ISO Relevance Questioned After OOXML Appeals Fail

Cowards Anonymous passes along an Australian PCWorld piece that begins "Countries whose appeals were dismissed regarding the ISO/IEC's approval of Microsoft's OOXML as an international standard are questioning the judgment and relevance of the ISO/IEC and the standards they approve. In a statement made at the Congresso Internacional Sociedade e Governo Electronico (CONSEGI) 2008 conference, representatives from three of the four countries that appealed against an April 1 vote to approve OOXML as a standard said they are 'no longer confident' in the ability of both the International Organization for Standardization and the International Electrotechnical Commission to be vendor-neutral and open when it comes to setting technology standards." Here is the statement signed by South Africa, Brazil, Venezuela, Ecuador, Paraguay, and Cuba. The countries won't pursue further opposition to OOXML.

Does ISO still matter??

[rodrigoandrade]

Really, I really mean this question.

Re:Does ISO still matter??

Really, I really mean this question.

Why? Who else is there to replace them? Or are you advocating a no-standards-free-for-all?

Re:Does ISO still matter??

[Opportunist]

Yes. Yes it does.

Imagine you know jack about technology (like, let's say, the average CEO). Then you have to turn to someone to tell you whether something or someone is capable of accomplishing some task. So what do you do? You start looking for standards, check what those standards describe, find out if it applies to you and look for tools that work according to that standard.

You can't decide whether the tool you choose is really "good". You can't decide whether someone who happens to be certified according to some certs can actually do something (I've seen ISO 27001 people who didn't know jack about real security problems, you can't certify something that changes faster than you can slap a standard together). But when you don't know you have to believe (ask the religious guys, they know best about that). And CEOs tend to believe industry standards. Whether those standards actually "work" or are arbitrary doesn't matter. Well, it does matter, but they don't really have a choice. It's "as good as it gets" for them.

Compatibility is a huge issue in today's economy. You have to be able to send your documents to your partners and expect them to be able to use them. Standardized formats play a big role in this game. Those formats may be bad, dated, horribly insecure and a vendor lock-in, but they are standardized and thus compatible with the companies you deal with.

That's what CEOs care about.

Re:Does ISO still matter??

[larry+bagina]

Maybe fast-tracking is the problem. Normally, a standard exists because something has been in use for a while and gained acceptance (a de facto standard) or because relevant parties sit down and agree to it. If the standard was created elsewhere (eg, C++), it makes sense for ISO to defer to them. But to just approve OOXML (and OpenOffice XML) is the wrong approach. They should have sat down and created a new ISO Document XML format with input from MS, Open Office, Apple, IBM, or any other relevant parties.

Re:Does ISO still matter??

[Anonymous+Brave+Guy]

I agree that you are describing reality, but this is exactly why ISO has now lost credibility in the technical community.

If a standards body acts only as a known library where you know you can go to look up useful information — a channel for communication between interested parties, if you like — then it is useful for compatibility, avoiding reinventing the wheel, and similar laudable goals. But if being an "ISO standard" confers some sort of status, making some sort of statement about the value or relevance of the standardised item, then there are standards (in the ethical sense) that must be upheld for the ISO standards to mean anything. One of those needs to be independent, peer-reviewed audit, and that clearly hasn't happened here.

Most CEOs are not stupid, but most of them probably are naive on technical matters, because that's not what they do. If CEOs cannot trust the technical merit of ISO standards then ISO is a liability, because it gives a false sense of security.

Re:Does ISO still matter??

[morgan_greywolf]

Standardized formats play a big role in this game. Those formats may be bad, dated, horribly insecure and a vendor lock-in, but they are standardized and thus compatible with the companies you deal with.

But standardized formats are meaningless when they cannot be implemented, not even by the company who bought and paid for the format to become a standard.

They are going to say that OOXML is an ISO standard, but their own products don't follow the ISO standard.

So OOXML is not compatible. Not even with Microsoft's own products.

Since ISO just approved an incompatible, useless standard, what does that make them?

You got it.

Useless.

Re:Does ISO still matter??

[Adaptux]

Really, I really mean this question.

As long as no significantly more credible replacement exists, ISO will continue to matter, at least with respect to government procurement (which again sends strong signals to the economy as a whole) -- even in fields like informatics where practically all knowledgeable people primarily look elsewhere for standards.

Replacing ISO is not an easy task, but IMO it needs to be done. If you're willing to help, please join the effort at OpenISO.org

Re:Does ISO still matter??

[v1]

ISO doesn't, the ISO standards do.

How can the ISO standard matter anymore if you can just pay someone off to get your own?

ISO used to be a known quantity, if it was ISO then it was sensible, fair, interoperable, open, etc. Now that ooxml has stormed the gates, as they say, "one bad apple will spoil the barrel". The approval of ooxml has turned ISO from "these are all good standards" to "most of these are good standards", and that's forever. ISO standards are no longer unquestioned..

We used to ask "so is that an ISO standard?" But now we will start asking "so is that a GOOD ISO standard?" The first time you sell out is the greatest damage to your reputation. It knocks you off the pedestal and tosses you down among the riff-raff.

Re:Does ISO still matter??

