Gotze.eu

Category: Openization

  • Microsoft and Danish Government in New Identity Deal

    A year ago, my former collegue Søren Peter Nielsen wrote, on behalf of the Danish government, a letter to Microsoft. Seems he got a response, and I’m sure it’ll interest XMLGrrl and many others, that an announcement was made yesterday: Agreement between the National IT and Telecom Agency and Microsoft: Agreement concerning partial support of the SAML 2.0 standard.

    “The ongoing dialog between the National IT and Telecom Agency and Microsoft has resulted in an agreement on partial support of the SAML 2.0 standard in Microsoft’s forthcoming version of their federation product named Active Directory Federation Services 2”, the agency writes.

    The text agreed upon is as follows:

    “The Danish public sector has chosen SAML 2.0 as their federation standard. Microsoft products use WS-Federation and WS-Trust as the foundation of their federated identity architecture. The Danish government has agreed that the SAML 2.0 token format is sufficient to provide basic interoperability between WS-Federation and SAML 2.0 environments as a common assertion format, without loss of authentication integrity.

    To support interoperability between WS-Federation and SAML 2.0 based products Microsoft has agreed to support the SAML 2.0 token format in the future release of Active Directory Federation Services code-named Active Directory Federation Services “2”. Microsoft will provide the Danish public sector Centre of Service Oriented Infrastructure with pre-release code to help analysis and planning of solutions for integrating WS-Federation-based clients in the Danish federation, and to collect feedback on the feature implementation.

    In addition, the co-authors of WS-Federation (including Microsoft) have submitted the specification to OASIS for standardization. This step further enables interoperability between federated environments that deploy SAML 2.0-based products and those that deploy WS-Federation-based products.”

    In commenting the agreement, the agency writes: “With this agreement a possibility for inclusion of Microsoft based clients in a common public SAML 2.0 based federation has opened”, and notes:

    The integration will require the standard based login solutions to be expanded with a special integration code. The solution is therefore a pragmatic tactical integration solution, but with the above-mentioned partial SAML 2.0 support from Microsoft it is expected that the integration can be done without influencing the individual “Microsoft Active Directory Federation Service” user organizations.

    The agency notes that more iinformation on the concrete possibilities will be published as the National IT and Telecom Agency’s Centre for Service Oriented Infrastructure receives pre-release code from Microsoft that can be integration tested.
    The agency elaborates a bit more on the deal:

    It is still desired, that Microsoft support all of the SAML 2.0 standard in their products, but the above-mentioned agreement are a good first step towards more convergence among standards for transverse user management.

    The National IT and Telecom Agency also sees the filing of the WS-Federation (WS-FED) specification for standardization in OASIS as a step that can promote convergence among federation standards.

    It should be stressed that it does not mean that the WS-Federation specification is recommended equally to SAML 2.0 for common public solutions.

    When the results of the standardization with WS-Federation become available (expectedly in the end of 2008) it might be relevant to do a new assessment but for now the SAML 2.0 it is still the only standard, which is recommended as a federation standard for Danish common public solutions.

    So, there we have it.

    I want to congratulate Søren Peter on a job well done. Stand firm on SAML 2.0, the open ecosystem needs it. And thanks to Microsoft for listening to customers (but why only partial support?).

  • Norwegians Launch Interoperability Framework, Mandate ODF

    Norway’s Minister of Government Administration and Reform, also Minister of IT, Ms Heidi Grande Røys, in a press announcement on Friday, Første skritt mot en offentlig sektor uten leverandørbindinger, announced that with the launch of the Norwegian Government’s interoperability framework, called Referansekatalog for IT-standarder), the Norwegian government takes “the first step towards a public sector without vendor fixation”.

    Of particular interest is that the Norwegian government boldly goes ahead and proposes mandation of a set of standards for document formats:

    • ODF is mandated for document exchange and downloads of editable documents. According to the framework document, OASIS ODF 1.0 is the standard used, but the reference link actually goes to ODF 1.1.
    • PDF is mandated for publication of static documents on the web.
    • UTF-8 (ISO/IEC 10646) is mandated as a universal character set standard, to be used in web publications, connections to registres and databases, and all other textual exchange and archiving.

