ODF – an ISO standard

0
6 years ago
by John Gøtze in

It was all over the news last week, but the official word from ISO only just came out: ISO and IEC approve OpenDocument OASIS standard for data interoperability of office applications. A couple of quotes:

Alan Bryden, ISO Secretary-General:

“ISO/IEC 26300 is a shining example of what partnership in standardization can achieve for the business community. Its publication underscores the importance of partnership among ISO and IEC and standards developing organizations such as OASIS to craft a common set of standards, and reflects the international community’s recognition of the importance of open formats in enabling business interoperability.”

Patrick Gannon, president and CEO of OASIS:

“ISO/IEC JTC 1′s approval of OpenDocument as an International Standard is a major step forward in advancing the adoption of a format that gives all of us the flexibility to select the office application – commercial or open source – that best meets our needs. We are particularly gratified by the broad range of national ballots cast in favour of the standard. This action underscores the international support for the OASIS open standards process that produced OpenDocument and delivers an assurance of long-term viability that is particularly important to governments.”

Openization vs Deathstars: 1 – 0

Assertion of Intent

0
6 years ago
by John Gøtze in

IDABCs eGovernment Observatory brought this story out in English yesterday: The Danish IT Architecture Committee has decided to stand firm on SAML 2.0 as the recommended standard for federation.

Once broken into English, the story was quickly brought around internationally. SecureID News basically copied the IDABC-story, Danish Government says ‘yes’ to SAML 2.0 and encourages Microsoft to support those specifications.. Computer Business Review follow-up and talked to Liberty Alliance: Identity next public sector battleground for Microsoft?.

There is actually more to the story. First, the decision is actually more than a month old. The National IT Architecture Committee’s decision was made on 21 March. They did send out a Danish press release at that time, but it took a while to get the news out internationally. [maybe I should have blogged it ...]

Anyway, let me dig into the story a bit. Because there is a bit more to it than the international coverage caught. Basically, the committee decision was about an open letter to Microsoft. Written by my former collegue, Søren Peter Nielsen from the IT-Strategic Office in the Danish Ministry of Science, Technology and Innovation, the letter to Microsoft, and sent via Microsft Denmark to Don Schmidt, senior program manager for Microsoft’s Identity and Access group, the letter is worth quoting at length:

In the Danish Ministry of Science, Technology and Innovation we have the responsibility to select and recommend IT standards for public sector usage as also create shared services for public sector. This work is undertaken in an open process that involves all levels of public sector institutions.

The Danish public sector decided early in 2005 to recommend using SAML 2.0 for federated identity and access management. This was among other based on the momentum for the standard in product support from various suppliers, plans for actual usage in public sector solutions worldwide, proofing og interoperability
through testing, and also very important SAML 2.0 being a ratified OASIS standard.

We now understand that Microsoft has chosen not to support SAML 2.0 in the add-on to Active Directory that you has brought or soon is bringing to market.

We would like to understand your motivations for not supporting SAML 2.0 as basically every other supplier of identity and access management solutions support – or plans to support SAML 2.0. So far our only source for information has been news articles (as here) about your decision not to support SAML 2.0. These articles may not contain a valid representation of your message, and even if this is the case really their content doesn’t help us understand the Microsoft motivation. Based on this I have asked Anders to forward to following questions for you:

