Initial report from OOXML technical and legal workshop last week

Last Friday I helped facilitate a workshop about the technical and legal feasibility of OOXML (check out the website, it has some interesting reading) in an attempt to get an understanding about where all parties are coming from and assist Standards Australia in understanding the issue from a holistic perspective (they have had quite a few flames targetted at them from both sides of the fence). This is just an initial report and I will be publishing the full audio from the technical event as soon as I can rip it from tape to digital.

I organised the technical speakers, including Matthew Cruickshank (New Zealand XML expert, contributor to a no vote in NZ and covenor of the very useful iso-vote website), Colin Jackson (who gave the NZ Gov perspective and overview of why NZ voted no), Rick Jelliffe (who participates in ISO, has done a small amount of work for Microsoft on this topic, and seems fairly neutral in person. He can come across as pro-Microsoft, although in reality he is probably just pro-“creating new ISO standards will fix everything”). We also had representation from Google (Lars Rasmussen), IBM (Paul Robinson), OSIA (Jeff stepped in by request from Brendan Scott and represented the OSIA view), and Microsoft (Greg Stone with 2 others). Janet was supposed to be there to represent LA (although most of her comments were for the legal section which was in the afternoon and I personally had to leave, so hopefully some of the blogs linked at the bottom of this cover that). We also had Alistair Tegart from Standards Australia, who is the person leading the SA investigation into OOXML, and it was great to have him both listen and participate. Overall, I’m really happy with how it all went.

The technical discussion was quite interesting. Firstly almost everyone said it was good to see Microsoft trying to be more open and make available standards that have been very proprietary forever. Then it went back and forth between actual technical issues and big picture issues. Most people agreed the technical issues were mostly reconcilable given time, for instance a whole bunch of technical concerns raised by Standards Australia in their “abstain with comments” vote have already been fixed apparently.

Some core technical issues raised were:

  • Accessibility – Matthew had great concerns about compliance to mechanisms that ensure accessibility is possible
  • Interoperability and access to data across multiple platforms – particularly when OOXML uses a lot of non-open undocumented standards (such as Microsoft’s DrawingML) as part of its inner workings rather than leveraging existing documented and ISO approved standards (such as SVG). This usage of pre-existing standards is supposedly one of the key criteria ISO look for in a new standard, but anyway
  • The implementability of DIS29500 – Several people said it was a lot of work to actually implement DIS29500. Jeff mentioned this is trivial for a lot of mature FOSS projects that have already had to do the work with older MS formats and that this is easier than reverse engineering. However, it was agreed on by several participants (include Google, OSIA and Archives) that it would certainly be difficult for organisations or new software projects who have to start from scratch as it is a dense, complex document with many legacy and undocumented assumptions and formats

The biggest issues raised and left unresolved were big picture issues, and I have to say I agree with all of these concerns. They were generally brushed off by both Microsoft and Rick. The biggest issues raised in no particular order were:

