Vol III, No. 11
What Makes the Technical Process Work
Print this issue (PDF)
IT’S ALL ABOUT PROCESS
This issue is all about the process of setting standards. Not the game playing, not the business significance of standards, or any of the other things that the business and technical press typically cover, but what it takes to actually create good standards in a consensus environment.
In our editorial, we note that process gets little attention outside of the circle of professionals that run it. Worse, non-professionals have little opportunity to learn what it’s about, whether in school or on the job. Something could (and should) be done to plug the gap.
In our Feature Article, we take a first step in that direction by providing a primer on how to set up the standard setting process of a new organization, from concept to deployment.
Our Trends article this month is an interview with the Directors of Standards of three very successful standards organizations. Each of these experts shares his thoughts on what’s working in the standard setting process today, what’s not, and what can be done about it.
Finally, in our Standards Blog entry for this month, we report on the fact that there seems to be a forum, and a standard, for any purpose you could imagine (and many that you couldn’t).
As always, we hope you enjoy this issue. And if you do enjoy this free issue, don’t forget to Buy Your Books From Biff Whether you’re looking for a technical book actually listed on our site, or simply use the Amazon link that you’ll find at Biff’s to buy anything else that Amazon sells, you’ll be helping support this journal and ConsortiumInfo.org.
||Editor and Publisher
AT THE HEART OF THE MATTER
It’s curious that the aspect of standard setting that gets the least attention is the process of standard setting itself. Much is written in the business and technical press about specific standards, or the pervasive jockeying that surrounds their creation in order to influence outcomes. In academic journals, one can find serious works of scholarship on topics such as the economic impact of standards on society, how the antitrust laws relate to standard setting, and how standards can be used to erect trade barriers.
But what about the nuts and bolts process of actually creating standards? What procedures and practices are most conducive to good results, and how widely are they followed? It’s a fact that that absent an effective process, an effective standard is not likely to emerge.
It is true that there is a body of literature that surrounds this topic, despite the fact that it appeals to a relatively narrow audience. Indeed, there are even passionate debates among those that are most involved in standard setting over what the necessary attributes of a process must be in order to create work product that should be entitled to even be called a “standard”.
Still, this literature is comparatively high level, and focuses on those procedural elements that are deemed to be conducive to values such as due process, consensus and inclusiveness. In this context, the debate focuses more on whether the process is truly open (as in, “capable of producing ‘open standards’”), rather than whether it is likely to produce robust, timely standards that will actually prove to be useful.
Indeed, open process values have an importance that transcends individual standard setting organizations (SSOs). Absent conformance to accepted process standards, the work product of an SSO will not qualify for adoption by global standards bodies, or (at times) inclusion in the purchasing requirements of valuable government procurement contracts.
Important as these well-articulated values are, they are of only limited utility to those who must engage in the quotidian management of a standards process. Where are the manuals for the volunteers that must take time from their principal employment to chair a working group, or to agree upon the process of a new consortium that their employers have tasked them with creating?
It is strange that so vast a network of SSOs has so little literature of this type to rely upon in establishing and managing its efforts. Indeed, standard setting is almost like a medieval guild, within which skills are passed from the old to the young – but without the discipline or rigor that would guarantee that all that are admitted have access to the information and training that should attend the privileges of admission.
In our experience, the background of those actually charged with forming a new SSO is typically limited to involvement in one, or at most a few other SSOs. Often, those saddled with the task have no direct experience at all, and come instead from the marketing or business ranks of the founding companies. Not surprisingly, they are apt to borrow from the practices of one or two other SSOs in their industry, assuming those practices to be normative. The result is the creation of a technical process based upon mimicry rather than a comparison of alternatives, or the consideration of situational differences and accommodation of unique goals.
This hardly need be the case, given the fact there are many well-experienced individuals with valuable knowledge to share. But the point is worth making that standard setting (at least in the United States) remains largely an ad hoc affair, with almost no supporting academic infrastructure and only limited materials upon which to rely.
We believe that there is a real need for greater support of the standard setting process, in order to better train SSO participants, and to ensure that best practices are articulated, documented and disseminated. Such support could include:
- The creation of dedicated courses on standard setting in universities with a commitment to engineering. Such courses would be intended to guarantee that graduates would have an integrated understanding of how these future standard setting participants can play a productive role in the ongoing process of standards creation.
- Grant funding in support of creating a more robust standard setting infrastructure. Such grants might help fund the creation of manuals and training materials, as well as course materials for ongoing professional education, and serious work on the governance and practice of standard setting.
- Creation of a professional association for those involved in standard setting. Such an association could create courses on best practices, and certify those that had demonstrated proficiency and knowledge. Such a certification could become a valuable credential for those that acquire it, as well as a useful differentiator for employers in vetting candidates for standards-related positions.
- Creation of an institute dedicated to the discussion and documenting of best practices. Such an institute could be hosted by an appropriate educational institution (e.g., MIT), SSO (e.g., the W3C) or accrediting body (e.g., ANSI).
All of the above actions taken together would entail only a modest budget in comparison to the vast sums already dedicated by private industry and government to the creation of standards, and a minuscule amount in comparison to the economic importance that standards have to society.
It’s time that someone – perhaps a group of companies with business interests closely dependent upon standards – assumed a leadership position in this area, and took the modest effort needed to create a better educational infrastructure within which the heart of the matter of standard setting could be sustained.
Copyright 2004 Andrew Updegrove
CREATING AN SSO TECHNICAL PROCESS
(A PRACTICAL PRIMER)
Introduction: Behind every standard there is the process that led to its creation. Whether that process was robust or flawed will determine whether the resulting standard is respected or denigrated, neutral or tainted, timely or no longer useful. In short, whether the standard proved to be useful and adopted, or just a waste of time.
Today, there are thousands of standard setting organizations (SSOs), each with its own technical process. While nearly all of these individual processes have much in common, there can also be important differences from one SSO to another. Those variations may have arisen for deliberate and productive reasons, or to serve proprietary purposes, or (in the case of new SSOs in their early years) simply due to inexperience on the part of the founders of the SSO in question.
This article will outline the principal steps in conceiving, structuring, documenting, staffing, and deploying an SSO technical process, from the proposal of a new SSO to the actual launch of its committees and working groups. For a detailed description of how to manage the other aspects of creating an SSO, see the Forming a Consortium section of this site.
I What is it All About?
A technical process must be many things in order to be effective. Principally, it must be:
Technically competent: The process must facilitate the creation of standards that have high technical quality, are easy to implement, and are free of needless compromise material and multiple permitted compliance alternatives. It must also enable effective long-term maintenance of already released standards.