[ShieldW0lf]

Translation: We don't want to do this. It's a bunch of headache. We liked being able to rely on ISO/IEC, it made our life easier. But we've seen things recently that make us wonder if we have any choice but to find alternatives. Needless to say, we're not going to make any rash statements before we know our options, but honestly, if this wasn't a really big deal, we never would have got off our asses enough to make a statement about this issue in the first place. ISO matters in that we miss them, and we're pissed off that they let us down, but not in the sense that we feel secure enough to continue using their standards, because we don't.

Re:Does ISO still matter??

[Magic5Ball]

ISO may have lost credibility in the vast part of the pseudo-technical community who doesn't know what standards-setting organizations do.

A standards organization doesn't force any individual or organization to adopt or follow any standard. It offers one (or more) standards that individuals or organizations can adopt in its processes/products, such that other individuals or organizations can rely on a basic level of documentation, interoperability or performance being present in the standards-marked processes/products, should they choose to follow the standard.

The existence of a particular standard for gravel-based personal flotation device doesn't mean that such things are a good business or technical idea, just that a significant number of different stakeholders claim to want to interoperate in the space of gravel-based flotation devices. The existence of that standard does not preempt the proposal of other standards for gravel-based personal flotation devices, nor does it compel any entity to make things described by that standard.

In this regard, nothing which has happened with OOXML has changed the fundamental nature of standards bodies in their lack of prescriptive abilities.

This standard is just like all others when used as intended ("we can make these standards-based assumptions about this vendor/product"), and when abused ("these standards are a substitute for professional or business judgment and management skills").

Re:Does ISO still matter??

[Anonymous+Brave+Guy]

ISO may have lost credibility in the vast part of the pseudo-technical community who doesn't know what standards-setting organizations do.

Ah, yes, those of us objecting are all stupid and/or ignorant.

It offers one (or more) standards that individuals or organizations can adopt in its processes/products, such that other individuals or organizations can rely on a basic level of documentation, interoperability or performance being present in the standards-marked processes/products, should they choose to follow the standard.

Exactly. And in the case of OOXML, other individuals or organizations can't adopt it or rely on a basic level of interoperability. AIUI, Microsoft themselves don't actually implement the variation of OOXML that has been recognised by ISO. Given how ill-specified parts of that OOXML "standard" are, no-one else has any chance at all.

And while in theory you would be right about what standards bodies are for, there is no point sticking our heads in the sand and pretending that endorsement by a major standards body such as ISO doesn't have other implications. Many governments require that their work is consistent with standards, for example, and any contractor who doesn't use the appropriate "standardised" software may find themselves out of luck when seeking any future government-funded work.

Re:Does ISO still matter??

[jimicus]

They should have sat down and created a new ISO Document XML format with input from MS, Open Office, Apple, IBM, or any other relevant parties.

What a good idea. They could call it something like Open Document Format.

Except I doubt Microsoft would be prepared to be involved in such a discussion.

Re:Does ISO still matter??

[db32]

You realize you just made the argument for why ISO doesn't matter right? CEOs need to be able to trust these things, compatability, interoperability, etc. When the standards can be outright purchased as they were here, then that whole process breaks down, and nobody should be trusting anything with an ISO stamp.

Re:Does ISO still matter??

[erroneus]

Decision makers are not usually technically oriented people. They see "GIF" format and think "standard" not realizing there are multiple GIF standards. The same goes for ".DOC" files. And when they saying something should be in "OOXML" format because it is an ISO standard, they will be uninterested in the difference between Microsoft's implementation of OOXML and the ISO specification for OOXML. And just as in the case of "The Web" when something looks fine in MSIE and doesn't look right in Firefox, people tend to think there is something wrong with Firefox.

I guess what I'm saying is that the problem is the perception of a standard and not the standard itself or whether or not something properly complies. End the end, only Microsoft's OOXML will be perceived as acceptable because it isn't likely that other implementations of OOXML will render properly in MS Office and files created in other applications will not look right in MS Office. The perception will be that everything but Microsoft is broken.

Re:Does ISO still matter??

[SnarfQuest]

Except that there were/are several programs currently available that implement ODF, and there are currently no plans by anyone to implement OOXML. Should I choose to use a format that has been proven to work, or one that is incompletely documented with no successful implementation?

Re:Does ISO still matter??

[Ilgaz]

Well, if they accept OOXML as a standard, people may question if ISO A4 standard has something shadowy behind it or ISO 9001 is given to anyone with enough money.

One mistake and trust is gone. There is no "ISO Police". If there are companies who has the neat idea of ISO OOXML format usage instead of PDF, Open Office etc., God help them since MS will become a patent troll/leech company in 5 years.

Re:Does ISO still matter??

[Opportunist]

The problem is that a standard being used to create compatibility and a standard being used to say something about the value of some implementation is the same in the ears of business oriented people. Something that makes me compatible with my partners is valuable.

As for "not being forced to adopt", as someone has pointed out, a standard is pretty much forcing you to adopt it, out of necessity, not because it's some written law that you must. Standards force you to adopt them out of the necessity to be compatible. Sure, if everyone went and dumped a standard to favor another, maybe better, system, we could all happily ignore some wannabe standard. Problem is that this doesn't happen.

CEOs aren't stupid, but they are also rarely if ever idealists. They don't know too much about the technical details about implementations or formats. But they want to choose the format that will cost the least to use. And generally, at least until now, this was using a standardized format. Relying on ISO was saving them money. Procedures could be trusted to be compatible with other companies that rely on the same procedures, which saves time. Time that would have to be used to "convert" diverging processes. Same for formats. Same for people.