  • Harmonisation – Microsoft believes harmonisation is impossible and a lot of work. Everyone else thought harmonisation is not only possible but both really important and not as hard as is being made out. Lars even invited Microsoft to come participate in ODF so that it would meet their needs. They didn’t really have an answer for this apart from repeating that is was hard, and making some comment about the risk of a “third standard” which Matthew pointed out is part of the natural versioning process of standards development, and that ideally harmonisation would mean MS changes would be folded into a next generation version of ODF.
  • A single standard – most people agreed that ODF was an existing standard that has industry and community buy-in and collaboration, and that it should be built upon rather than creating new standards. Everyone agreed that ODF has some issues and doesn’t include all the functionality MS wants, however it was pointed our several times that if MS wanted to participate in ODF then they could, so the question was raised why they don’t. There wasn’t much of an answer here. Jeff, Mike and Lars pointed out that supporting multiple standards that do fundamentally the same thing will make it much harder for organisations to support real interoperability, and so by accepting DIS29500, ISO is basically complicating a plethora of business, archival, competition and other factors. Jeff made the comments that “there is not sufficient technical rationale behind another standard in this area”, and was very supportive of industry collaboration on ODF
  • The review process – several people expressed concern at the fast-tracking of DIS29500, and whether there has been adequate review. It was also mentioned that the review allocated to DIS29500 is by far proportionally smaller than ODF, PDF, or many other examples
  • The ingoing maintenance of OOXML – One of the maintenance models for DIS29500 proposed is that ECMA will 100% maintain current and future versions of DIS29500 with input but no control of QA from ISO. This seems ludicrous in the extreme. If this model was taken up basically future versions of DIS29500 would be ISO standards by default with basically only ECMA and Microsoft to be accountable. And these future versions could contain _anything_. Greg Stone was quick to mention that there are several models on the table, my thoughts are this in itself should result in a no vote as it completely subverts the entire process (even more)
  • Why ISO – It was pointed out by Microsoft on several occasions that surely having OOXML openly documented was better than not having it openly documented. Everyone agreed with this (it is far easier than reverse engineering a proprietary format). It was made clear however that OOXML is already documented through the ECMA process so what purpose does it serve to have it as an ISO standard, and that there is no value to this when they could participate in the process of harmonisation with ODF as described above. This I think is a big question. People talk about OOXML becoming a standard. It is already a standard, an ECMA standard, so it was very disingenuous for Microsoft to pull the “but we are trying to be open” card at this point. ISO standardisation doesn’t improve the documentation made freely available.

Some interesting arguments that Rick brought up that I hadn’t heard before were:

  • The standard doesn’t reflect the actual implementation. DIS29500 doesn’t mean the same as OOXML. So arguing against OOXML is actually not going to necessarily help you in battling DIS29500 acceptance. How Microsoft or anyone else decides to implement DIS29500 is not the concern or responsibility of ISO.
  • The conformance language in DIS29500 is really bad and needs serious work.
  • The steering committee in ISO responsible for OOXML (as well as ODF, PDF and others) is committed to ZRAND (Zero cost, Reasonale and Non-Discriminatory standards) as opposed to RAND (same as ZRAND but with fees associated).

It has to be said I have a lot more respect for Rick for in person (although his blog coverage of the event was again quite one-sided) and I don’t believe he is generally supporting Microsoft per se, but rather he genuinely believes the more standards the better. Also, the guy has actually received death wishes over this, which is never an acceptable way to deal with disagreement, ever. He mentioned another colleague who has also received threatening calls. This is coming from both sides of the fence and reflects badly on everyone. Anyway, he said several times that ISO acceptance of DIS29500 doesn’t mandate using it, and how that is up to individual organisations and Governments to decide, so there is no problem or even a huge impact in DIS29500 being an ISO standard. However, as Mike Carden pointed out this is fairly disingenuous given that so many Governments have to date used ISO as the standard of standards which has a massive knock on effect on uptake and competition, especially when there is an existing collaboratively developed standard that fulfills that niche (and could fulfill Microsofts’ “unique” needs if they actually participated in it). Unfortunately for ISO I know people in Governments from around the world (and locally) who will be seriously reconsidering that assumption now.

I managed to get the last word in to the technical discussion (yay) and I basically said that given all the unresolved issues, concerns from industry and the broader community, lack of finalised information (such as what model DIS29500 would be maintained under) and general controversy, perhaps it would be most prudent for Standards Australia to vote “no” for DIS29500 and Microsoft can choose to put DIS29500 through the normal non-fast track process for proper analysis and appraisal if they want. Standards Australia originally gave an abstain vote. I think that needs to be carefully weighed up and understood that if there isn’t enough information to make a clear “yes” decision stating a lack of information, then the default should be no, because how can Standards Australia (or any other standards body) feel comfortable with a standard passing ISO ratification if they can’t even feel comfortable with it themselves? I know there are many people deeply concerned about this right through from community, business and Government, and it will be interesting to see what happens to the general trust in and acceptance of ISO regardless of what happens with DIS29500.