Open: Unless all can participate and have an equal say, and if the process is not managed skillfully, there will be suspicions that the resulting work product will favor some members more than others. Whether such concerns are justified or not, they can still lead to a lack of adoption of the resulting standards. Hence, the process itself must be created with safeguards and transparency, so as to inspire confidence and encourage participation.
Timely: Unless work product is completed in timely fashion, it may no longer be useful upon release.
Qualifying: If formal accreditation, or registration under the National Cooperative Research and Production Act (NCRPA), or eligibility under United States government procurement requirements, is deemed to be desirable, then general and/or specific process steps must be included.
Feasible: Different SSOs have different budgets. The more constrained the budget, the more care must be taken in creating and voluntarily staffing a process that can still be effective.
The planning of a technical process that can meet each of these tests should begin as soon as planning for the creation of the SSO itself commences. Otherwise, there will be a lag between the announcement of the new organization, and the initiation of real technical work. As a result, a process team should be created early on in the formation process, and should work in parallel with the business team that is addressing issues such as governance, membership structure, dues and recruitment.
II Extrinsic Factors
While consortia in general and (to a lesser extent) accredited standards developments organizations (SDOs) enjoy a remarkable freedom of operation, there are a limited number of external laws, regulations and private sector rules that should be taken into account in crafting the technical process.
While each of these topics warrants the type of lengthy and detailed discussion that is beyond the scope of this article, they may be briefly summarized as follows:
Formal Accreditation: The geology of the standard setting landscape has four distinct strata:
- Regulations (enforced by the power of the state).
- De Jure , or formally adopted, standards , that have been approved by accredited standards development bodies.
- Consortium standards , adopted by the many unaccredited standards organizations referred to as consortia, forums and special interest groups (SIGS), that are usually lumped together under the name “consortia”.
- De Facto standards , that are the creation of a single company, or small group of companies, rather than through an open, consensus process. The most commonly cited example of a de facto standard is the Microsoft Windows® operating system, in its various forms. (Some purists use the designation “de facto” for any standard that is not created by an SDO.) Such “standards” are not standards in the classical sense at all, but due to their very wide adoption can still provide many of the utilitarian benefits that true standards are intended to convey
In order to have the status of a de jure standard, a specification must have been created within the organization that is internationally recognized as the official standard setting body of the host country, or by an organization that has been “accredited” by that body or an international accrediting body. In the United States, the organization that is recognized for most purposes in that regard is the American National Standards Institute, or ANSI. Some 200 SSOs, representing virtually all branches of industry, are currently accredited by ANSI.
Accreditation conveys two primary benefits (among others): first, it means that the organization itself meets a set of standards that are deemed to be conducive to values such as openness and due process. Second, it means that the standards that are produced by the accredited organization may be proposed by the national standards body for adoption by the major global standard setting organizations, such as ISO, IEC and the ITU. Adoption at this level can greatly add to the uptake of the standard in question for a variety of practical and international treaty reasons.
Traditionally, most new SSOs in the United States sought ANSI accreditation. However, beginning in the late 1980s, companies in the information technology (IT) industry began to break out of that mold, and began creating SSOs on models that were in some cases very similar, and in others much more proprietary, than those that would qualify for accreditation by ANSI. Over time, this model not only became well established in that space, but also began to spread into other areas of endeavor, such as the communications technology (CT) industry.
Moreover, the standards that these bodies created often became widely implemented on a global basis, notwithstanding the fact that they had not been approved by any national or global accreditation body. In fact, some of these SSOs (such as the W3C) voluntarily follow processes that were as open and stringent (or more so) than would be required in order to be accredited.
As SDOs lost market share to the consortia in the information and communications technology (ICT) areas, the SDOs began to create procedures that could be utilized by consortia to offer their work to national and global SDOs for adoption, albeit under a less prestigious designation. As a result, the advantages of seeking SDO status, at least in some industries, have eroded considerably in the eyes of some observers.
In summary, a crucial decision for those that would form an SSO is whether or not achieving accredited status is important to the achievement of their goals. If so, then the technical process in particular, but also the membership and certain other policies of the new SSO must meet the requirements of the accrediting body of the host country.
Government Procurement: Governments of various countries have standards-related procurement rules. Since governments are often very significant purchasers of goods and services (in the United States the Federal Government is by far the largest purchaser), meeting those requirements can be a significant consideration in creating a new SSO.
Using the United States once more as an example, Congress passed a unique piece of legislation in 1996, titled The Technology Transfer and Advancement Act (NTTAA). Under the NTTAA, all of the federal agencies are encouraged to participate in SSO standard setting activities, and are required whenever possible to buy products that are based on SSO standards, in preference to “government unique” standards.
The primary document that provides guidance on the NTTAA is Office of Management and Budget (OMB) Circular A-119, which was revised by the OMB in 1998 in an effort to facilitate implementation of the NTTAA. Under A-119, a set of high-level process criteria is set out that generally tracks the more detailed requirements that ANSI uses to test the membership rules and technical process of an SSO seeking accreditation. While the federal agencies are not barred from purchasing even de facto standards-based products, alternative wares based upon standards that meet, or approach, the requirements of A-119 may have a competitive advantage in some settings.
Thus, whether or not a new SSO decides that seeking accreditation is advisable, it is still important to assess any procurement rules that may affect the value and the uptake of its standards. Especially in defense and other areas where government purchasing is very significant, companies may be less likely to join an SSO, or implement the standards of an SSO, unless that SSO’s technical process meets the minimum requirements of such rules.
Fortunately (or unfortunately, depending upon your point of view), the process requirements set forth in A-119 are in many respects general rather than specific. This has provided greater flexibility for the Agencies in purchasing products based upon the most technically effective and widely adopted standards, regardless of the finer points of the standards process that have produced those standards.
Treaty Requirements: In some cases, treaties impose national obligations to adopt certain standards. In such a situation (e.g., where food standards are in question), the first question to ask is whether such a treaty exists, and if so, how the requirements of such a treaty can be met.
Antitrust and Other Safe Harbors: In some cases, there may be national legislation that may provide total or partial immunity from the impact of certain laws. For example, in the United States, the NCRPA provides a measure of immunity from sanctions under the antitrust laws. Unfortunately, under legislation passed in 2004, the NCRPA was amended to cover standard setting more specifically (a good thing), but also deny coverage to SSO members. In order to be eligible to make a filing under the NCRPA, the technical process of an SSO must meet the requirements set forth in OMB Circular A-119. Since making a filing under the NCRPA is very easy, it is advisable to do so where the process requirements of A-119 are conducive to achieving the goals of an SSO’s members.
