OOXML: Standards for accepting standards
After the Ballot Resolution Meeting (BRM) of the International Standards Organisation (ISO) failed to resolve the differences around Microsoft's proposed OOXML standard, what happens next?
The purpose of the meeting, which convened at the International Conference Centre in Geneva last week, was to resolve the unprecedented 3500 comments that had been raised against the original draft specification presented by ECMA to Members of to the Joint Technical Committee of the ISO/IEC (International Electrotechnical Commission) last September.
In response ECMA presented 1,100 recommendations for changes to the draft. The BRM only found time to discuss and modify 20 per cent of these recommendations. The remaining 900 recommendations were not discussed, and were waved through apparently on trust and without modification, which signals a considerable failure within the standards process.
Unsurprisingly, the voting was far from conclusive. As Yoon Kit, representing the Malaysian delegation, observed: "Due to the quirks in the voting mechanisms, a reported 98.4 per cent of ECMA resolutions were approved. This on the surface projects an impression that the BRM is a resounding success. Unfortunately this is not the sentiment of the majority of participants."
"It should have been obvious to the administrators that submitting a 6000+ page document which failed the contradiction period, the 5 month ballot vote and poor resolution dispositions, should be pulled from the process. It should have been blatantly obvious that if you force National Bodies to contribute in the BRM and end up not deliberating on over 80 per cent of their concerns, you will make a lot of people very unhappy..."
"Judging from the reactions from the National Bodies who truly tried to contribute in a positive manner, without having their concerns heard let alone resolved, they leave the BRM with only one decision in their mind come March 29th..."
"The fast tracking process is not suitable for ISO/IEC DIS 29500. It will fail yet again. And this time it will be final."
A toxic leech
OOXML is controversial for a number of reasons. Critics argue that OOXML is not so much a specification as a description of Microsoft's existing proprietary data formats, complete with the replication of historic bugs, the most notorious being the treatment of 1900 as a leap year. The specification was derived internally to describe Microsoft's current data formats, and has not benefitted from the usual wide-ranging debate and participation from competing interests, hammering out their differences to find the points they have in common, that accompany the conventional definition of a standard.
A standard is intended to facilitate multiple implementations of a protocol or data format, not to give validation to the one existing implementation of that format. There have also been complaints that, despite the fact that over 3500 comments were raised against the original specification, delegates weren't able to suggest amendments that contradicted Microsoft's current implementation.
The specification was presented to ECMA as a fait acommplis, and was fast tracked through the auspices of ECMA for acceptance by the ISO, despite, or because of, the prior existence of a competing standard, the Open Document Format (ODF), that has been widely implemented across the industry. In the view of some delegates who have spoken out about the process, fast tracking of the acceptance procedures has meant that the considerable problems identified with the original specification have not received the attention they deserve.
Tim Bray, who attended the BRM as a member of the Canadian delegation was scathing in his assessment of the process. "You just can't revise six thousand pages of deeply complex specification-ware in the time that was provided for the process," he noted. "That's true whether you're talking about the months between the vote and when the responses were available, the weeks between the responses' arrival and the BRM, or the hours in the BRM room," and concluded that "this was horrible, egregious, process abuse and ISO should hang their heads in shame for allowing it to happen. Their reputation, in my eyes, is in tatters. My opinion of ECMA was already very negative; this hasn't improved it, and if ISO doesn't figure out a way to detach this toxic leech, this kind of abuse is going to happen again and again."
Frank Farance, who led the US delegation, went on record as saying: "I see no particular rationale for why we were limited in time. I don't know how you can deal with 6000 pages with 3500 comments in a week. It's like trying to run a two-minute mile."
Interoperability and IP policy
This degree of dissent would appear to be highly unusual in the atmosphere of standards deliberation in such bodies, but complaints haven't been restricted to the Fast Tracking process. There have been countless serious allegations of "ballot stuffing" and "gaming" of the system. These allegations are not trivial.
Among the noted issues are the sudden registration of countries with no historic interest in standardisation who, according to some sources, have become participating members of the ISO with the singular purpose of ratifying OOXML, including Trinidad and Tobago, Colombia, Cte-d'Ivoire, Cyprus, Lebanon and Malta. The vote of each of these countries has an equal weighting to that of nations such as China or India, who have significant interests in the progress of standards in ICT.