Please find a few blog posts and other references below:

  • Email short report from Mike Carden
  • Oliver Bell’s blog
  • Brendan Scott’s blog about legal foo prior to the event. He also did a good announcement about OSIA’s position along with supporting documentation here
  • Rick Jelliffe’s blog – I’m particularly disappointed with this post. He told me on the day it was one of the best and most civil discussions he’s had (although I left before most of the legal session, so who knows 🙂 )

Finally a huge thanks to David Vaile and the Cyberlaw team who ran both events. These are the same people who ran the GPL V3 event last year (which I also helped facilitate) which included Eben Moglen (by phone), Andrew Tridgell and others.

Comments, additional reports about the event and feedback welcome.

I will note there have been some other reports about this event (prior to the event) that were slanderous, malicious, uninformed and assumed that I am part of a massive conspiracy to thwart the progress of freedom (in spite of the years of being very publicly and actively committed to FOSS and software freedom). I have not linked to those as I think they a) don’t contribute to the content, b) are unnecessarily malicious and assume the absolute worst and c) don’t deserve my googejuice 🙂

Edit: Matthew Cruickshank just sent me his paper on accessibility which includes a whole schwag of technical and other useful perspectives. Find it here

6 thoughts on “Initial report from OOXML technical and legal workshop last week”

  1. >Rick Jelliffe (who participates in ISO, has done a small amount
    >of work for Microsoft on this topic, and seems fairly neutral in person.
    >He can come across as pro-Microsoft, although in reality he is probably just
    >pro-”creating new ISO standards will fix everything”).

    i would say he is probably just pro-“creating new ISO standards-no matter how broken it is-will fix everything”

  2. A couple of points before you get skewered by the nasties:

    • DrawingML is documented as part of DIS29500.
    • I didn’t say it was “trivial” for mature Open Source projects to implement it, just that as a result of hundreds of man years of global, open, collaborative reverse engineering work and the fact that OOXML is substantially an XML rendering of a product-derived format, it would be easier than some have suggested. It will be an expensive exercise to work with the format regardless, which will have an impact on Australian small business and government.
  3. Excellent report Pia. Thank you for putting the event together, and for outlining the arguments as discussed. Very illuminating.

    Am particularly pleased by you taking the initiative of following our kiwi cousins efforts to actively contribute to the debate.

    Thanks also to Jeff for the OSIA representation. 🙂 Brendan’s work in this area has been a good thing TM – but as none of the OSIA people were available to attend it was brilliant to have someone there who could passionately and accurately cover the issues.

  4. Thanks for this wrapup Pia, and your gentle words. (I am trying to figure out specifically what I said in my blog that has upset people. I am fixing up the things I could figure out.)

    I was glad you picked up on the comment about ISO/IEC creating voluntary standards (for technical standards): the ISO website has ramped up its material on this aspect too. (It specifically mentions ISO does not make laws or regulations, and so on.)

    A lot of people seem to be saying “Oh, after this we seriously don’t think that we should just accept ISO standards ahead of other choices automatically” and my answer (and, indeed, I think it would be ISO’s too) is “Good! Finally people are being realistic”.

    The ISO standards process is not like a talent show, where all possible forms are critiqued and tested and there is one winner. Instead, the process is a forum for people who want a technology to get some kind of documentation QA and formalized stakeholder review and basic IPR clarifation from the particpants. At the end, when the stakeholders get an agreement, the document gets an ISO number and stamp.

    So when looking at whether a process (such as a procurement process) should favour ISO standards, the issue should be “how important acually is documentation QA, international stakeholder review and IPR clarification for this process”? It is entirely probable that there are (government procurement) processes which favour adopting ISO on an incorrect basis: for example, that the technology is necessarily technically preferable to non-standard alternatives (or alternatives from the boutique consortia.)

    Of course, we try to make standards technically excellent, too. When I asked James Clark why RELAX NG should become a standard, his reply was “Because it is technically excellent.” But some standards are based on “Lets make something beautiful” and other are based on “Lets describe what is, even if it is ugly” and so have very different criteria for being judged.

Leave a Reply

Your email address will not be published. Required fields are marked *