III Intrinsic Factors
Every new SSO should have the equivalent of a business plan, and that business plan must not only clearly articulate the goals of the new organization, but also dispassionately assess its projected resources and the image that it wishes to create in the general business community. In the area of technical process, that means that the plan should address factors such as:
How Broad is the Technical Agenda? If the SSO has a technical agenda limited to a single specification, then a simple technical committee will be all that may be required. Conversely, if the SSO hopes to be the sole standard setting venue for an entire technical area or product space, then a variety of additional concerns will arise, such as the following:
- How many levels of working groups will be needed? In some cases, a single level of working groups operating under the Technical Committee will suffice. In other cases, an intermediate level of interest groups may need to be created to accommodate the domain-specific interests of members in a particular industry niche. Providing for SIGS below the working group level may also make sense, so that smaller numbers of members can (for example) explore possible projects and develop them to a point where a broader range of members can evaluate their potential interest.
- How will the output of multiple working groups be technically reconciled? Where an SSO has a broad technical agenda, it must worry whether its own standards will work well together. In such an organization, an “architectural review board” may be needed in order to identify potential conflicts early, and reconcile them appropriately and efficiently.
How Open Does the Organization Wish to be? Ideally, the answer to this question will be “completely.” However, a given group of founders may not aspire to create open standards, but may instead contemplate an organization that is more akin to a joint venture. In such a situation, a technical process may still be required, but the result will be a cross licensing arrangement that will allow all parties to create products based on those standards, and to sublicense implementation rights as well (the unincorporated “promoter/adopter” model is often used in such a setting). In such a situation, the degree of openness should be clearly articulated from the outset, so that all involved are in agreement on this important point, and because many process decisions will be affected by the answer.
What are the Available Resources? SSOs vary dramatically in the degree of infrastructure that they can afford. At one end of the spectrum, we have worked with limited agenda SSOs with annual budgets of under $50,000 that operate entirely on a virtual, voluntary, contributed resource basis. At the other extreme, we have helped set up organizations with multi-million dollar budgets, large paid staffs, very sophisticated IT platforms, interoperability centers, and busy in-person meeting schedules on multiple continents. What a given SSO can afford to do will be limited by how many members it can recruit, and what value those members attach to the goals of the SSO.
The most significant question under this heading is whether a full time technical director can be hired. In some cases, a member may be willing to contribute such an individual instead, and continue to pay her salary. Of these two approaches, the former is sometimes preferred, in order to neutralize any fears that one member will have disproportionate influence over the technical program. Regardless of the ultimate approach taken, a member employee will usually be needed to serve as technical director on an interim basis during the formation process, pending funding, identification and hiring of a full-time SSO employee.
While a first rate technical director (full, part-time or seconded by a member) is essential, the chairs of each working group are equally important for the work taken on by that committee. Care in the selection of individuals and clear articulation of the time and talent demands that the chair position will require are vital to optimizing the success rate of the technical process.
What is the Proper Balance Between Speed and Process? In some non-ITC sectors, the standard setting process can afford to proceed at a leisurely pace. More typically, the rate at which a given standard advances is a matter of critical importance to those involved. Since consensus processes are by their nature time consuming, a decision must be made regarding how much process can be provided while still ensuring a useful result. Multiple decisions will follow from the decision made on this point, from whether or not all negative comments must be reconciled to how long comment and voting periods will remain open, since each step in the process adds to the total production time.
What Rules Should the IPR Policy Include? In recent years, it has become a given in the ICT sector that most members will not join a new SSO until its intellectual property rights (IPR) policy has been completed. Since a large number of companies will have strong opinions on the topic, it is imperative that the question of whether or not an IPR policy is a gating factor to formation be answered as a first order of business. Even if the answer is “no”, it will typically still be true that little or no technical work will be permitted to commence until that policy has been created and adopted.
As a result, it is important to assign a working group to creating an IPR policy as soon as the founding group of companies has agreed to move forward with the creation of an SSO. The task of creating an IPR Policy is not only vitally important, but also complicated and (often) laborious. For a detailed discussion of this topic, see the Intellectual Property Rights Policies < http://www.consortiuminfo.org/ipr/> section of this site.
IV Mapping out the Process
Once a technical process team has been appointed and the above questions have been answered, the next level of details can be discussed, and team members assigned to work on them. The elements of this next layer include the following:
- IPR Policy: The IPR Policy is typically a high-level rule set that is either a stand-alone document (our preference), or included in the membership agreement or bylaws. Elements of the IPR Policy will tie into the process itself as regards when IPR must be disclosed, when “patent calls” may be made at meetings, and so on.
- Process and Procedures of the Technical Committee (PPTC): This document is the “Bible” of the technical process, and is roughly analogous to the bylaws of a corporation. In the PPTC document, all of the critical details of the process should be spelled out (as described in the Section VI of this article).
- Organizational Structure: The final technical development structure should be diagrammed, showing not only the initial committees, boards and working groups, but also those that are expected to be needed at a later date.
- Approval Structure: The workflow of a standard from proposal to release should also be diagrammed, as the required steps between approval at the working group level and final release of a standard can vary widely from organization to organization. In a single-specification SSO, the adoption vote of the Technical Committee, followed by ratification by the Board of Directors, may be all that is needed. In a very active SSO, however, there may be multiple intermediate steps (backwards as well as forwards) involving voting by subgroups, review by Architecture Boards, and approval by a business or other committee before final ratification by the Board.
- Technical Platform: Today, there are excellent platforms (e.g., those provided by Kavi – see www.kavi.com) that provide great flexibility and effectiveness for managing and documenting the technical process. Arrangements should be made early on to contract for such a platform on a licensed or remotely hosted basis.
- Meeting Schedule: A plan should be developed that spells out whether meetings will be face-to-face, telephonic and/or electronically hosted. Usually, the answer will be “all three”, but the actual schedule and distribution of methods nonetheless needs to be described.
- Roadmap: The technical deliverables necessary to fulfill the initial technical vision of the new SSO need to be prioritized and laid out chronologically, and the resources needed to execute on that plan reasonably determined and provided for.
- Staffing : The mix of volunteer, hired, and/or contracted personnel must to be agreed upon, and recruitment and contracts concluded.
V Implementation Requirements
Depending upon the high level decisions made, the rules of the technical process will need to incorporate the specific requirements of one or more of the following:
Government Procurement: OMB Circular A-119 states in part that:
A voluntary consensus standards body is defined by the following attributes:
(ii) Balance of interest.
(iii) Due process.
(vi) An appeals process.
(v) Consensus, which is defined as general agreement, but not necessarily unanimity, and includes a process for attempting to resolve objections by interested parties, as long as all comments have been fairly considered, each objector is advised of the disposition of his or her objection(s) and the reasons why, and the consensus body members are given an opportunity to change their votes after reviewing the comments.
A-119 does not specify in detail what exactly would be required to meet these tests. However, the drafters of A-119 were certainly aware of the due process requirements of ANSI, and the language quoted above tracks the language of the ANSI rules discussed below. Accordingly, the ANSI process requirements may be regarded as sufficient, even if it cannot as certainly be concluded that meeting all of those requirements is necessary to meet the minimum threshold of A-119.