    Regarding ODF, according to Digi.no, Ms Røys at the press conference said she wants ODF to be the preferred document format also internally in the administration, and not “just” for external communication. But as I read the published documents, there is no actual mandation of internal use. One could – and should – of course argue that ODF “all the way” is the only sensible way to implement the policy, but I’m sure some will argue otherwise.
    According to the press announcement, the interoperability framework is in consultion until 20 August 2008. I suppose they actually mean 20 August 2007. The mandation is proposed enacted by 1 January 2009.

    Included in the interoperability framework is a set of national government standards, such as NOARK4 for archiving, and also a plan for extending the framework to other areas. On the latter, the document analyses the Danish, Belgian, German and British interoperability frameworks standard by standard, and explicitely argues that a European alignment and cooperation is necessary.

    Danish coverage at Version2

  • Something IS Rotten in the State of Denmark

    Leif Lohdal is blogging much more continuously about the Danish open standards situation than I am. Time for me to catch up.

    On 24 April, the Danish Open Source Business Association and the Danish IT Industry Association arranged a conference in Parliament, from which I reported (in Danish, like most of the following links) over at Version2. Peter Strickx made a good presentation (soundtrack) about the situation in Belgium.

    On the same day, Prosa and Version2 arranged a debate meeting about document standards. They had invited René Løhde from Microsoft Denmark and me to meet in a “battle”. I used the opportunity to make a probably too long presentation, which I symbolically called The State of the Document World, and tried to give an “Inconvenient Truth”-style presentation, but appearently contributed to critics calling the debate “toothless”. The “battle” without a fight was made available online as a webcast a few days ago. I’ve now uploaded my presentation in PDF (1,8MB) or higher quality (7,3MB) ODP. I humbly reject to calling my message toothless! Not to say it couldn’t be presented better, of course.

    But wait, there’s more. A lot is happening, really. As a measure of “things happening” in the document format field, Version2 has published 12 articles mentioning ODF/OpenXML since the conference and battle.

    The theme is: Should government mandate one or two standards? The choices are the ODF-alone strategy or the dual-strategy with ODF and/or OpenXML.

    Yesterday morning, the involved parliamentarians and the minister met in a closed meeting. Less than a day before that meeting, the minister had released 2 reports to the parliamentarians and publically in a three (!) days long hearing. The reports, in Danish only, examine the economic consequences of mandating standards in various areas; one report dedicated to the consequences of choosing ODF. It’ll cost 180 million kroner. Yeah, right. The reports are made by Rambøll Management (yes, them, see also their explaning the appearent shift in findings).

    Helge Sander, the minister, said after the meeting that a decision is near. The parliamentarians follow the situation close, and Sander will before the summer holidays arrange for them to meet some experts, he said. Whether or not a decision will be made by him before is uncertain. He surely could, if he would – he’s the minister! I assume the parliamentarians will ride him whatever he does.

    In conclusion: Decisive indecision rules over Denmark.

  • Hiser in Danish, and now in English

    I wrote a Danish article in Version2 published yesterday. Here is my translation:

    Danish Document Controversy Raises International Concerns

    OpenDocument Foudation is very concerned about the development in Denmark. Moreover, the organisation is readying a plugin that will make it even easier to use the ODF-format.

    John Gøtze

    The awareness of the political initiatives around the usage of open standards reaches beyond Denmark.

    “Denmark needs a winning attitude, but this policy is appeasement”, comments Sam Hiser, Director of Business Affairs in OpenDocument Foundation, an organization promoting and supporting ODF.

    Sam Hiser is following the international development around ODF closely, and is not pleased with what he hears from Denmark.

    “Denmark’s dual format policy is one of the more depressing events in recent months”, he says.

    “It sets a precedent for compromise that paints Danish agencies into a corner,” he argues.

    Hiser proposes that the Danish policy should above all permit CIOs to do the necessary business process re-engineering to get away from the control of tMicrosoft.

    “We’ve always thought our conception of an ODF Plugin for MS Office as being among Microsoft’s worst nightmares. And that it is. Something which goes into Windows XP/Office and permits native file open, edits and save as ODF is going to be very interesting”, Hiser tells about the ODF Foundation’s plugin.

    There are other ODF-plugins to Microsoft Office. First, Sun’s Plugin for MS Office, which produces an OpenOffice-equivalent conversion to ODF. Second, the Microsoft/Clever Age/Novell Plugin for Office 2007.

