ODF is about the future, Open XML is about the past. was a comment by IBM's Bob Sutor that I picked up and endorsed in January 2007. This week, Alex Brown (who was asked to organize next week's meeting in London to figure out the best way to maintain —fix, complete, evolve, retire—OOXML at SC34 which is the ISO/IC JTC1 committee charged with looking after OOXML and ODF) issued a press release which takes a similar view: The recently standardised OOXML format will now take second place to Open Document Format (ODF).
The reaction from Dr Sutor is typical: I'm guessing there was some commercial reason... Gosh, if that is the reaction when someone agrees with him, what must the reaction be when someone disagrees? (When people wonder where the slimy rumours of corruption and bribery come from, that turn out to be completely false, they were probably originally guesses like Sutor's.)
I presume the reason for Dr Brown's press release is quite simple and innocent: to put it on the record that his view is pro-standards and pro-ODF but that he acknowledges there are benefits to having both ODF and OOXML as ISO standards. The kind of neutrality and disclosure that is needed for his current role.
[Update: To see more of this habitual (or, at least, tactical) demonizing and personal attack, see for example the comments of one
rcweir on Groklaw: Mr. Brown is not careless with words and he delights in all manner of ambiguity. My guess is that he is sitting back laughing right now at how people are interpreting his press release. ]
IBM's Rob Weir also has joined in. His blog entry Toy Soldiers is also an attack on the idea of a maintenance process but entirely muddled. Take the comment:
Who is better positioned to clarify exactly how Excel financial functions work, the Microsoft engineer who has access to the Excel source code, or an SC34 representative from Khazakstan?
I'd like to point out two things. The first is obviously that this is a false choice: the representative from Kazakhstan could raise the issue, and then Ecma get a response from MicroSoft. Or, if MicroSoft were slack in responding, it could be noted in the standard that there may be other methods deployed. Or the indefatigable Kazakhs could reverse engineer the behaviour and add that. Or the SC could decide that the current method was unclear and that adopting some other method was a better approach at the risk of breaking things and alienating vendors. All possible, none improbable approaches.
The second thing is that underneath the reference to Kazakhstan is the idea that small National Bodies do not have a place at the table; that vendors are important and others are not. More about this later.
ODF Alliance Brasil's Jomar Silva OpenXML: Finally the hidden truth emerges is also on the attack against maintenance at ISO. (He manages to get it right that this is JTC1 not ISO, however in the ensuing flummery he misses the point that the London meetings are about the best way to proceed with maximum openness and effectiveness, not the details which of course would require the endorsed text.)
Which finally brings us the point. Why are these people so scared of openness?
This may seem a strange and provocative thing to say. Surely ODF is the open technology and OOXML is the proprietary technology? Surely we know this because "ISO" is the organization which is just the puppet of MicroSoft while OASIS is a bastion of community openness!
But is this really the case?
JTC1 standards are accepted and maintained only by super-majorities of the involved National Bodies voting. In the case of OOXML, JTC1 was a highly successful forum, with over 80 National Bodies were involved, with thousands of individual contributers. Remember that for later: thousands of individuals and over 80 National Bodies involved.
I have just looked over the minutes of the OASIS ODF technical committee for the last year. I cannot find a single meeting where there is not a super majority of participants from one particular group: commercial companies who make products (in particular, office suites and usually hardware). The lack of user, academic or government participation at the TC level is startling, less than any standards committee I have ever seen.
Furthermore, until recently at least 50% of the committee it seems was made up of employees or consultants of two companies only: Sun and IBM. (Here is the minutes of the most recent TC, here are the minutes of a year ago. Not every participant is necessarily a voting member at the time. Note that Dr Durusau is sponsored by Sun.) [Update: Please note that there was more diverse membership in the earlier years of the ODF TC.]
[Update: The OASIS voting rules are that a full majority (more than 50% of "voting members" of the TC not just those present) is required for changes to the draft; more than 2/3 yes and less than 1/4 against of voting member is required to move to "committee specification stage"; finally a vote with at least 15% of OASIS members saying yes is required to move to "OASIS standard" stage. So the composition of the TC is quite important.]