NCRPA filing: The question of what process requirements would be required to qualify for effective protection under the NCRPA is somewhat complex. On the one hand, meeting those qualifications might preclude any filing by the members of an SSO as a joint venture. On the other hand, if the SSO itself wishes to avail itself of the NCRPA, then A-119 provides the test of eligibility (as well as the ambiguity: how much process (and of what type) does it take to meet the OMB A-119 test?) Unlike government procurement, however, where the federal agencies are not precluded from purchasing products based on standards created under processes that arguably fall short of the A-119 test, an SSO will either be protected or not, depending on whether a court decides that its process has made the grade. (For a more detailed discussion of the application of the NCRPA to SSOs after its recent amendment, see What Does 1086 Mean to Consortia?).
Accreditation: If formal accreditation status is desired, then compliance with the rules of the host country will be required. In the United States, those requirements include not only adherence to the ANSI Patent Policy, but also the ANSI Due Process Requirements for American National Standards. While each of these documents is comprehensive, neither contains specific procedural steps that are mandatory. Accordingly, substantial latitude in process is allowed. Contacting the accreditation body in question at an early date is an obvious and recommended step.
VI Significant Process Decisions
Whether or not a given SSO decides to seek accreditation or otherwise become subject to any formal requirements, there are a number of decisions that are inherent in the technical process that must be made. In chronological order, they are:
Initiation: What should it take to launch a project within the SSO? The answer to this question should take into account allocation of often-scarce resources, relevance to the strategic mission of the SSO, and generality of interest to the membership as a whole. Typical preconditions include minimum numbers of supporting members, and approval by the technical director, vote of the technical committee, and/or approval by the Board.
Member access: Will the work of a working group be open to all members, or only to those involved? The answer to this question will largely relate to the IPR policy provisions adopted, since access to information but absence of disclosure obligations can make it possible for non-participating members to file patents that map the evolving standard.
Public access: The question of whether or not to make the in-process work of a working group publicly available has many facets beyond increasing the potential for IPR gamesmanship. For example, if anyone can track a standard in development, there is less incentive to join (and economically support) the SSO. On the other hand, making a draft standard public at some point during the process can have many advantages (and, in the case of accredited SDOs, is not required). Those advantages include receiving useful technical and other comments, bolstering the reputation for openness of the standards and process of the SSO, and sometimes learning of patent infringement issues in time to design around the problem. Many unaccredited SSOs as well as SDOs therefore adopt this practice.
Reconciliation: SDOs typically require the reconciliation of all negative comments as part of their technical process. Many consortia, on the other hand, tend toward permitting detailed discussion, followed by majority voting (and then moving on), which requires fewer resources and allows for more rapid progress. Whether or not accreditation or the benefits and protections that compliance with A-119 may afford will have an impact on this decision. SDOs typically require the reconciliation of all negative comments as part of their technical process. Many consortia, on the other hand, tend toward permitting detailed discussion, followed by majority voting (and then moving on), which requires fewer resources and allows for more rapid progress. Whether or not accreditation or the benefits and protections that compliance with A-119 may afford are considered to be desirable, will have an impact on which approach a given SSO will decide to take.
Who must disclose IPR: In light of the assertion of a number of “submarine” patents (i.e., patents that have been hidden until a standard has begun to be implemented, and then asserted for profit) in recent years against the implementers of standards, more and more SSOs are requiring that some or all of their members must disclose whether or not they have any IPR that would be infringed by the standard in development, if adopted. In the drafting of the IPR policy, decisions must be made not only regarding who must make such disclosures, but when. These decisions must then be implemented mechanically in the PPTC.
Who must finally approve a standard: Most SSOs reserve the determination of the strategic direction of the SSO to the Board of Directors. As a result, many SSOs also require the Board of Directors to finally approve a draft standard. The scope of such review is typically limited to confirmation that the standard lies within the scope of the SSO. The Board may also serve as the court of final appeal to resolve any protests over violations of process that have not been otherwise reconciled.
VII Other decisions
In addition to the critical decisions described above, a variety of more mundane but still important determinations must also be made to flesh out the technical process. Specific topics include the following:
- Quorum: How many participants, and from what classes of members, must be involved in a meeting to move forward?
- Majorities: How many of those eligible to vote must do so to approve or advance a specification?
- Chairs: How are chairpersons nominated, elected and (when necessary) replaced?
- Timing: How long will working group formation periods last? How long will comment periods last? How many comment periods will there be? How often will there be votes? How long will voting periods remain open?
- Maintenance: How are standards, once adopted, updated and eventually retired? Do the working groups that developed them remain open, or are new groups commissioned for that purpose as and when necessary?
VIII Drafting the PPTC
A number of important rules relating to the technical process will typically be found in the Bylaws of the SSO (our preference), or, less frequently in the membership application or agreement. Those rules include which classes of members are entitled to participate in the technical process, which may vote in that process, and (sometimes) which classes of members can nominate technical committee officers. However, the bulk of the detail regarding technical matters should be found in the IPR Policy and the PPTC.
As a result, the PPTC is a vitally important document, and deserves not only careful planning, but also careful drafting to ensure clarity, comprehensiveness and ease of use. The technical process planning committee should prepare the PPTC as soon as practical. Once completed, the draft should be reviewed by legal counsel and approved by the Board of Directors before it is put into place.
The reasons for such thoroughness are multiple: in the first instance, the process must be mechanically effective. It also must be consistent with the values and goals of the SSO, and not result in legal risks for the members, staff or directors of the SSO. Finally, the process rules should make gamesmanship as difficult to engage in as possible.
For similar reasons, all material revisions to the PPTC should require legal review and Board of Directors approval.
Once the technical process has been fully planned, documented and approved, deployment may follow. The deployment and ongoing maintenance of the technical process requires a few additional steps:
Posting of Standards: Completed standards should be displayed at a public part of the SSO Website for free or fee-based downloading.
Promotion: What if you gave a standard and nobody came? It is a rare SSO that numbers the majority of all potential implementers among its members, and therefore a plan needs to be developed to publicize the fact that a standard has been completed and is available for implementation.
Reselling: SDOs that sell their standards for a profit to help underwrite the costs of their operations typically use resellers, even if they also sell their work directly. As with any other product, there are multiple channels available, and those channels must be identified, and then assessed to determine those that will produce the optimal result. Finally, they must be contacted and contracts agreed upon and signed.
Legal Arrangements: A variety of legal concerns need to be attended to. They include:
- Display of any “friendly” assertions of infringement by members that have been disclosed during or after the adoption process.
- Display of contact data or links to the owners of any such IPR that are willing to provide licenses.
- Notice of any “unfriendly” assertions of IPR that have been brought to the attention of the SSO.