Now, I'm not saying that OOXML is going to cost more money, but due to its less than perfect design and no 100% compatible implementation in existance this can easily happen. And this could easily damage the reputation of ISO.

Re:Does ISO still matter??

[Ilgaz]

"pseudo-technical community"

Lets ignore your direct attack to Slashdot community which we sometimes see non anonymous comments of industry leader companies CEOs and people having written World standard RFCs... What about "more serious looking" Sun Microsystems and IBM which itself larger than many countries represented in ISO?

If you suggest a Windows only standard with a very suspicious voting process which even involves some dictatorships, you are irrelevant. You should be investigated and punished too if there was money involved.

Being "ISO" really doesn't make them untouchable. Same goes for Microsoft too. They should be investigated by a international court as bribery (via money or other things) is a very serious crime.

Re:Does ISO still matter??

[gtall]

While I agree with your sentiments, there's nothing stopping from M$ claiming their docuthingy conforms to ISO standard Blah-Wooffle-Beetle-Bam. Anyone who must approve a docuthingy with an ISO standard restriction will simply see M$, see the ISO standard M$ points to which conveniently has M$ in name lest they care not to look further than that, and will mark the inviting checkbox that indicates said docuthingy meets the restriction.

For M$, a win is a win no matter who they had rape to get it.

Gerry

Re:Does ISO still matter??

[NickFortune]

In this regard, nothing which has happened with OOXML has changed the fundamental nature of standards bodies in their lack of prescriptive abilities.

I might buy that if the MSOOXML spec was for for purpose. If three vendors make screws for one purpose, they all want their size and pitch to be the standard chosen, if only to avoid retooling costs. But whoever wins, everyone can use the standard thereafter. Everyone gets what they want.

This does not appear to be the case with the MSOOXML spec, where the final version remains unpublished, and where a large number of objections have never been discussed, let alone resolved, where the control of the standard remains in the control of the major playing in the field, and where a conforming reference implementation does not exist and likely never will. Under such circumstances, it's hard to see how this could ever serve the purpose of interoperability in the field of office documents. The spec is simply and blatantly unfit for its stated purpose.

But the problem here is not so much that ISO favoured Microsoft. The problem is that, using your example, they did indeed force through a gravel based flotation device. And while no one is compelled to adopt the standard, a major that reason ISO standards have been followed in the past is that people trust their flotation devices to at least float. If they force through one that sinks, and then have the effrontery claim that nothing is the matter, then it would be surprising if this didn't damage confidence in other standards they may produce.

Re:Does ISO still matter??

[Elektroschock]

Microsoft is very much afraid of the domino effect but in fact their ISO activities mainstreamed the idea to challenge the bully with governmental action. ODF is quickly gaining ground

Re:Does ISO still matter??

[PMuse]

What this debacle reveals is that ISO's processes and procedures are poorly designed to deal with a wealthy attacker. Our options are (i) fix ISO's procedures or (ii) fork ISO.

Reforming ISO is probably going to be the easier option, but before we nail any theses to the church door, consider whether we will have anything like a unified, standard church when we're through.

Re:Does ISO still matter??

[HiThere]

It's worse than that. The waiver of patent enforcement offered by MS was only for compliant implementations. So by ensuring that there are no compliat implementations, MS ensures that it doesn't have to waive any patent enforcement. And I don't think anyone knows exactly what patents are involved. (We've seen this pattern before, but this time we actually know that some real patents are involved. We just don't know what the complete list is. So nobody can be certain that they've worked around them.)

Add to the fact that it's probably impossible for ANYONE, MS included, to make a totally compliant implementation...and MS has no incentive to actually try...so it wouldn't do any good to implement a compliant version...it wouldn't read the documents created by MS.

What's really needed is a test for compliance, so that anyone claiming to have a standards compliant version can be tested for compliance. But that would just ensure that nobody would be able to claim compliance. And lacking such a test, anyone can claim compliance.

Re:ISO

[Opportunist]

Funny, there are some Chinese guys here that sell ISOs in some sort of garage sale...

ISO now means...

[QuietLagoon]

... The Best Standards That Money Can Buy ®

Re:ISO now means...

[arthurpaliden]

I Sold Out

Re:stop complaining

I find an accusation that Brazilians have no life coming from a Slashdot posting Microsoft fanboy so excellently funny that I can only salute you.

Maybe it's time to switch

[meatmanek]

These countries should just all start using ANSI. It's a much better organiza--

Wait, you're telling me A doesn't stand for awesome?

Re:Maybe it's time to switch

[binarylarry]

It used too.

Until 50 cent bought his way into the organization and official changed it to mean "Ahhh yeeeeaaaahh bitch!"

This is a bigger issue than Microsoft.

It is unacceptable for any organisation to buy a standard that provides it with a competitave advantage.

ISO has produced the OOXML situation and has ridden roughshod over its own rules to do it. So the relevance of ISO is now highly questionable.

ISO can no longer be considered independent for Technology standards.

Commision Response:

[FriendlyLurker]

> "questioning the judgment and relevance of the ISO/IEC and the standards they approve... said they are 'no longer confident' in the ability of..."

Judgment: Bought
Relevance: Irrelevant
Your Confidence in ISO: Of no concern to us now that we have nice fat OOXML consulting paychecks flowing in.