Now I am not blaming Sun or IBM or accusing them of stacking or any such thing, don't get carried away. But the OASIS ODF TC clearly needs more people to get involved and participate if it is to be credible as an open body rather than a vendor front.
So: at JTC1 we had over 80 national bodies participating with thousands of participants, at OASIS ODF TC you have the ODF TC with 6 to 13 or so active participants, almost all from a handful of commercial organizations and almost all representing vendors. (OASIS standards are voted for by members: there is a partial list of members here.)
I think the extreme reaction against the idea of JTC1 maintaining standards is exactly the one identified by the IBM-ers: large companies don't want to give up control. They are much more happy about being part of consortia where they can effectively dominate the agenda, and very unhappy about having scrutiny and agendas dictated by outsiders. From this perspective, the membership-based consortia are much more "stackable" (even innocently, by the withdrawal of other participants) than the National Bodies.
I was pleased to see this week that the feature-list for ODF 1.2 is frozen, and that the OASIS ODF TC finally now has a draft of responses to the issues raised by National Bodies for the ODF 1.0 process. Surely that is wrong, I hear you saying? Surely it is ECMA TC 45 that has used ISO as a rubber stamp and the OASIS ODF TC has been responsive to requests? Well...err.
People Power: who can deliver it?
The way things were evolving a couple of years ago, we were seeing IT standards being developed in the agile, membership-based, vendor-friendly environment of the consortia (W3C, OASIS, etc) and then brought to JTC1 for QA and vetting. It is JTC1 as an audit or QA process I guess. Most people think the fast-track process took this too far, but don't be distracted. The core idea is that JTC1's process, based on National Body voting is both effective (because it supplements the scrutiny from the consortium: OASIS has weak I18n vetting compared to JTC1 or W3C for example) and more genuinely open, because it is impossible to stack either directly or indirectly.
But now we have this campaign to remove ODF from the only systematic, independent, non-commercial QA and vetting that it could have. The more important and strategic ODF or any technology becomes, the more important it is that large vendors, individually or in cliques or cartels, do not have ultimate say in its direction.
OASIS has not proved itself as an organization capable of delivering this broad spectrum of stakeholder involvement, so far.
(Oh, people say, didn't MicroSoft successfully stack the National Bodies? Well, the same National Bodies that voted against DIS29500 mark I being accepted voted for DIS29500 mark II. What happened was that neither the favoured position of Microsoft—immediate adoption without change— or the opponents'—rejection or wholesale changes— won in the end. Not a sign of successful stacking.)
So we have the ODF standard being promoted on the basis of its openness. We have a process developing it which has been clearly dominated by a couple of commercial players, around a single code base, and by vendors rather than users. We have JTC1 scrutiny as an effective way of changing the power relationships and of providing helpful QA. We have a campaign lead by one of the commercial players against JTC1 maintenance, a lack of interest by the OASIS group chaired by employees of these companies in progressing the comments made by National Bodies as part of maintain ODF 1.0 maintenance, and a track record of attacking and slurring JTC1 participants who are not seen as towing the party line (for example when Dr Brown made his validation smoketest.)
Things need to improve. The OASIS TC needs to have more involvement from other stakeholders, and in particular governments and users need to step up to the mark. Indeed, from the ODF minutes, recently there has a broader base, but not much: these important standards need multiple, independent review and a commitment to accommodate necessary changes in a timely fashion. And more cooperation is necessary. If they are unhappy with the kind of I18n vetting that SC34 will provide, then rope the W3C I18n WG in: I am sure they would respond to a request to review ODF. But don't have no review.
I am sure things will improve. And I am equally sure that I will be hissed at: how dare I attack Saint ODF and the Blessed OASIS! I am not. But if we are to adopt openness as public policy, it has to be real openness. To be more direct, governments who want to adopt open standards need to participate in the standards bodies: for openness to have any meaning (in the aspiration sense that people seek) a standard must be more than the technologies that a cabal of vendors conspires to adopt...it must also reflect the requirements of the full spectrum of stakeholders.
