Will any of the commercial only stuff (like the distributed firewall or ldap authentication / authorization bits) ever be open sourced, or will DC/OS forever be open core crippleware?
That's a little harsh. I don't think the intention is to be open core crippleware - there are certainly a good number of users using (open) DC/OS in production without the enterprise features that you mention. I can't speak to the specific roadmap since I am uninformed but generally I believe the trend is for most enterprise features to trickle down into open over time.