  • Does the article faithfully reflect the essence of your motivation for not supporting SAML 2.0?
  • Assuming this more or less is true (and I will ask you to respond in all circumstances):
    • You are cited saying: SAML 2.0 protocols are fine for strictly Web single sign-on. In your view is exchange of attributes, and assertions about access rights a part of Web single sign-on? Or do you assert that SAML 2.0 isn’t well suited for these tasks?
    • You are cited saying: SAML 2.0 does not have reliable messaging or transaction support. As far as we can tell neither have WS-Federation, and obviously such functionality should be covered in standards that focus on reliable messaging and transaction, so is your position that SAML 2.0 will not work well with the standards for reliable messaging and transactions that OASIS is working to finalize?
    • What other motivations does Microsoft have for not supporting SAML 2.0 in the currently released product?
  • Assuming the article is not true
    • Can you supply us with the correct information about why Microsoft does not want to support SAML 2.0 in its current product?
    • We understand that Microsoft has a big interest in WS-Federation as Microsoft has been the main driver in developing the specification. However, in the marketplace we see several vendors that in their product supports several standards like SAML 2.0 and at the same time the WS-Federation specification to allow customer choice. This tells us that it is a feasible task to add product support for both SAML 2.0 and WS-Federation. So even though Microsoft may feel that SAML 2.0 isn’t as well suited for the vision Microsoft is having for federation in the future why don’t you support it, and let your customers decide?
  • If you feel Microsoft supports customer choice in the federation space though not supporting SAML 2.0 can you please elaborate on what kind of choice it is that you support?
  • Will Microsoft support SAML 2.0 in future products?

    • ….snip….

    I know Søren Peter is on holiday, so I can’t yet ask him about whether he got a response. I’ll be sure to ask him as soon as I see him.

    [Disclaimers: a. I work for OASIS (SAML is an OASIS standard), and b. I was heavily involved with making SAML a Danish standard when I worked in the ministry.]

    Harnessing the Benefits of Openness

    0
    6 years ago
    by John Gøtze in

    The Washington-based Committee for Economic Development (CED), “an independent, nonpartisan organization of business and education leaders dedicated to policy research on the major economic and social issues of our time and the implementation of its recommendations by the public and private sectors”, has published a report called Open Standards, Open Source, and Open Innovation: Harnessing the Benefits of Openness. Also see the CED announcement and the summary., as well as this CIO Update.

    The report is another must-read. The conclusion is worth quoting at length:

    The benefits of openness are becoming more apparent and are likely to grow as we learn to utilize the new capabilities enabled by information and communications technologies. These benefits are challenging our conventional wisdom about innovation and the incentives needed to stimulate it. And, they are suggesting new ways of acting based on the special characteristics of the digital world, which are far different than those that developed based on what we knew of the physical world.

    Years ago, the theory of the tragedy of the commons was developed in economic literature. It argued that users of a commons (such as a grazing field shared by an entire community), who had no particular or individual stake in the success of the commons, might act in such a way as to maximize their own short-term interests at the long-term expense of the commons and the community that used it. Thus, the actions of a few could harm the interests of many, and of society as a whole.

    The digital world provides an opportunity to think of the commons differently. The use of the digital commons by everyone does not necessarily exclude its use by anyone. To the extent that new information and communications technologies allow more and more people to contribute their own genius, the digital world offers new opportunities from the commons and for the commons.

    Openness is not an overriding moral value that must prevail in every circumstance. But, its extraordinary capability to harness the collective intelligence of our world requires us to consider its implications carefully, nurture it where possible, and avoid efforts to foreclose it without compelling reason. We should not miss the opportunity to harvest the benefits openness might bring.

    If you have read our Roadmap for Open ICT Ecosystems and want more, the CED report is a good next step. I don’t know CED, but do recommend reading their report. It is great to have a solid and well-written argument for openization from a business perspective.

    A Motion, a Bill, and a Policy

    0
    6 years ago
    by John Gøtze in ,

    Just in case anyone missed the recent news: There are three new cases of policy movement for openization: Denmark, Minnesota and Norway.

    Denmark
    Morten Helveg has presented a motion in Parliament (Danish version, dated 30 March, 2006). It says:

    Parliament imposes on the government a duty to ensure that the public sector’s use of IT, including use of software, is based on open standards.

    The state should adopt and maintain a set of open standards by 1 January 2008 which can serve as an inspiration for the rest of the public sector. Open standards should be part of public IT and software procurement with the object of promoting competition.