The answer is simple

[TheJasper]

Don't use OOXML. A standard is not a law and ISO/IEC not an enforcement agency. They are an authority which you can judge on its worth.

Since they are arguing that they spent money on using ODF then why care about OOXML?

Re:The answer is simple

[FST777]

No, it's not simple. A lot of governments and businesses have rules implemented that say that they have to work with standards as much as possible. It is now possible for Microsoft to monopolize the office market further by waving the ISO flag at them.

This means that there is less incentive to move towards open and broadly implemented standards for both governments and big businesses. In turn, that means that Microsoft Office will remain something everyone expects you just have on your PC. Think about schools that give kids assignments in MS Word and Excel. Think about bosses that send schedules to employees in those formats. Think about governments that makes documents available for download in those formats. Then tell those people you don't own a license for MS Office, and look at their response.

ISO has put Microsoft in an ideal position to further conquer the market for office suits, the market for operating systems and the emerging market for online office service. I care about that.

Re:The answer is simple

[jimicus]

Don't use OOXML. A standard is not a law and ISO/IEC not an enforcement agency. They are an authority which you can judge on its worth.

Since they are arguing that they spent money on using ODF then why care about OOXML?

I RTFA (I know, I know) and that is basically what they're talking about doing.

However, the whole point of the article is that this has deeper implications. From TFA:

Given the organisation's inability to follow its own rules we are no longer confident that ISO/IEC will be capable of transforming itself into the open and vendor-neutral standards setting organisation which is such an urgent requirement. What is now clear is that we will have to, albeit reluctantly, re-evaluate our assessment of ISO/IEC, particularly in its relevance to our various national government interoperability frameworks. Whereas in the past it has been assumed that an ISO/IEC standard should automatically be considered for use within government, clearly this position no longer stands.

I don't think I need to clarify that any further.

Re:The answer is simple

It is now possible for Microsoft to monopolize the office market further by waving the ISO flag at them.

No, not at all.

Firstly, Microsoft's Office 2007 product does not implement the ISO/IEC DIS 29500 (OOXML) standard.

Secondly, ISO/IEC 26300:2006 (OpenDocument, or ODF) is also a standard that the office market can wave right back a Microsoft.

ISO has put Microsoft in an ideal position to further conquer the market for office suits, the market for operating systems and the emerging market for online office service.

No, Microsoft is not in such a position at all. Microsoft has no product to market that implements either of these competing standards.

OpenOffice.org, KOffice, Google Docs, NeoOffice, Zoho, IBM Lotus Symphony and Corel WordPerfect Office X4 are all competing products in the Office market right now that implement the ISO/IEC 26300:2006 (OpenDocument or ODF) standard. Take your pick.

Re:The answer is simple

[the_B0fh]

You must not have been following the news. How is OOXML an open standard, when it is full of "implement this feature just like Excel 97" when the Excel 97 documentation is missing/unavailable?

Re:The answer is simple

[jimicus]

The whole point of a standard is that it's a document you can point at and say "We want your product to do this".

The whole point of ISO is that they're a respected international organisation which publishes these standards so there's no confusion when you say "We want your product to follow ISO standard 1234567890" - and you can be reasonably confident that even if the standard isn't fantastic, it's at least something you can all agree on.

Once ISO start publishing "standards" which for whatever reason you can't usefully point to and say "We want your product to do this", the point in their existence evaporates.

Re:The answer is simple

[Ilgaz]

Add Apple too. By giving "Read only" support to ODF, they put their weight behind ODF. "Text Edit.app" is a very important piece of software ;)

Also my Symbian S80 Nokia 9300 can open/edit ODF documents via freeware. It is important thing since, it shows ODF is that easy to implement on anything. Symbian S80 is one of the weirdest portable OS'es you can find, even Nokia got rid of it in E90 upgrade (it is S60).

Re:stop complaining

[metzomagic]

deal with it, it isnt the end of the world.

It is if you are the unfortunate bastard who has to figure out how to read in a Mickeysoft Word doc and convert it to another format! What do you do when a section is tagged as "Format like Word 95"?!

metzomagic

step in the wrong direction..

granted ISO isn't handling these appeals and this scenario the way they should (imho), questioning their validity as a standards organization is probably the best thing for monopolies like Microsoft.

At this point even if OOXML gets turned down as a standard and enough countries (especially the big players like europe and the US) scoff at the ISO then Microsoft has turned us against our standards ideal and won.

Without even pointing a finger, MS will have stripped the ISO of legitimate credibility as a standards institute. Not a good thing.

Re:step in the wrong direction..

[Anonymous+Brave+Guy]

MS has already stripped ISO of legitimate credibility, by proving that it can be bought.

I don't see why undermining them as a standards organisation means Microsoft win. There are other bodies that can serve the same purpose, either recognised with some sense of official standing in a community, or simply producing de facto standards that people follow by mutual consent or from practical necessity.

For example, while there actually is an ISO standardised version of HTML4, most of the "web standards" are not ISO recognised at all. And yet, here you are, reading this, and it probably looks pretty much how I and the Slashdot admins intended on your screen just as it does on mine. The W3C itself uses the term "recommendations" rather than claiming to define "standards", which I think is good form on their part, but almost everyone who makes browsers except for Microsoft treats the W3C as a standards-defining body in practice, and even MS acknowledge the W3C's existence.

