Update: comments from Microsoft's Andrea Valboni at the end of this post.
OOXML, or the infamous ISO/IEC DIS 29500, is crawling towards the Ballot Resolution Meeting to see whether it can make the status of International Standard. Now ECMA, the body which hastily (to say the least) decided to make it an industry standard and presented it to ISO with a “fast track” procedure, has reviewed the comments of the national bodies, made a proposal for addressing them.
Good, I have read the first (comparatively) few pages of the proposal, and decided that the reading of the whole lot was not worth the effort. I was mostly interested in the comments of some National Body as to the licensing conditions of patent and copyright of OOXML. As a lawyer, I am deeply concerned that the Open Specification Promise is all but sufficient to ensure that this standard is truly an independent standard.
The answer? This topic is not going to be addressed.
The issue of patents
ECMA feels that the “IPR” is not an issue. Well, I believe rather the contrary. It would be suicidal to allow a standard where one single vendor is allowed to play tricks, such as saying: “you know what? now you pay me a royalty for any implementation of the standard” or even “surprise, surprise, you are not licensed for this patent, please cease and desist using our format”. Leave for a second alone my opinion that software patents should not exist, they do exist, and are enforced. Are you saying this is not going to happen? Well, if you look to even truly multi-vendor standards, you find a whole host of patent issues raised to a supposedly freely or “RAND” implementable standard, just think about MP3 and the subsequent patent ambushes that big players like Microsoft suffered. Here we have a standard pushed unilaterally by a single vendor who has basically decided, through its own initiative and not through consensus, the architecture and the details of the standard. The game is different, here, and more thorough the clearance of patent issues shall be. But what we have instead? The Open Specification Promise. Basically an unilateral covenant not to sue. Thinking it can be sufficient guarantee for third parties to implement OOXML without a second thought is just completely naive.
Not an issue? It may be not an issue to current ISO rules, but an issue to those deciding whether this standard deserves approval through a fast track procedure, and it would be the right time for ISO to reconsider their policy too. An ISO standard means: you should adopt it for this domain of use. You should do it because it is an International Standard. You should do it because the more and more the public sector requests documents to be stored in standard formats. Saying that OOXML is one possible standard means, thanks to the ubiquity of the combination of Microsoft Windows and Microsoft Office, that OOXML is going to be the standard. If it is going to be pushed down the throat of the whole mankind, it must be free from any possible problem and 100% freely implementable. By “freely” I mean without anybody unilaterally being in a position to control and leverage it by way of any rights. A standard for documents is not an irrelevant thing, documents keep much of the information we produce.
Why another standard? One is more than enough!
I am not saying that the standard is evil just because it is Microsoft imposing it, but I question the reasons why Microsoft is imposing it, now, since another suitable standard already exists, that nobody has still demonstrated to be inferior and that does not suffer from the many shortcomings of OOXML from the legal and technical point.
I said technical. Right, let's see what the thousands of comments have produced. It seems that most of the comments have been plainly accepted, including some (not all) of the rudest ones. For instance, those complaining that the behavioural specifications (“do this like Word 97 does”) have been apparently removed. It would seem that all “legacy” behaviour specifications have been separated from the standard and will not be included in it anymore. They will be just an extension.
Very good, you would then say. The comments have been accepted, the issues have been removed, so there is no technical stumbling block anymore, true? Nope! Thing are now just more murky. When confronted with the question: “why two standards, we already have one, ODF”, the answer more or less was that OOXML has two features missing from ODF: legacy compatibility (old binary documents can be transformed into OOXML without losing fidelity) and projected massive adoption due to the widespread adoption of the new Office 2007, soon to be the new dominant application. Where are those reasons now? Gone with the wind. They don't exist anymore. Legacy is an extension, also ODF is extensible. Office 2007 is not compliant with the new version of OOXML, regardless the fact that ECMA's OOXML was not implemented either, there is not going to be a real implementation for years. To understand what I mean for “real”, please read Bob Weir's Blog.
Is OOXML better than ODF? I cannot say, but nobody has showed good proof yet. I have read a report on it by the Burton Group, but it was so flawed that ODF alliance could even do some humor when rebutting it. For sure OOXML is not that better to justify a second standard. And, excuse my French, how could ECMA come with a straight face and say that the standard should still be approved, when after the ballot they have changed it to a great length? This massive overhaul is the soundest proof that the standard should have never been approved by ECMA in the first place, and it should have not be pushed for approval by ISO with a fast track procedure. This means abusing the standardization process, my dear!
Oh, by the way, what happened to Italy's comments? The only comment we have made along with the abstention vote was that we wanted an open-source-like independent reference implementation. The comment has been grouped with similar — so to say — comments on the lack of conformance testing, or of test suites (which is something different from a reference implementation where I can see the actual source code of an implementation and even sometimes cut snippets to real life application). This is already something quite annoying. But nothing compared with the answer: “Although no reference implementation or interoperability test suite is available at this time, a growing number of implementations of ECMA-376 are becoming available […] If the requirement for an interoperability test suite or reference implementation is established and shared by National Bodies, SC 34 might initiate appropriate activities as suggested by this comment”. What the heck is this supposed to mean? A test suite is not a reference implementation. A shipping implementation is not a test suite, it is how the implementor thinks the standard should be implemented. As we have seen, not even the main sponsor of the standard implements it in a truly compliant way. There is no way to make sure that an implementation is truly compliant with the standard, because the conformity test provided by the standard is simply too slack. This is an elegant way to say “thanks, but nay, this is not anything we can commit to right now, maybe after the standard is approved”. So Italian comment has been altogether disregarded, we duly take note of it.
I am now very puzzled by the attitude of ECMA, more than ever. The lack of reliable conformance tests is not an irrelevant issue. It is at the core of the usefulness of a standard to the industry. Disregarding precise requests on this point is disconcerting. Rob Weir, again, points out what is the minimum requirement for an application to call itself “compliant”, according to OOXML. I am not a software engineer, but my reading of the test is consistent with that of Rob, and quite dismaying. If we have to just rubber stamping an ethereal standard only because Microsoft needs it to call its application and formats “standard compliant”, while not bothering using International Standards, please say it in clearer words. But ohne mich.
I will reaffirm, even more strongly, my negative vote, and will urge my National Body (UNINFO JTC1) to change its vote from “abstention” to “disapproval”, and so should do any reasonable person.