    The OpenDocument Foundation calls their ODF Plugin for Microsoft Office “da Vinci”, but is not yet an finished product.

    Hiser explains that the da Vinci plugin has two elements the others do not. First, it has a ODF InfoSet API for server-side integration with the ODF Plugin for MS Office. Second, it has a ODF Feature-Set Wizard to help organizations govern the features in their office files.

    Hiser explains that the OpenDocument Foundation’s plugin will ensure vendor independence when developing applications that use the document data.

    Thanks, Sam!

  • Get the ODF Monograph

    UPGRADE, the European Journal for the Informatics Professional, has just published an Open Document Format Monograph.
    The monograph is published on behalf of CEPIS by Novática (ATI, Spain), in English and in Spanish. The English version is available online: download as PDF, see content and summaries. The Spanish version is out in print and soon online.

    I warmly recommend the monograph’s articles. I’m of course pleased about my contribution (announced earlier), but recommend reading several of the others first.

    These are the articles:

    OpenDocument Standard for Digital Documents
    Jesús Tramullas-Saz and Piedad Garrido-Picazo, Guest Editors

    Open by Design: The OpenDocument Format Standard for Office Applications
    Erwin Tenhumberg, Donald Harbison, and Rob Weir

    Is OpenDocument an Open Standard? Yes!
    David A. Wheeler

    OpenDocument Hidden Traps and their Side Effects on Free/Open Source Software
    Marco Fioretti

    ISO-26300 (OpenDocument) vs. MS-Office Open XML
    Alberto Barrionuevo-García

    Interoperability: Will the Real Universal File Format please Stand Up?
    Sam Hiser and Gary Edwards

    ODF: The Emerging Document Format of Choice for Governments
    Marino Marcich

    Promotion of the Use of Open Document Formats by the IDA and IDABC Programmes
    Miguel A. Amutio-Gómez

    A Brief History of Open Standards in Denmark
    John Gøtze

    Standard Open Formats and Libre Software in the Extremadura Public Administration
    Luis Millán-Vázquez de Miguel

  • ISO confirms

    In a statement to me (on behalf of Danish Version2), ISO’s Manager of Communication Services, Roger Frost, has cordially confirmed Computerworld’s story. Not that I doubted Computerworld’s Eric Lai, but I just wanted to make sure.

    Frost writes:

    ISO and IEC are to issue ISO/IEC DIS 29500 (ECMA-376) “Office Open XML File Formats” in the near future for a five-month fast-track ballot by the participating members of the ISO/IEC joint technology committee ISO/IEC JTC 1, Information technology, and by all member bodies of ISO and IEC.

    Interestingly, Frost also notes:

    At the same time, comments made by JTC 1 member bodies on the document during the 30-day review prior to acceptance for fast-tracking processing, along with the response to these comments from the fast-track proposal submitter, Ecma International, will be made available to the JTC 1 members and ISO and IEC member bodies. The national body comments and Ecma’s response are not available from ISO or IEC or JTC 1. It is up to the individual organizations whether they wish to release their comments or response.

    In the interest of an open process (hey, we’re talking about open standards here!), I hope all national bodies will publish their responses. Some have “leaked” already of course, but it would be good for the process to show a bit much more openness.

    I talked to the chairman of the Danish subcommitte, professor Mogens Kühn Pedersen from Copenhagen Business School today, and he told me that the Danish subcommittee will meet on Tuesday next week. I have suggested to Mogens that he asks the committee for permission to publish the Danish response.

  • The Fast And The Furious

    Computerworld writes that ISO on Saturday agreed “to put Open XML, the document format created and championed by Microsoft Corp., on a fast-track approval process that could see Open XML ratified as an open, international standard by August”.

    According to CW, an e-mail sent Saturday by Lisa Rachjel, the secretariat of ISO’s Joint Technical Committee (JTC-1) on Information Technology, states that “the Open XML proposal, along with comments and criticism by nations that have already reviewed it, will be put on ISO’s 5-month balloting process”.

    ISO has not yet confirmed this. Their press officer, Roger Frost, told me that he expects to have information about the next step in the process by tomorrow.