No position is typically taken by the SSO as to the validity or invalidity of any assertions of IPR, whether friendly or otherwise
Technical Arrangements: All of the above features need to be enabled technologically. For SDOs that wish to sell their standards in electronic form, digital watermarking and other technical mechanisms will be particularly important, in order to prevent unauthorized copying and distribution.
International Adoption: Whether or not an SSO is accredited, it may wish to seek adoption of its standards by other national or international, accredited or unaccredited SSOs. In such cases, some level of synchronization of the processes and IPR policies of each organization is required.
Maintenance: Standards must be evaluated on an ongoing basis to fix deficiencies as they are discovered and to determine whether the standard itself needs updating in order to continue to be useful. Process and staffing must be provided to serve this need.
Withdrawal and Archiving: Eventually, a standard will have completed its useful life. When this occurs, the standard should be withdrawn, but should remain publicly accessible for reference and study purposes. Once again, the PPTC should address how, by whom, and when this final step may be taken, and the SSO’s Website should provide access to the retired material.
Summary: If the foregoing overview of the tasks that face would-be founders of an SSO is somewhat daunting, it is hardly surprising. Standard setting is a vital and important part of the modern world, and those that undertake it should not do so lightly. At the same time, no SSO progresses from an idea to a portfolio of adopted standards in a short period of time, and there is therefore ample time to carefully consider the decisions that need to be made, to recruit the talent needed to share the work, and to put in place the infrastructure needed to support the results. Typically, an SSO will take at least six months to complete most (but far from all) of what is described above.
At the end of the day, it should be remembered that the rewards for those that develop standards, and the stakes for those that rely on the products that implement them, are high. But standards, as noted at the beginning of this article, can be no better than the process developed to create them.
Creating such a process is a job that’s worth doing right.
Copyright 2004 Andrew Updegrove
OMB Circular A-119:
Department of Justice guide to the NCRPA:
The ANSI policies and procedures referred to above may be found and downloaded here.
For more on best practices on forming and participating in SSOs, see: The Essential Guide to Standard Setting and Consortia:
MAKING THE TECHNICAL PROCESS WORK
(AN INSIDER’S VIEW)
Introduction: One of the most important, and perhaps least acknowledged, roles in the modern commercial world is Director of Standards of a standard setting organization (SSO). This is particularly true in the information and communications technologies (ICT) industry, since the commercial viability of virtually every ICT product and service is dependent on the effective development and deployment of a variety of standards. Without these standards, most such products and services would simply not be able to operate in today’s networked world.
But standards are not created by focused teams answerable to a single employer. Rather, they are produced by employees of competitors who often have divergent agendas (both public and private). And those employees are engineers with their own firmly held technical views, and varying degrees of experience in standard setting. Finally, the standards produced must work, rather than conflict, with other standards, developed not only by the host SSO, but also by other SSOs that may be active in the same or adjoining technical areas.
Hence, whether or not a useful standard is ultimately produced depends in large part on how well this quintessential aggregation of cats is herded. The individual who bears that burden first and foremost is the salaried or volunteer Director of Standards (DOS) of the SSO.
Whether carrying the title of Chief Technology Officer, Vice President-Standards, or some other title, the DOS is ultimately responsible for how well the entire system operates. Depending on the staffing and organization of a given SSO, the duties of a DOS may range from helping to define proposals at the front end of the process, to recruiting effective working group chairs, to rationalizing technical conflicts and resolving disputes, to explaining resulting standards to the world.
Given this role, DOSs are uniquely able to assess what works, as well as what does not work, in the standard setting process. Over time, they are also well positioned to spot trends in the standards community, and to evaluate the impact of those trends on the standard setting process and the quality of its output.
As a result, the Directors of Standards for SSOs are a perfect source of information on the current health of the SSO technical process. In this article, we present the results of an interview we conducted in the first week of November with the DOSs of three prominent and successful SSOs. The result is a first-hand report on what it takes to make the standard setting process work, and what is affecting that process today.
The Experts: We were fortunate to have the cooperation of three very experienced experts from a variety of ICT backgrounds: two from consortia and one from an accredited standards development organization (SDO). (Each of these individuals is expressing his personal views, and is not speaking for any organization that he is now or has in the past served.) Together, they have 25 years of corporate and/or SSO standards director level experience, and the SSOs that they have served have a combined membership of thousands of corporations, universities and government agencies. They are:
Karl Best: Until a few weeks ago, Karl was the Vice President of OASIS – the Organization for the Advancement of Structured Information Systems (he is now the Director of Standards of another SSO). Karl’s background in standard setting goes back ten years, and includes responsibility for the operation of OASIS technical activities for the past four and a half years.
Steve Oksala: Since 2000, Steve has been the Vice President, Standards of SCTE – the Society of Cable Telecommunications Engineers. He has been directly involved in standard setting since 1987, when he became Director of Standards Management for Unisys Corporation. He has also served on the Board of Directors of the American National Standards Institute (ANSI) since 1990, and is currently the Vice Chairman of that Board. At SCTE, he manages an ANSI-accredited standards process.
Carl Reed: Carl is the Chief Technology Officer and Executive Director, Specification Program, of OGC – the Open Geospatial Consortium (previously the Open GIS Consortium). Carl initially became involved in the OGC standards process in 1994 as a member representative. In 2000, he began consulting with OGC as an architect, and in 2001 formally joined the OGC staff.
The Organizations: The SSOs that our experts serve are diverse. Their missions are as follows:
OASIS: Founded in 1993 as SGML Open, OASIS currently has 80 approved Committee Drafts (i.e., specifications that have been adopted by the Technical Committee and released for implementation). 18 of these specifications have been approved by the entire OASIS membership, and issued as OASIS Standards. The mission statement of OASIS focuses on the development and adoption of e-business specifications, but the definition of “e-business” is extremely broad (Karl Best: “i.e. anything that a business can do electronically”). In addition to standards, the work product of OASIS Technical Committees can include white papers, guidelines, test suites, and other useful material. OASIS has a very “big tent” approach, and at any point in time typically has more than 65 Technical Committees in operation.
SCTE: The Society of Cable Telecommunications Engineers was formed in 1969, and currently maintains 140 approved standards. It is both a professional society with individual membership, as well the host of a standards program that operates with the participation and support of corporate members. Since SCTE supports the cable telecommunications industry broadly, its standards development program is extensive, addressing: data and telephony over cable; application platform development; digital video; emergency alert systems; network monitoring systems; cables, connectors and amplifiers; and construction and maintenance practices. Its output includes standards, specifications, and technical reports, and its work takes place within six main technical subcommittees.