There have also been serious allegations of undue influencing, notably in the voting process of the Swedish Standards Institute (SIS), where Microsoft was alleged to have offered companies "incentives" if they voted in favour of OOXML. The SIS later rescinded the vote on a technicality, and has abstained from the process.
Such antics have offended not only the obvious opponents of OOXML, such as Google, IBM and Oracle, but also business and government proponents of openness and interoperability, and the professionals whose job it is to define workable standards, whose sense of etiquette has been turned over. The standards profession is a business where words such as "interoperability" and "openness" try to mean what they say.
Microsoft, in its turn, has accused IBM of masterminding the opposition to the fast tracking of OOXML. Jean Paoli, Microsoft's senior director of XML technology, said: "Let's be very clear. It has been fostered by a single company - IBM. If it was not for IBM, it would have been business as usual for this standard."
Standards for accepting standards
In truth, the opposition has come from all quarters, and has been most vocal among those interested in open standards, which includes everybody from governments through to representatives of the free and open source software movement, and also includes many parties with an interest in maintaining open access and network neutrality for civil or commercial reasons, including the likes of IBM, Google and Oracle.
The one requirement is homogenous access to networks, protocols and data formats. Nicos Tsilas, who is described as senior director of interoperability and IP policy at Microsoft, was reported to have said that "They have made this a religious and highly political debate. They are doing this because it is advancing their business model. Over 50 percent of IBM's revenues come from consulting services." Free software advocates, on the other hand, would argue that interoperability and IP policy are mutually exclusive concepts, and that part of the problem with this process has been the confusion of proprietary interests with the interests of the network.
One result is that there have been many calls for reform of the standards process. One example is Geir Isene's "Open Letter to ISO" in which he complains that "there is no standard for accepting a standard" and that "it seems ISO is not prepared for a politicised process where a big and influential commercial enterprise will use any means possible to push its own standard through to certification. Committees are flooded by the vendor in support of the standard. Votes are bought and results are hijacked."
Isene suggests that "ISO would greatly benefit from adopting the IETF requirment of two independent reference implementations for passing a standard. This should increase the quality of ISO's IT standards." He also observes that "the strength, integrity and scalability of ISO have been tested. The organisations agility and adaptability will now be measured. May ISO move quickly to fix its own PR and more importantly its own standardisation process."
Unfortunately, the problems for OOXML are not restricted to the standards process. The feeling among many users, developers (and by implication many ISO delegates) is that, by accident or design, OOXML suffers from a large number of technical failings. The documentation contains binary specifications, specifications that contradict existing standards, and elements that are covered by "undisclosed patents and incomplete licensing terms". The basic requirement of a standard that it is concise and precise, and can be implemented by any other interested party.
The most serious allegations against OOXML are that it is incomplete in its detail, contains internal and historic contradictions, and that it would be difficult, if not impossible, to implement on other platforms, which is the raison d'tre for any standard. The design, implementation, limitations and further development of OOXML are exclusive to Microsoft. Evidence has also been shown that there are demonstrable interoperability failures between Microsoft Office 2007 outputs, which derives from the only existing implementation of the ECMA 376 specification of OOXML, and the specification itself, which is damning evidence against the acceptance of the standard in the first place. These include undocumented non-XML data and XML tags in the Office 2007 outputs that do not appear in the ECMA 376 spcification.
The conventional view is that open standards are the only tenable way forward for the technology industries, where networking necessitates interoperability between a plethora of applications and technologies, unencumbered by patents or other proprietary interests, and it is difficult to see a justification for OOXML when there is a proven open standard that is widely adopted and fulfils these objectives.
Application security fallacies and realities
Web application attacks are the most common vulnerability, so what is the truth about application security?Download now
Your first step researching Managed File Transfer
Advice and expertise on researching the right MFT solution for your businessDownload now
The KPIs you should be measuring
How MSPs can measure performance and evaluate their relationships with clientsDownload now
Life in the digital workspace
A guide to technology and the changing concept of workspaceDownload now