Other effective standards have come about because of sheer industry power, with Microsoft's own, IE6-compatible flavours of HTML and CSS probably the most common example in the WWW area.

This seriously sucks

[pzs]

Standards can be wrong or incomplete but they are still completely vital to the proper functioning of modern computing.

If Microsoft's dodgy dealings have managed to invalidate trust in one of the main standards bodies, thereby making less people adhere to standards, this will be a serious blow to interoperable computing in the future.

Re:stop complaining ask a flawed mind

[Framboise]

On technical matters lies and corruption do not work. These countries show they bother about technical standards being built on rational and consensual decisions, not being bought just for helping Microsoft control document formats.

These countries appear closer to integrity than Western wealthy countries, interesting.

Yes, but

[Reality+Master+201]

Part of the advantage MS gets from this is that they can now sell their software to organizations that require open document format specs. So even if you don't want to use OOXML, you local government might (and likely will - it's not like they'll stop buying office licenses, particularly if they can get around the open format law in this way).

Of course, I've you've ever seen an ISO-9001:2000 certified process, you probably already know how completely meaningless the specs and certifications are in practical terms.

Re:Yes, but

[NormalVisual]

Reminds me of a quote whose source I can't remember at the moment: "My dog has a process. He eats dog food and sometime later takes a dump. He ALWAYS follows this process consistently without fail. But it still results in shit."

Sad...

[trendzetter]

It's sad that non of the countries tries to take the appeal on the next level, the Secretaries-General, because it would show us how high the corruption in ISO goes.

Re:Sad...

[TheLink]

We already know it stinks like shit, we don't need to know whether it tastes like shit ;).

Iso Vs Reality

[Narpak]

While I do not doubt that ISO will be around for a long while yet; the case of ODF and OOXML illustrates how their significance isn't all that it used to be. The case of ODF shows that even if a big corporation gets their own standards passed by unethical means people will still choose the superior product. At least so it would seem so far. More and more companies and nations are making ODF a document standard because it is Open and available to all their citizens. Why pay for expensive software when free software does the job more than adequately.

What annoys me the most about cases such as this is the fact that they get little to no coverage in my nations media. No mention in any newspaper at all. Then again it's no big surprise since the "newspapers" are looking more like tabloids every day.

Re:Iso Vs Reality

[Ilgaz]

What was that UN like organisation, another huge one before United Nations? It was huge and effective until invasion of Poland and start of WW2. The day WW2 broke out, it became irrelevant.

Acceptance of Windows only (shut up really, MS puppets) standard(!) could mark the end of ISO.

Re:Iso Vs Reality

[NormalVisual]

League of Nations?

Re:So let me get this straight.

[gmack]

It's more than that. Microsoft pushed countries that otherwise would have had no interest in the process to sign on as voting members. They also stuffed country committee meetings with their own people and in one case got caught paying people to attend.

It was so bad that the working group responsible is now paralyzed because too many of the new countries who signed on as voting members can't even be bothered to vote on anything that's not OOXML.

This is not just a disagreeable decision. It's an abuse of process.

Re:So let me get this straight.

You miss the main point. The "standard" is incomplete and cannot be implemented without access to source code within Microsoft's office suite. On this basis alone, it should have been rejected until the documentation is complete. I wonder why you defend them so much when it's obvious this "standard" is utter shit and totally unusable?

Re:stop complaining

[MrMr]

640x480 pixels, blue background, no window decorations, and 80 columns wide big white characters?

Re:stop complaining ask a flawed mind

[Bert64]

These countries appear closer to integrity than Western wealthy countries, interesting.

Because these countries have nothing to gain from supporting the entrenched suppliers, thus they are able to view the situation more objectively.

No, ISO did it to themselves

[walterbyrd]

ISO did not have to go along with MS's scam. ISO could have done the right thing. MS did not hurt ISO, ISO did it to themselves.

Re:So let me get this straight.

[JustKidding]

I'd think it's quite obvious this is not about ISO approving a standard some of us don't like; it's about how this standard was approved.

ISO has demonstrated that anyone can get anything approved, if they are willing to spend a whole lot of money in the process.

An organization like ISO should at the very least appear to be objective. Instead, the sold out, it's as simple as that.

The fact that OOXML was approved, and the process leading up to that verdict, proves two things: 1) Microsoft is a scummy as it has always been, if not worse, and 2) ISO is corrupt to it's core, and can no longer be trusted to be fair about anything, period.

Re:So let me get this straight.

[BorgDrone]

Just be glad we have a standard that we can work from.

No, that's exactly the problem, we now have a standard that we can't work from. It's completely unusable and shouldn't have been accepted as a standard.

What ISO is supposed to be about

[Adaptux]

ISO is supposed to be about standards which work for everyone. There are written rules in place which are designed to guarantee that specifications will be accepted as international standards only when there is very broad acceptance. In the case of OOXML, these rules were bent again and again (having participated in the process both as a member of the relevant committee in my national standardization organization and at the international "Ballot Resolution Meeting", I know this from first-hand observation). In view of this, it is IMO quite reasonable to interpret the dismissal of these appeals (the first appeals ever in the history of ISO/IEC JTC1) as very strong evidence that ISO/IEC approval of a specification can not longer be interpreted as an indication that the specification has very broad acceptance among those who care about the topic area.