    So, it seems that Microsoft has succeded in pushing the agenda, and the only interpretation I can make of this is that ISO accepts that the balloting does not necessarily end with an unanimous vote. CW writes: “For a proposed standard to be approved by the ISO, no more than one-third of JTC-1, or 10 countries, can vote against it. Meanwhile, no more than one quarter of ISO’s 157 members that cast their vote — non-JTC-1 member countries may abstain — can vote against it.”

    I now foresee, and will by all means contribute to, a continious campaign for members states to vote against the approval of the substandard “standard”. Voting against the approval should not be seen simply as a vote against Microsoft, but should be based on the solid fact that EOOXML is flawed, heck even Microsoft acknowledges this.

    By pushing the fast-track, those who care about the standard of standards are forced to vote against the approval, since balloting is binary (yes/no), and a yes-vote would mean that the as-is Ecma-standard is endorsed. At the end of the day, it’s a vote about the credibility of international standards and about the legitimacy of international standardization processes.

  • Assessing Standards

    Following up on my recent blog entry, Mandatory Open Standards in Denmark, I want to draw attention to further reports published by the National IT and Telecom Agency as background material to the main report. These materials are all in English.
    First is a report called Research about OpenXML, ODF & PDF made for the Danish government by Norwegian consultancy house Ovitas AS.

    The criteria covered in the research report include three main areas:
    1. Openness (open documentation, rights, open interface, open meeting, consensus, due process)
    2. Market issues (penetration, maturity, implementation)
    3. Business potentials (functional and non-functional requirements, security, potentials and architecture)
    In conclusion, they write:

    The conclusion of this preliminary research is that both OpenXML and ODF qualify as viable candidates for open standards for editorial document formats based on the criteria used in this research. PDF is currently controlled by Adobe Systems but has a unique worldwide take up.

    “Viable candidates”? Hmmm. Nevertheless, the report is a fairly balanced analysis, which on several accounts makes it very clear, that there are big differences between the standards. One could, reasonably I’d argue, ask how the conclusion is supported by the research. I miss the substantial argument for how low a barrier one should have for what is and what isn’t a viable candidate.

    It is worth noting that the hearing report in appendix A (only in Danish) has a quite thorough outline of how standard assessments should be conducted. The Norwegians does note that their work was done in parallel to the development of this outline, so I suppose we can’t blame them. But one would expect more from the Danish administration then. What is missing is exactly the specific “scores” for, or evaluations of, various detailed issues. If we assume such scores are red/yellow/green, my bet is that OOXML would have quite a few yellows if not reds, which would need some explaining in order to make the conclusion valid.

    More serious research
    The government commissioned a research project about “Open Standards and their Early Adoption” in 2005-06. This was conducted by Professor Mogens Kühn Pedersen and Vladislav V. Fomin from Department of Informatics at Copenhagen Business School, and their final report is also available (download report, literature review and delphi survey). The report’s executive summary:

    Standards have proven themselves indispensable to the industrial revolution. How are standards developed today? What does the economics of standards tell about the impact of standards upon economic growth and productivity? Do standards influence industry innovation? How are the standardization processes in the field of ICT taking place? How and why do open standards differ from other types of standards? How may open standards influence ICT government policy and the reverse: How will government need to take action in the face of the international trend toward open standards in ICT?

    The reports perhaps raises more questions than they answer. But read them you must.

  • Mandatory Open Standards in Denmark

    I’d be interested in the international reactions to this piece of news:

    On Friday, the Danish Minister of Science, Technology and Innovation, Helge Sander, made a press announcement (Danish) about his plan for following up on the Parliament Resolution 8 months ago.

    The implementation plan is presented in a report which suggests that “open standards should be implemented gradually by making it mandatory for the public sector to use a number of open standards when this becomes technically feasible”.

    The report identifies an initial sets of open standards as candidates for mandatory use from 1 January 2008 “if an economic impact assessment shows that this will not involve additional costs to the public sector”.

    The implementation plan’s elements are as follows:

    • “From 1 January 2008, all new public IT solutions should make use of the mandatory open standards relevant to the IT solution in question unless there are significant reasons for not complying with these standards.
    • If there are significant reasons for not complying with the relevant mandatory open standards, this must be reported on signing the contract, stating the reasons for applying the exceptional provisions.
    • In case of IT solutions where the technical procurement is above the EU tendering limit, the reasons must be reported to the National IT and Telecom Agency for the purpose of publication.
    • All ministers must ensure that mandatory standards are drawn up within their respective areas of responsibility where this is relevant. This must be made in cooperation with local/regional administrations in line with the existing common public projects in the area of digitalization.”

