Language Selection

English French German Italian Portuguese Spanish

ISO approval: A good process gone bad

Filed under
Misc

You may have read our background article about ODF and OOXML and why Red Hat believes OOXML should not be approved as an ISO standard. This time, we focus on how the standardization process has been compromised at ISO.

ISO’s JTC-1 directives were designed to provide a fair, consensus-based way to design standards that are portable, interoperable, and adaptable to all languages and cultures. The OOXML proposal has suffered from two basic problems: (1) voting irregularities, and (2) the use of a fast-track process for a complex, new, large specification that has not received adequate industry review. The resulting specification was driven almost exclusively by one vendor, has not achieved industry consensus, and has had thousands of issues logged against it, largely due to issues involving implementability, portability, and interoperability. Although resolutions have been proposed for many of the issues that have been raised, there is virtually no time to review these resolutions to determine whether they fix the problems. And the voting irregularities have raised serious issues with the fairness of the process.

Stuffing the ballot box

For a standards body to have credibility, the procedures it follows need to be credible. ISO’s JTC-1 directives say that the “objective in the development of International Standards should be the achievement of consensus between those concerned rather than a decision based on counting votes.”1 Clearly, there has been no achievement of consensus regarding the adoption of OOXML as a standard, and therefore ISO has turned to a voting process.

We believe that the flaws in the ISO voting process for OOXML are so serious that they must be addressed in order to maintain ISO’s credibility as a standards body.

More Here




Whither ISO

http://www.jtc1sc34.org/repository/0940.htm

“This year WG1 have had another major development that has made it almost impossible to continue with our work within ISO. The influx of P members whose only interest is the fast-tracking of ECMA 376 as ISO 29500 has led to the failure of a number of key ballots. Though P members are required to vote, 50% of our current members, and some 66% of our new members, blatantly ignore this rule despite weekly email reminders and reminders on our website. As ISO require at least 50% of P members to vote before they start to count the votes we have had to reballot standards that should have been passed and completed their publication stages at Kyoto. This delay will mean that these standards will appear on the list of WG1 standards that have not been produced within the time limits set by ISO, despite our best efforts.

The disparity of rules for PAS, Fast-Track and ISO committee generated standards is fast making ISO a laughing stock in IT circles. The days of open standards development are fast disappearing. Instead we are getting “standardization by corporation”, something I have been fighting against for the 20 years I have served on ISO committees. I am glad to be retiring before the situation becomes impossible. I wish my colleagues every success for their future efforts, which I sincerely hope will not prove to be as wasted as I fear they could be.”

–Martin Bryan, ISO Escapee
Formerly Convenor, ISO/IEC JTC1/SC34 WG1

For those looking for better bodies, consider IEEE and OASIS.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Security: FOSS Updates, SEC, CCleaner

  • Security updates for Friday
  • SEC Chairman reveals financial reporting system was hacked
  • CCleaner malware outbreak is much worse than it first appeared
  • CCleaner Hack May Have Been A State-Sponsored Attack On 18 Major Tech Companies
    At the beginning of this week, reports emerged that Avast, owner of the popular CCleaner software, had been hacked. Initial investigations by security researchers at Cisco Talos discovered that the intruder not only compromised Avast's servers, but managed to embed both a backdoor and "a multi-stage malware payload" that rode on top of the installation of CCleaner. That infected software -- traditionally designed to help scrub PCs of cookies and other tracking software and malware -- was subsequently distributed by Avast to 700,000 customers (initially, that number was thought to be 2.27 million). And while that's all notably terrible, it appears initial reports dramatically under-stated both the scope and the damage done by the hack. Initially, news reports and statements by Avast insisted that the hackers weren't able to "do any harm" because the second, multi-stage malware payload was never effectively delivered. But subsequent reports by both Avast and Cisco Talos researchers indicate this payload was effectively delivered -- with the express goal of gaining access to the servers and networks of at least 18 technology giants, including Intel, Google, Microsoft, Akamai, Samsung, Sony, VMware, HTC, Linksys, D-Link and Cisco itself.