OGC: The Open Geospatial Consortium is ten years old, and has adopted 13 standards to date. Two of these specifications have also been adopted as ISO standards, with a third expected to attain that status in 2005. Its domain is standards for geospatial and location based services, and its mission is to create open and extensible software application programming interfaces for geographic information systems (GIS) and other mainstream technologies. Current work involves areas as diverse as digital rights management and sensor webs. The number of Working Groups active at any one time varies, but is generally about 12, including those engaged in revision of already adopted standards.
What we Learned: There was agreement on many issues and trends, but interesting differences of opinions on others. Here are some of the dynamics and trends (both positive and negative) that came through most clearly:
- Maintaining liaison relationships with multiple SSOs is necessary, and while the efficiency of this one-on-one method of interaction could be greater, the system works about as well as could be expected given its ad hoc, distributed character.
- New technical developments (e.g., the Internet and Web) and business trends (e.g., ICT convergence) are making liaison relationships more numerous and important than ever, and also increasing competition among SSOs.
- This competition among SSOs hinders, rather than helps, the overall standards environment. The proliferation of consortia in some sectors has aggravated this condition.
- Most SSO members generally accept the time span that a strong consensus technical process requires, but new intellectual property rights (IPR) policies are placing strains on their patience. In some cases, market timing concerns are leading SSOs to accept shortcuts that may have negative process impacts.
- What members put into an SSO will have a big impact on what they get out of that organization; simply sending employees to meetings is not enough to permit realization of maximum value.
- Similarly, members that only send engineers to an SSO, but do not promote the standards of that SSO, or share their strategic plans and standards needs with an SSO, do not help SSOs or their own standards-based products succeed as much as possible.
- The member activities that hurt the standards process most (and most often) are over-loading or replacing of representatives (leading to missed deadlines and delays), and deliberate game playing.
- Though not a problem in all three SSOs, the behaviors of member representatives that most hurt the process include gratuitous debating, lack of attention, and rule nit-picking.
- In general, SSO participants are more aggressively pursuing their corporate self interest than in the past, rather than placing the highest priority on creating the best standards.
- Playing a proprietary hand leads to getting less, and not more, out of the standards process – even for those that may be looking out for their self interest most overtly.
- Accredited SDOs and consortia are working more closely together, and each kind of SSO has learned some valuable lessons from the other.
- The increasing focus on IPR rules and process is making the lives of some DOSs more difficult.
- The development of sophisticated technology platforms is having a dramatic and positive impact on standard setting.
In addition, our three DOSs had a wealth of individual observations based upon the unique missions of their respective organizations, as well as some interesting suggestions (and the occasional rant). The full text of the interview follows.
A. Looking Inward
CSB: What's different about your organization in comparison to other SSOs (i.e., what do – or don't you do)?
KB: OASIS is designed to be very open in allowing all interested parties to either participate or observe, and is entirely member-driven in its technical agenda and approval process; OASIS management makes no decisions in regards to the creation or advancement of technical work.
SO: Unlike virtually all accredited standards development organizations (SDOs), we do not sell our standards. This is because we are organizationally based rather than individually, and because our organizational members are willing to provide dues support.
CR: We have interoperability initiatives that are fast tracked engineering collaborations that are structured to sequentially: capture requirements; develop a new interface specification (or profile an existing one); allow implementation by members; and then be finally written up. This has allowed us to define and document new specifications very quickly while at the same time having them implemented and tested. We have a number of standard setting processes and procedures that other SSOs might find of interest. Our Interoperability Program (test beds, pilots), Interoperability Experiments, and compliance testing framework are also not typically found in other SSOs.
CSB: How is the technical process staffed at your organization?
KB: Besides its other staff, OASIS has a three-person paid staff providing guidance and oversight to the operations of the TCs, but these people have other responsibilities as well. Each TC will have one chair or two co-chairs, generally a secretary, and generally an editor. In some smaller TCs all of these roles are handled by a single person. All of these roles are filled by non-staff volunteers. Note that unlike other organizations, OASIS does not provide technical input/participation from staff into the development of the TCs’ work; staff participation is only oversight.
SO: The SCTE standards staff consists of three people. Member representatives act as chairs of our subcommittees (and vice chairs and secretaries where the subcommittee wants those offices) and they participate in the technical work. The members of our Engineering Committee supervise the operation of the standards.
CR: The OGC has 12 full time employees, four of which are dedicated to the standard setting process. Four other full time employees perform tasks that support the technical process in other ways (e.g., portal and website maintenance, outreach, and education). Finally, we have three member-dedicated employees that help with the technical process and the interoperability initiatives. All OGC Working Groups are chaired by representatives from member organizations. The OGC specifications themselves are written and edited by our members.
B. Looking Outward
CSB: With what other organizations does your organization maintain liaison relationships?
KB: Many, both formally and informally. In regards to the de jure international standards organizations, OASIS has Class A Liaison status with multiple ISO TCs, is a PAS submitter to ISO/IEC JTC1, is an A.4 and A.5 submitter to ITU-T, and a member of the ISO/IEC/ITU/ECE Memorandum of Understanding on e-Business. OASIS also has either formal MoU agreements or informal working relations with a wide range of industry consortia and standards organizations.
SO: CableLabs, NCTA, CEA, ATSC, IEEE, ETSI.
CR: ISO TC 211 (Class A and a Joint Advisory Group), OASIS Membership, volunteerism by OGC staff in the work of the IETF GeoPRIV Working Group, and collaboration with W3C, OMG and SISO.
CSB: Do you think that the current informal liaison system works well?
KB: As well as could be expected. Certainly things are not perfect, and it is not efficient to have to negotiate a new relationship between each possible pair of organizations. But given that each organization is independent and has its own process this is probably the best that could be done -- short of each organization giving up its sovereignty to a parent organization that would tell them how to operate. And this is obviously not going to happen.
SO: It works as well as can be expected among competing organizations. The staff of SSOs frequently think of themselves as operating businesses; this is fine until they begin to make decisions based on the best interest of the organization as opposed to the best interest of the members. Competitive behavior is one aspect of this. The problem is exacerbated by the fact that the participants at any given SSO develop ties to it, and are therefore biased toward it in any discussions.
CR: For us, it is working well for the ones we interact with on a regular basis. But we are also always seeking ways to improve communication and collaboration with the other SSOs we work with.
CSB: What do you think would enable better coordination among standard setting organizations?
KB: For the past few years I’ve been working on and promoting the idea of each organization publishing the status of its work in a registry. If all organizations published their information in a standard manner we could reduce the amount of duplicative work and increase adoption of completed work. A number of standards organizations including OASIS are hosting registries, but these registries are not constructed in a similar manner nor do they use consistent metadata.
SO: Stronger management by the members, particularly more senior management in companies.