The large corporations love the ISO (or JTC1) stamp of approval for their technologies, but they really dislike genuine ISO feedback. It is disruptive, it messes up their plans, it confuses them. The BRM changed OOXML just enough that MicroSoft has bumped support for it as a major release feature not a service pack feature: IBM and the other vendors really don't want to expose themselves to the same kinds of disruption and scrutiny.
I wish Alex Brown and the people taking part in the London meeting of the SC34 ad hoc working group on the maintenance of IS29500 well. I hope various stakeholders around the world will come to see how important the maintenance efforts at JTC1 for both IS29500 (OOXML) and IS26300 (ODF) are, or at least could be with adequate support.
The good news is that we don't need to settle for vendor-
dominated consortia like OASIS, W3C and Ecma. Apart from participating in them directly, there is a safety net available: using the ISO/IEC/JTC1 standardization process to augment and audit and vet the consortium standards. This gives a nice balance, I think: agile development with close attention to vendor/developer requirements at the consortia (and I am not remotely saying that vendors/developers are not key stakeholders who need to be onside), and broader vetting, QA and feedback from JTC1 who will slice the cake in an entirely different direction than the consortia.
It is up to stakeholders (to National Bodies, governments, academics, user groups, vendors, experts) to make this system work and thrive. It does not work by itself, it needs participation. Without participation, openness is empty.
It is well known how much technology companies prize control of the API. Indeed, it was a key issue in many people's minds last year. I don't think people realize the extent that it still exists in member-based forums such as consortia: you get control by having multiple voting members, by participating early when the key decisions are made, and by subsequently voting that rival's requirements are not legitimate and their technologies inappropriate. So you get soft control of the API. The provision of an independent review mechanism where you or your rivals have no direct control, which feeds requirements and technologies and changes into the system from users and bypassing your corporate plans represents a loss of soft control, and it should be of no surprise when vendors try to escape or resist it.
But I don't see anything stopping the drive to open standards. There will be scrutiny of all the different organizations involved, and I think I see the start of a virtuous cycle: the more that a high standard is demanded of JTC1 by vendors in order to keep development in consortia where they have soft power, the more that those high standards will expose limitations and areas for improvement in the consortia too which can only result in the need for external, non-member-based QA such as JTC1 does in fact provide.
Update: Diary of a Non-SmokerIBM's Rob Weir is a co-chair of the OASIS ODF TC, so it is natural that he would make some response: but What is Rick Smoking avoids my points and substitute others. It is worth reading. I am a non-smoker.
Here are the various claims he makes:
- Weir claims I am saying that SC34 is a more participatory environment for developing standards than OASIS, however that is not a point I was making at all. My point was that SC34 is good for *review* and I don't think I mention development at all w.r.t SC34. What is scary about review?
- Weir claims you need to have government permission to join. Err, not here (our standards body is not governmental), and I don't know of any cases where there is political vetting.
- Weir writes about the costs of membership OASIS versus NBs or ISO. You know how much money I have spent on membership fees of SC34 and its predecessor on and off since the mid 1990s? $0 as far as I can recall. And the cost of participating in my NB earlier on: $0. The cost argument ain't necessarily so: some countries charge. [Update: In fact, it is a JTC1 rule that accredited delegations shall be able to attend meetings without having to pay a fee: s220.127.116.11.1 JTC1 Directives.] But in any case, I am not presenting them as either/or choices but complements neither of which automatically give openness and both of which require participation: a range of bodies allows you to pick the most feasible for you to participate in. Hence my point "Without participation, openness is empty." What is scary about complementarity?
I don't know if it is a current requirement, but it used to be that at W3C TC members were supposed to commit to at least 1 day per week. Participation at this level is not really an amateur activity, and that disenfranchises a lot of people immediately: but standards are a serious business, not one for armchair generals and Slashdotters.
- Weir raises the issues of costs of travel. In the case of SC34, most of the WG1 work is done online and on a public maillist: at dsdl.org. I usually only attend SC34 meetings that are in my hemisphere, for example. I don't see that a junket mentality prevails, per
..(Sorry, the last part of this blog has disappeared. I am trying to get it reinstated. In particular, this included multiple listings of the rollcalls of the ODF TC which clearly demonstrated the concentration of membership over the last year.)