Licensing: Facebook Responds to Licence Complaints, Cloud Native Open Source License Choices Analysed

  • Facebook relicenses several projects
    Facebook has announced that the React, Jest, Flow, and Immutable.js projects will be moving to the MIT license. This is, of course, a somewhat delayed reaction to the controversy over the "BSD+patent" license previously applied to those projects.
  • Relicensing React, Jest, Flow, and Immutable.js
    Next week, we are going to relicense our open source projects React, Jest, Flow, and Immutable.js under the MIT license. We're relicensing these projects because React is the foundation of a broad ecosystem of open source software for the web, and we don't want to hold back forward progress for nontechnical reasons. This decision comes after several weeks of disappointment and uncertainty for our community. Although we still believe our BSD + Patents license provides some benefits to users of our projects, we acknowledge that we failed to decisively convince this community.
  • Cloud Native Open Source License Choices
    One of the most common questions regarding open source licensing today concerns trajectories. Specifically, what are the current directions of travel both for specific licenses as well as license types more broadly. Or put more simply, what licenses are projects using today, and how is that changing? We’ve examined this data several times, most recently in this January look at the state of licensing based on Black Duck’s dataset. That data suggested major growth for permissive licenses, primarily at the expense of reciprocal alternatives. The Apache and MIT licenses, for example, were up 10% and 21% respectively, while the GPL was down 27%. All of this is on a relative share basis, of course: the “drop” doesn’t reflect relicensing of existing projects, but less usage relative to its peers. [...] One such community with enough of a sample size to be relevant is the one currently forming around the Cloud Native Computing Foundation. Founded in 2015 with the Kubernetes project as its first asset, the Foundation has added eleven more open source projects, all of which are licensed under the same Apache 2 license. But as a successful Foundation is only a part of the broader ecosystem, the real question is what are the licensing preferences of the Cloud Native projects and products outside of the CNCF itself. [...] Unsurprisingly, perhaps, given the influence of the CNCF itself, Apache strongly outperforms all other licenses, showing far greater relative adoption than it has in more generalized datasets such as the Black Duck survey. Overall in this dataset, approximately 64% of projects are covered by the Apache license. No other project has greater than a 12% share. The only other licenses above 10%, in fact, are the GPL at 12% and MIT at 11%. After that, the other projects are all 5% or less.

today's howtos

Games: Half-Life: C.A.G.E.D., Arcan 0.5.3, Wine Staging 2.17

  • Half-Life: C.A.G.E.D. from former Valve worker should hopefully come to Linux
    Half-Life: C.A.G.E.D. [Steam] is a mod from former Valve worker Cayle George, it's a short prison escape and it should be coming to Linux. Mr George actually worked on Team Fortress 2 and Portal 2 during his time at Valve, but he's also worked for other notable developers on titles like Horizon Zero Dawn.
  • Game Engine Powered Arcan Display Server With Durden Desktop Updated
    Arcan, the open-source display server powered by a game engine, is out with a new release. Its Durden desktop environment has also been updated. Arcan is a display server built off "the corpse of a game engine" and also integrates a multimedia framework and offers behavior controls via Lua. Arcan has been in development for a half-decade while its original code traces back more than a decade, as explained previously and has continued advancing since.
  • Arcan 0.5.3, Durden 0.3
    It’s just about time for a new release of Arcan, and way past due for a new release of the reference desktop environment, Durden. Going through some of the visible changes on a ‘one-clip or screenshot per feature’ basis:
  • Razer plans to release a mobile gaming and entertainment device soon
    NVIDIA, another big player in the gaming hardware and lifestyle space, released an Android-based portable gaming and entertainment console called the NVIDIA Shield that emphasized in-home streaming, and the Ouya console that Razer acquired (and discontinued) ran Android. But Razer decided to use Windows instead of Android on the Edge.
  • Wine Staging 2.17 is out with more Direct3D11 features fixing issues in The Witcher 3, Overwatch and more
    Wine Staging 2.17 is another exciting release, which includes more Direct3D11 features which fixes issues with The Witcher 3, Overwatch and more. As a reminder, Wine Staging is the testing area for future Wine development released, which will eventually be made into stable Wine releases.