    In short: The Danish Interoperability Framework gets a new level of status: Mandatory.

    The proposed mandatory standards from 1 January 2008 falls within the following areas:

    • Standards for data interchange between public authorities
    • Standards for electronic file and document handling
    • Standards for exchanging documents between public authorities (Open Document Format and Office OpenXML)
    • Standards for electronic procurement in the public sector
    • Standards for digital signatures
    • Standards for public websites / homepages
    • Standards for IT security (only within the public sector)

    Around a dozen standards: Compliant XHTML or HTML, complaint CSS, WAI Level 2, OCES (digital signature), XML 1.0, XML Schema 1.0, NDR 3.0, FESD (docuument management), OIOUBL, UNSPSC, and DS484 (ISO 17799).

    With regard to standards for exchanging documents between public authorities, the report proposes that “it should be mandatory to use at least one of the document standards Open Document Format or Office OpenXML”, and that it is up to the individual agency to decide what they want. The report explains that a study will be conducted this year with “the purpose of obtaining the necessary experience with these standards before 1 January 2008”.

    A revised governance model should ensure more mandatory standards over time. The minister is given more authority, but not much actual power to rule over the sectors. The report goes into the “comply or explain”-principle and how it will be practised, and here, it discusses exceptions … I’ll quote in length from their English summary:

    “Requirements regarding the use of mandatory open standards will not involve any obligation or incentive to expedite procurement, upgrading or implementation of new or existing IT solutions by public authorities.

    To ensure the value of open standards to the individual authority, it is important to avoid the authority being compelled to make inappropriate choices. For this reason, a number of exceptions are made to the general rule of using mandatory open standards.

    In connection with contracts and development projects, authorities are exempted from the rules of using mandatory open standards if this means that the authority is compelled to adopt a solution which:

    • is significantly more expensive in relation to using other standards,
    • degrades the security level critically in relation to using other standards,
    • involves a significant reduction in functional performance which is a direct result of the solution being based on mandatory open standards,
    • increases the implementation time markedly,
    • leads to conflicts with standards applicable within specific areas as a result of international commitments.

    Furthermore, public authorities are exempted from the rules of using mandatory open standards if the solution does not involve data interchange with other systems.

    In case one or more of the points above are in evidence, the relevant authority may choose to dispense with specific mandatory open standards for the solution concerned.

    New solutions where technical procurement involves overall costs exceeding the EU tendering limit must be reported to the National IT and Telecom Agency on signing the contract, stating the reasons for applying the exceptional provisions.

    New solutions with overall costs below this limit should also make use of mandatory open standards, unless they fall within the exceptional provisions. However, these solutions are not subject to the reporting requirement.

    Download the English summary as PDF or ODF. The full report in Danish is here.

    The consultation period ends 23 March.

  • On the radio: Sutor, Munk and Gøtze

    During Bob Sutor’s visit in Copenhagen (I posted the homemade video with Bob Sutor the other day), I had organised for him to be interviewed by DR (Danish Broadcasting Corporation, national public radio).

    Tonight, DR brought the interview with Bob in their program Harddisken (third section), with an almost half-hour long theme about open standards hosted by Henrik Føhns. He had invited me in the studio for comments and debate with Marie Munk, Deputy Director General in the National IT and Telecom Agency. Bob apprears in edited and partly-translated form, but Marie and I were live on the air (and didn’t get to hear Bob!). So, it was there and then. Afterwards, of course – oh, why didn’t I say this and that, and all that, but it was also fun being live.
    The whole show is now downloadable as a podcast — the Harddisken podcast-feed should reach 10.000 users, I was told, and is the third most used podcast of all in DR. Go get the podcast and help Harddisken become the most downloaded podcast! (of course, it’s in Danish, but the music is great 😉 – and Bob does get a bit of airtime, which of course is in English). About two-thirds into the MP3-file.

    Since I cannot get DRs online radio and their fancy DRPlayer to work in my system (Mac OSX, Firefox) I chose not to link to those services here … but want to say to DR: Thank you for the podcasts!