As a matter of fact, what will become the ISO/IEC standard on OOXML is not likely to be truly implemented by anyone. Microsoft has already announced that they will not anytime soon implement the changes relative to the OOXML format that they're currently using.

Just be glad we have a standard that we can work from

Why would anyone want to "work from" the ISO/IEC version of the OOXML specification?

As always,

[toby]

Groklaw has more on this.

Politics

[Tom]

That's how politics come to a close about an issue. Those who lost complain, publicly, loudly, and with no effect whatsoever on the process itself. Then everyone goes back to business.

You can love it or hate it, but if you watch enough politics closely enough, you see this pattern repeat over and over and over again.

Re:So let me get this straight.

[Anonymous+Brave+Guy]

I'm sorry, but I believe you have spectacularly missed the point of the complaints here. There are basically two separate issues that have upset people.

The first is that we don't have a standard we can work from. Have you looked at the OOXML documentation at all? It isn't just big, it's pretty much ill-defined. What's the point of an ill-defined standard? If you want backward compatibility, it should say that certain features must work as documenting in another standard that you cite. OOXML says they must work like various previous bits of software with unspecified behaviour.

The second is that despite these glaring technical flaws, the standard has been approved because Microsoft have basically paid for enough people to join formerly opposed national standards bodies to swing the votes. This demonstrates that a single group with enough financial power can subvert the mechanisms for independent peer review that groups like ISO are expected to follow.

It is hardly surprising that in the final tally of national standards bodies, most approved OOXML. The point is that many of those did not approve it until the last minute, when numerous companies with an obvious affiliation to Microsoft suddenly started sending representatives along just in time to get voting rights, and then voted the standard through, with no evidence that they had even read it. There is considerable opposition to OOXML in most of these places, particularly from those who have actually read the material, but they have been shouted down by money and procedural flaws. That just means the affected national standards bodies also need to revise their processes or become irrelevant.

EU Commission

[expat.iain]

There is still the outstanding EU checks continuing. That and the fact there is still a path for the ISO appeals process to continue means this is not over yet. Considering ISO polices itself and does a pretty awful job, I suspect that the EU is going to be the best chance of putting this terrible 'standard' to sleep.

France has nothing to gain from this, and yet

[Nicolas+MONNET]

We have nothing to gain from funneling money into Microsoft's coffers.
But here are a few facts:
1. Sarkozy is best buds with the head of MS France
2. At the national std org (AFNOR) meeting, there was an overwhelming consensus towards voting "no"
3. The day before the final ISO vote, someone at the office of the president called our rep to the ISO
4. Our vote switched to "abstain", magically. This allowed OOXML to pass.

Corruption. There is no other word for it. It's interesting that Venezuela, Brasil, and Cuba voted, basically, against corruption. That should tell you something about what kind of "truth" we're being fed about those countries. (And no, hold your strawmen, I'm not implying that Castro is an angel.)

We asked for explanations about this vote; I don't think they even bothered to respond.

But: We can replace ISO

[Adaptux]

That's how politics come to a close about an issue. Those who lost complain, publicly, loudly, and with no effect whatsoever on the process itself. Then everyone goes back to business.

You can love it or hate it, but if you watch enough politics closely enough, you see this pattern repeat over and over and over again.

There's a difference here though: In most political contexts, nonviolently establishing an alternative process is prohibitively difficult.

In this context, it's still difficult, but much easier. ISO is not an intergovernmental organization. It's just simply a private-sector organization with seat in Geneva. Nothing and nobody has the right stop us from setting up a competing organization.

The key challenge is in convincing governments that the new organization is more worthy of paying attention to than ISO/IEC JTC1. In this context it's very good news that some governments are expressing doubts about ISO/IEC.

Note that since nations are sovereign, it is not necessary for an organization that aims to become a better alternative to ISO/IEC to convince a majority of countries. Even convincing a handful of countries is probably enough if a heavyweight like e.g. Brazil or India is among them, since that would suffice for putting very strong pressure on e.g. Microsoft to allow true interoperability.

What's new there, though?

[Moraelin]

A lot of people act as if ISO was

A) some kind of guarantee that it'll be implemented 100% accurately and compatibly by everyone, and there is absolutely no room for wiggling in incompatible details, and

B) it's the first time this happens.

Hello? Both are false.

As a trivial example, C is an ISO standard. ISO/IEC 9899, to be precise. When was the last one you saw two C compiler implementations, from two different vendors and preferrably on different architectures, that were 100% compatible with each other or the standard? It's trivial to produce code that produces wildly different results, and offten incorrect results, based on unspecified details like endianness or word size.

Or take paper sizes. The ISO 216 defines paper sizes like A4, and multiples. Has that stopped anyone from selling "letter" sized paper instead? Or it's trivial to produce paper which is technically A4, but will jam your printer anyway, e.g., because it's much thicker than normal and the standard says nothing about that third dimension.

Most of the ISO standards are just guidelines, nothing more.

Re:What's new there, though?

[laptop006]

Oh come on.

Everywhere *BUT* the US A4 is the standard, just like everywhere but the US metric is the standard. As for thickness (weight) the standard is you specify in GSM (grams per square meter), with 80 being standard office paper.

Give me any two C99 compilers on the same platform and some C99 code and it'll work. Endianess is explicitly implementation dependent as are a few other things. Almost every platform difference is due to OS libraries or libc, neither of which the compiler has anything to do with.