CR: I t would be nice to have annual face to face meetings in which all the SSOs send representatives to 1.) talk about what they are working on 2.) look for additional opportunities for collaboration 3.) look for ways to avoid duplication of work that leads to multiple standards designed to solve the same problem, and 4.) consider issues (such as IPR) that are cross-cutting issues and affect the work and potential success of any given SSO.
C. How Members Choose SSOs
CSB: Is the quality of the technical process a big factor when participants choose one SSO over another as a place to launch a given initiative?
KB: I think that it is. Obviously a person (or company) doesn’t want to participate in a process that doesn’t give them a say in how the work turns out. And as all participants have an interest in seeing the resultant work adopted, they should be listening to the concerns of the potential adopters; potential adopters will be (or at least should be!) concerned about the openness of the process. Participants should also want to know before joining whether the process has safeguards against hijacking or gaming by any small number of powerful participants. And finally, they should know whether an organization’s standards will be eligible to be adopted by de jure international standards organizations, and whether the process will stand up to scrutiny by regulatory agencies (in the event of a lawsuit).
SO: I think it is a factor, but not a major one – the primary concern is that it is open and, for some of our work, the ANSI accreditation is important. The nature of the work is the most important factor.
CR: In the geospatial domain, n o. As the OGC and ISO TC 211 are the only two standards organizations focused on the geospatial domain, this has not been a factor. Further, the OGC and ISO work closely together and collaborate on a regular basis to insure that the work of the two organizations is harmonized as best we can.
CSB: How often do you think differences in process methodology (e.g., following ANSI methodology, or providing test beds or test suites, etc.), as compared to difference in quality, make a difference in where participants choose to propose an initiative?
KB: Potential participants may indeed choose one organization over another based on the activities that the organization offers. They may be interested in pursuing a broader range of activities, i.e. creating test suites in addition to just developing the specification. There’s a “complete picture” of activities related to the lifecycle of a specification, both before and after the specification itself is approved: gathering of requirements and use cases, development of certification requirements and test suites, development of reference implementations and adoption guidelines, long-term maintenance, etc.
SO: It makes a difference if the participants can exclude others, which they sometimes wish to do.
D. How Members Use SSOs
CSB: In your organization, do you find that participation is driven mostly by the employee/participant, or by the employer/company?
KB: Probably a bit of both. In some cases an employee will discover an effort that he is interested in, either personally or because it might be of some value to his employer, and request permission from his management to devote time on the effort. (In some cases he may even be interested enough to participate on his own time.) In other cases it might be the employer who becomes aware of the effort and assigns the employee to participate as part of his work assignment.
SO: By the company.
CSB: Do you think that participants generally find the requirements of a consensus-based technical process to be reasonable, or do they sometimes get impatient with the process?
KB: I think that most participants do indeed find them reasonable; they see benefits from allowing all interested parties to participate in an open, democratic process. But lately I have seen requests by certain large companies that standards organizations provide “fast track” approvals of already completed work that they submit. I see this as a disturbing trend: the practice of a single company or small number of partners developing work in a closed, private environment then submitting this work to a standards organization for quick approval or “rubber stamping”. While I can certainly understand a company’s desire to “get it right” and to “move quickly”, they are getting it right only for themselves and are ignoring the needs of a broader audience who should have been invited to participate.
SO: If the participants are interested in an open process, they do not find the consensus-based procedures burdensome. These days it does not take all that long.
CR: The OGC Policies and Procedures are constantly reviewed and modified as required by the members to insure that our specifications move as quickly as possible to adoption. For the most part, OGC members are satisfied with the process and find the requirements reasonable. If not, they say so and if the membership agrees, we change the process. However, the new Intellectual Property Rights (IPR) policy that we had to recently put in place adds months to the adoption process. This is an unfortunate byproduct of all the IPR and patent issues surrounding IT these days.
CSB: How can companies best support SSOs, over and above sending people to participate in committees?
KB: The work done in technical committees or working groups isn’t the only aspect of the standards organization’s work, nor of the life cycle of a specification. Companies can support the standards organization itself through contribution of qualified people to work on advisory or governing boards, and by providing monetary and in-kind resources for events and activities promoting the adoption of the organization’s work. Sponsorship is also needed for such activities as industry-wide registries.
SO: Financial support to the organization, obviously. (And in a way that allows the organization to give our approved standards away in electronic form, as we do.) Beyond that, companies can think ahead about things that are going to need standardization in the future; this allows the SSO staff to be proactive.
CR: Bring product and applications to market that implement standards and state so in their PR. Also, work with SSO staff to refine market messages and provide support of outreach and education activities. Finally provide continuing in-kind services and financial support.
CSB: What do members do (and/or their representatives) that helps the process most?
KB: Take their company hats off when entering the room to work on specification development or governance of the standards organization.
SO: Work with their competitors to get the best possible compromises that still produce a useful standard.
CR: In the OGC, the consensus collaboration, technical input, and volunteerism are incredibly strong forces that are consistently driving our standards process. I believe that these are some of the main reasons for the success of the OGC.
CSB: What do those that get the most out of the process for their employers do that's most effective in achieving that result?
KB: See my prior response; work for the standard, and not play games.
SO: Be very straight forward about what their organization wants in or out of a particular standard and why.
CR: Participate on a regular basis, provide input into the process, network with other member representatives, educate other employees and managers in their organizations, and not just talk the talk but also walk the walk.
CSB: What do member representatives sometimes do that causes their employers to get the least out of their membership?
KB: I really think it’s still that hat thing again – leave it at the door.
SO: Amusing themselves through debate, even though the issue is not germane to the technical outcome.
CR: Not participate, don’t learn, and don’t interact with the other members.
E. How Members Abuse SSOs
CSB: Alright, now what do members (and/or their representatives) do that causes the most problems?
KB: The reverse of my last answer. Looking after only their company’s best interests when participating in the standards organization. Certainly a company needs to know that it will see benefit from the resources it devotes to the work of the standards organization. But the world seems to have moved away from the “bigger pie” approach to the benefits from standards work in favor of the “bigger piece for me and my friends”.
SO: Members frequently change workload for their representatives, so they can’t complete things they had promised to do. There are also (thankfully only a few) representatives who try and play the procedures game, to slow things down by nit-picking the rules.
CR: We really have not had major member/representative issues that cause problems in the 10 years I have been involved with the OGC. Perhaps the primary issues are that at times there is a lack of consistency of representation from some member organizations and that schedules slip as key volunteers have commitments to their organizations that take higher priority. But this is a fact of life in a voluntary consensus standards organization.
CSB: What is it that representatives "get" the least about what you do as the director of the technical process?
KB: I think that generally the participants in my Technical Committees (TCs) understand what I do. They occasionally have trouble seeing the necessity of the various TCs working in a consistent manner and would prefer to “do their own thing” and go off in different directions. Our process allows this to a great extent; the TCs have a great deal of flexibility in how they conduct their day-to-day work. But part of my job is to make sure that this doesn’t go too far. I have to use my judgment in regards to deciding when something is “too far” from the norm and the rules.
