the Linux kernel development by paying developers, yet they have to tow the line the same as volunteer developers do. Granted, those companies may contribute much more since they have the resources to do so, but they do not have control like Sun demanded. 2. That Sun would threaten to take away these developers severance packages if they didn’t conform reeks badly. This flies in the face of the Open Source community, the very same group they wish to gain support from. I truly hope Sun does grow from this and separates the buzzword “open source” from the TRUE meaning of it. I have a feeling there is going to be some building conflict in the future with more old-model companies trying to buy into Open Source without first fully understanding OPEN.


  8. Two outcomes are possible:1. You fork the project and fund a new startup around it.2. You find a job elsewhere.It seems to me that you can even rewrite the project from scratch in a few months.Is it fair for you that Sun lays you off and then decides the project is theirs?Does the company have a statement in the labor contract specifying you can’t work on similar projects after a number of years you have been laid off?Will they pay your salary during those years?I think they are reaping you off.


Comments are closed.