I know ISO standards aren't perfect, but they sure as hell are usually a lot better then the crap we saw this time.

Re:What's new there, though?

[TechyImmigrant]

everywhere but the US metric is the standard

Been to the UK lately?

Yes.
By law, goods are sold in metric units.
Paper sizes are metric.
Metric is the system taught in schools and used in engineering.

There are some exceptions, mostly for beer and sprits.
 

Re:What's new there, though?

[Moraelin]

Yes, but GSM is a different standard. ISO 216 doesn't say anything about that. As far as ISO 216 is concerned, I could make a sheet that's 210mm × 297mm x 3000mm, in effect a _pillar_ with an A4 cross-section, and it would still count as ISO/DIN A4.

As for C99, exactly who implemented a C99 compiler faithfully or at all?

- GCC's own Status of C99 features in GCC page lists a _lot_ of C99 features as missing or broken.

- Visual C++ at least as of 2005 did _not_ support C99. Some 6 years after the standard had been passed. A quick search on MSDN leads me to believe that VS 2008 doesn't either.

- Borland AFAIK never did.

- a quick googling on Sun's site leads me to believe that their implementation is also not quite complete and compliant

- a quick googling on IBM's site, produced "Not all run-time functions and facilities required by the ISO/IEC 9899:1999 International Standard are supported on all the operating system levels that can run this version of the compiler." in the relevant section of IBM C for AIX v6.0. I wouldn't know if newer versions even exist, or how that was updated.

Sorry, if I don't have the time for the full research that this deserves. But so far it looks like, basically, if I could be arsed to, I could probably write some standard-compliant C99 code which doesn't even compile on _any_ major C compiler. Does that sound like the OOXML situation yet? :P

Re:What's new there, though?

[ScrewMaster]

No, not using ISO units. English is a much bigger language than Chinese, regardless of what the myth says.

Last I heard, there were more Chinese people learning English than the entire population of the United States including our illegals. That's an implicit admission that English is the current lingua franca of the industrialized world.

Re:ISO

[upside]

If you think about it really hard, it may just be that Mr. Opportunist was making the exact same frikkin point but in a humorous and less labored way.

Mod me down but I couldn't help myself.

On OOXML

[darkcmd]

Alright, OOXML has been ratified an official standard by the ISO organization. But what does that mean? Just because ISO has made OOXML a standard doesn't mean somebody is putting a gun to someone's head forcing them to use it. All of the good standards have been discovered over time, by the trial of time. If people do not use OOXML, then the fact that it is a standard would be moot.

It's amazing how poor countries can't be bought...

[jopsen]

Of all the countries participating in ISO/OOXML standardization isn't it pretty amazing that South Africa, Brazil, Venezuela, Ecuador, Paraguay, and Cuba are the ones that Microsoft can't buy...

I mean you'd expect western countries to have a certain level of integrity... Whereas less wealthy countries usually would be easier to bribe, but I guess not...


Okay, you can discuss whether or not the different countries/TC's was bribed, but dirty tricks were played!

Re:Standard standards

[Spatial]

Standards are great, but who says you have to implement them?

People mentioned that a lot of government entities require you to do so. That's a big one.

relevance and irrelevance

[speedtux]

Standards bodies have always had a mixed record.

In some cases (e.g. early ANSI C), they did a reasonable job bringing together practitioners and standardizing and documenting a mature technology.

In other cases (e.g., ALGOL 68, MPEG-7), they brought together a bunch of academics who thought they could use the standards body to realize their untested and unrealistic ideas.

Neither of those cases is relevant anymore; people can communicate and build consensus over the Internet.

Where standards bodies still matter is in a legal sense: a standards body can guarantee that a "promise not to sue" actually has some legal force behind it, in the form of a binding agreement between the standards body and the vendor participants.

Of course, that requires a standards body that actually takes this aspect of standardization seriously and doesn't make exceptions. ECMA dropped the ball on this.

Re:It's amazing how poor countries can't be bought

[Shados]

Think about it for a sec. How did western "rich" countries become "rich"?

yeah, you got it now...

Again, what else is new?

[Moraelin]

Again, what else is new?

Especially in regards to the ISO 9000 series, especially as applied to software companies/departments who want that rubber stamp, you could be 100% compliant even if you work towards the wrong goals and achieve the wrong results. Essentially anyone with the money to blow on a byzantine bureaucracy where you have to document every bleeding obvious step, and document compliance with some brain dead rule, can get that certification. No need to even pay those money to ISO. You'll lose them the old fashioned way.

E.g., I know at least one company where they institutionalized the worst imaginable caricature of the waterfall model. And I don't mean the sane waterfall model, but the distorted caricature that sometimes is used under that name. In fact, a distorted caricature of even that. Everything must start with writing a cubic metre of use-cases and collect the signatures of a few dozen people on it. (Note that their model doesn't include at this step any kind of mockup or proof of concept to show them. You must just have faith that if you nag them enough they'll tell you _all_ their requirements in detail, and you'll write them down.) Then you work for some months on the implementation. _Then_ you have a couple of months for tests and fixing at the end. Then the customer finally sees anything, and _of_ _course_ it'll be exactly what he had in mind. And if more needs to be done, loop from the start now.

It's counter-productive, but if you could be arsed to document how you adhered to every step of it religiously, and can answer with a straight face things like, basically, "did you do what the rules said you should be doing?" you could be ISO 9000 certified for that crap process.