    The state should ensure that all digital information and data that the public sector exchanges with citizens, companies and institutions, are available in open standards based formats.(my translation of B103

    The wording is the same as in his consultation draft, but the remarks have been updated.

    The likelyhood of the motion being passed as a parliamentary decision is unclear. Coming from the minority opposition, it is almost by definition at risk of being turned down by the Government and its support-party, Dansk Folkeparti, which however seems split on this issue (one of their MPs has supported the motion, another rejected it).

    State of Minnesota
    The Minnesota Open Data Formats Bill, House File 3971 has been presented to the Minnesota state legislature by Paul Thissen and Steve Simon from DFL, Minnesota Democratic-Farmer-Labor Party, which is in opposition in the state.

    The bill would require all Executive branch agencies in the state of Minnesota to “use open standards in situations where the other requirements of a project do not make it technically impossible to do this.”

    Andy Updegrove: Bill Introduced in Minnesota to Require Use of “Open Data Formats”

    References:
    Gary Edwards (at Sam Hisers) and Jeff Kaplan

    TechWeb: Minnesota Bill Supports Open Standards

    Norway
    Press release from the Norwegian Ministry of Government Administration and Reform (in Norwegian): Regjeringen satser på åpne IT-standarder

    The press release mentions a cabinet decision about open standards, which contains at least two initiatives. First, Norway will create an interoperability framework, or a standards catalogue, which most likely will contain mandatory standards for state agenices. Second, the government will establish an standardization council with several stakeholders.

    Well done, Norway!

    Essentially, the Norwegian government seems to continue the path towards openization that the former government started about a year ago. The eNorge (eNorway) programme is one of the most ambitious e-government programmes I know of, and it’s good to see it back on track. I’m of course somewhat prejudiced, since one of the major proposals in eNorge is the adoption of an interoperability framework explicitely based on the Danish interoperability framework (disclaimer: I was responsible for establishing this).

    Just in case anyone in Norway reads this: Yes, I’d be happy to work with you, if you need assistance :-)

    References:

    In English:
    MIT Technology Review: Norway Promoting Open-Source Software
    TMCNet: Norway seeks to reduce dependence on Microsoft, others through open-source programs
    Jeff Kaplan: Norway Out in the Open

    In Norwegian:
    Dagens IT: Vil løsne båndene til Microsoft
    Computerworld.no: Skal bli mindre Microsoft-avhengig
    Digi.no: Vil bli mindre avhengig av Microsoft

    The Meaning of Life
    I have been invited to speak at a Unisys-conference, The Journey to Open Source, held 17 May – 19 May in Saint-Paul-de-Vence, France. The title of my talk is, as suggested by Unisys, The Meaning of Life – An Academic View on Openization. I’m digging through various research databases and journals in the hope of finding academic literature about openization (open standards, open source, SOA), but it is a rather disappointing exercise. I did similar digging about a year ago, and had hoped to find a bulk of new publications, but unfortunately haven’t found much new material.

    One of the most interesting research projects I know of, is the OStEA project at Copenhagen Business School. OStEA (Open Standards and their Early Adoption) is a public university research project sponsored by the Danish Ministry of Science, Technology, and Innovation. The aim of the project is to identify issues related to government policy with regard to open standards. Some of the research questions pursued are:

    • The viable/plausible scope of open standards as pertaining to the government ICT policy.
    • Identification of relevant standards pool and the relevant ongoing standardization in various fora.
    • Identification of perceived needs for open standards and the reasons and opportunities in government adopting an open standards governance policy.
    • Government’s participation in standardization.
    • Conformance to standards in public procurement/ discrimination against non-compliant standards.

    The project commenced on 1st of February, 2006 and will end on June 24, 2006. Mogens Kühn Pedersen and Vladislav V. Fomin, the research team, have made a preliminary report, Open Standards and Government Policy.

    Go to Top