E.g., I had the mis-fortune of working with someone who wanted to have documented quality targets in advance, as per ISO 9001. Sounds good. Except he wanted to measure the entirely wrong things. He had only one tool he knew how to use, that is, a tool for benchmarking web applications. We, however, had made a framework. So instead of figuring out how he can benchmark the actual calls to the framework methods and classes, he wanted to benchmark the HTTPUnit unit tests. So basically he could write there as a quality goal, stuff like "the unit tests for the SomeComplexEJB module finish in less than 5 seconds." Woe if two iterations later, and having included test cases for any bugs reported and fixed, you end up taking more than 5 seconds.

Yep, if you're stupid enough, you can get _that_ sanctified as compliance with ISO 9001.

It doesn't say you should be doing the right thing or the effective thing. It just says you must have a type of process and can produce the relevant documentation if audited.

I'd say that bribing ISO to get that rubber stamp, might actually be an improvement in some places, compared to actually complying with a bad process thought up by a non-techie. At least if you bribe ISO, hey, at least you don't ruin everyone's productivity too. And the losses are basically limited to that bribe, which limit you don't get if you actually comply.

As a Brazilian...

[KGBear]

...I am not very comfortable to see Brazil rubbing elbows with crazy Chavez in Venezuela or Castro's Cuba. It reminds me there are political besides technical reasons why some countries support FOSS. For many years I was very close to the FOSS movement in Brazil and I can say "not sending more $$ to the USA" was as good a reason as any to support FOSS in certain circles.

All that aside though, not too long ago I was talking to someone who makes a lot of money selling knowledge (in the format of software tools) to various Brazilian agencies both in the federal and local levels. I knew there is a law in Brazil that compels government agencies to prefer Open Source solutions over proprietary unless they can prove they could not find a viable FOSS alternative.

What I didn't know was that when asked "do you want this for Windows or for Linux" the answer from some agencies would be "please don't ask that question. We want the Windows version but if you tell us there is a Linux version we'll be forced to buy that. Let's pretend you didn't say anything."

In that environment being able to require an ISO standard is a tremendous tool to help level the playing field. If ISO had not approved OOXML those agencies in Brazil would have _no legal basis_ to prefer MS Office. By becoming a standard, OOXML now tilts the field back in MS's favor. MS knows this. That's why they did and will do absolutely anything to be able to let their reps and techs say "yeah, ours is an ISO standard too..."

Evil Judo

[bill_mcgonigle]

ISO did not have to go along with MS's scam. ISO could have done the right thing. MS did not hurt ISO, ISO did it to themselves.

True, though Microsoft did have the brilliant idea of sabotaging the preeminent open standards organization and getting itself big government contracts all with a handful of payoffs. That's some evil judo they've got there.

Re:stop complaining

[ScrewMaster]

All I know is, most of the Brazilian girls I've ever encountered were seriously hot.

ISO needs to raise its game. Simple as that.

[NickFortune]

It's easy to blame Microsoft or the ISO for the host of things that could be perceived to be wrong here.

This isn't about Microsoft. I don't think this episode does them any credit, but we're discussing ISO. ISO are easy to blame. Not necessarily for letting Microsoft stack the deck, (although they could have co-operated a little less enthusiastically) but for not following their own written procedures and for ramrodding through a standard that plainly was not ready for the fast track process, for doing so over the protests and complaints of many member countries, and for not even giving a hearing to the protests raised after the fact.

It simply isn't good enough. Sorry.

I will repeat what I've previously stated for emphasis: Nothing has changed here in the nature of the ISO.

You keep saying that as if it lets ISO off the hook, but I really don't see your point. Yes, you're probably right and ISO have probably been permitting this sort of chicanery for years on end. One criticism of ISO I keep seeing in the wake this debacle is for their apparent inability to adapt to the needs of the technical community in a changing world. The sort of gamesmanship that mattered little when fixing the diameter of a bolt can seriously undermine the process when applied to something as complex as a multi-document file format. If ISO wish to remain relevant they need to realise this.

But really it matters little whether ISO have lapsed from once lofty standards, or if they have always been corrupt, with this issue but showing them in their true light to thousands of people who previously lived in happy ignorance.

What is important is that ISO need to raise their game if they are to continue to be taken seriously as a world standards body.

The responsibility for any poor decision-making should rest squarely on the members, which requires the fairly obvious, but posturing-deficient solution of fixing national corruption.

Many of whose issues were not discussed at all due to the inadequate time allocated for the discussion. Perhaps that's their fault as well? And the refusal of ISO to consider any appeal for these issues? Is that too the fault of member bodies? I'm sorry, but no. That doesn't seem at all reasonable.

At a more abstract level, I'm not convinced that I want a technical standards body to make moral determinations of goodness or badness of an idea

I'm not sure I want ISO making moral judgements either. But this isn't a question of morality. It's a matter of a standard that quite clearly fell far short of the required level of consensus being forced through by a standards body quite happy to bend, break or re-write its own rules purely in order to favour one party over all the other participants.

This is not, I feel, behaviour we want to encourage. Not because of the ethics of the matter, questionable as they undoubtedly are, but because it leaves the distinct impression that ISO's standards are for sale to the highest bidder. And I don't think that's a particularly good way to choose a standard.