SO: The need to keep documentation about everything that happened to ensure that we can demonstrate that due process was followed.
CR: Not sure. No one has ever said that they do not know what I do. Perhaps this is because I send an introduction letter describing my role in the OGC to every new member. Also, we have regular face-to-face meetings so that I get to know and speak to every attending member either one on one or in small working groups.
CSB: What is it that members "get" the least about what standard setting organizations do?
KB: I think that in general members understand the purpose of the standards organization pretty well. There’s been an occasion or two when a member has thought that our job is to resolve market disputes or to call another member on supposedly false marketing claims; we don’t do that.
SO: Trying to make sure that all points of view get considered.
F. Evolution (and Sometimes Progress)
CSB: What are the most significant changes that you've seen since you first became involved in standard setting?
KB: The old rule of “cooperate on the standards and compete on the implementation” has changed – companies are now bringing competition into the standards arena. Alliances, political and technical agendas, etc. have all made the creation of technical standards much more difficult. I’ve been saying for quite a while now that there are no technical problems, there are only political problems.
SO: Here are a few:
- The change in companies from the view that standards is part of their corporate responsibility to society, to the view that they should only care about matters that are in their own interest.
- The use of IT tools, which has changed the process from a discontinuous process of physical meetings, to one where the process never really stops. This has made short cycle standardization possible.
- The willingness (after passage of the original NCRPA) of companies to send people to alternative forums that are not “conventional” standards organizations. Companies are now much more sensitive to what they are getting out of standardization.
CR: There are several significant changes that have occurred during the ten years the OGC has been developing standards for the geospatial industry.
- The World Wide Web has changed much of the focus of the work of the OGC, such as the transition from work on standards for tightly coupled applications to loosely coupled distributed architectures.
- Web Services has accelerated and intensified the focus of our work.
- The increased acceptance and implementation of standards in the geospatial marketplace.
- Increased coordination and collaboration with other SSO’s, such as ISO, OASIS, the IETF, and the W3C. This is for two reasons. First, because much of our current standards work relies on other horizontal enabling standards, such as XML, SOAP, and BPEL. Second, because these other organizations also have requirements to incorporate geospatial content or payloads within their standards.
- OGC’s development and successful use of interoperability testbeds.
CSB: What outside forces are acting on your organization today that are affecting the technical process?
KB: The increasing interest in doing open source work and the controversies of intellectual property rights are both topics demanding a great deal of attention within standards organizations generally, and OASIS has been no exception. Balancing the needs and desires of a broad range of members on these topics is extremely difficult.
SO: The standards process is reflective of the interactions between the industries that populate it. We have cable operators; vendors of equipment for cable operators; vendors of consumer electronic equipment; and broadcasters. There are issues on which these industries have differing positions, and this is reflected in the standards process. This is overlaid by actual or potential regulation based on the content of standards. There is competition from other standards developers (CEA, SMPTE) but this is not a serious concern. We have a close working relationship with the primary consortium in our industry, CableLabs, and work to process their standards through ANSI and ITU.
CR: There are several market forces that are shaping the work of the OGC. These include aligning the work of the OGC with mainstream web services and related standards, considering factors related to integrating geospatial content and services into enterprise workflows and/or architectures, and an increasing requirement for education and outreach as a service to help organizations that are implementing our standards. OGC members are the ones who voice these market forces and as a consensus organization our ongoing standards development work reflects these member voiced requirements.
CSB: Do you think that there is more or less game playing today than when you first became involved in standard setting?
KB: Yes, absolutely. See my rant above about members wanting to fast-track already completed work.
SO: With the caveat that I switched industries, I think there is less game playing. There are still the fights between parties who want different outcomes, but there is far less of the internal fighting in the standards process. I think this is primarily because there are few organizations any more that have a “standards department” – nobody has the time for those fights.
CR: About the same. We have been fortunate that there is not too much game playing within the OGC process.
CSB: What differences has the advancement in technology platforms made for standard setting?
KB: It has greatly speeded the development of specifications (but it’s hard for the standards organization to keep up with the ever-increasing desires and demands of their members in providing these new tools). This also plays into process: Where in the past someone could be physically standing at the door of the physical room to allow admittance only to the people with credentials to participate, with modern collaborative tools such as wikis the entire world can be invited to participate in real time. While this allows all interested parties to participate (a good thing), it raises serious concerns as to the ownership of the work from both a process as well as IPR perspective. And of course advances in computer science theory and techniques must be given credit as well for the development of increasing sophisticated and powerful specifications.
SO: Huge. (I will note in passing that the ability to generate standards really quickly is not an unmixed blessing.)
CR: There is the influence of enabling technologies and standards from outside our domain that now allow us to create new profiles of existing standards that better serve the community. Examples of this are SOAP, WSDL, UDDI, BPEL, ISO Metadata, and of course XML.
CSB: How have relations between consortia and accredited SDOs evolved as consortia have gotten more respect?
KB: I see this as a positive thing. The international de jure standards organizations recognize, I think, the value of the work coming out of the consortia, both because of the levels of participation as well as the flexibility and speed of the consortias’ processes. The international organizations, in order to stay relevant, are seeing the need to work with the consortia, and in many cases are nurturing relationships and proactively working to advance consortia work through their own approval processes.
SO: I think the question here may be missing the mark. There has always been (at least in the high tech area) competition between standards developers. The introduction of consortia aggravates that, so the frustration level at any given SSO can rise because limited corporate resources (at least perceived to be so) get spread over more organizations, and perhaps away from your own. Beyond that, the distinctions between “SDOs” and consortia are all over the map – there are no comparisons that can be usefully drawn across the whole spectrum. I think SDOs (ANSI-accredited SDOs in the US, national standards bodies in other countries), and the big Is – ISO, ITU, and IEC – have some frustration that the things that used to be important (due process, openness, etc) do not seem to have the value they used to. On the other hand, I think that consortia have caused the SDOs to upgrade their own processes, thus raising the general level of quality.
CR: In our case, they have gotten stronger, especially with ISO.
CSB: What impact has the heightened focus on IPR issues had on the technical process at your SSO?
KB: This creates a lot more work for all parties involved. We can no longer merely all work towards the creation of a specification for everyone’s benefit; we have to be concerned with who owns what parts of the work, and whether the various owners will give permissions (licenses) to potential implementers. Unfortunately a lot of this responsibility lies on the shoulders of the TC participants themselves.
SO: Not much. We do have patents, but there have been no contentious ones or any of the fights that resulted in the Dell or Rambus legal disputes.
CR: It has lengthened the time it takes to adopt a new specification and the time it takes to adopt a revision to an existing adopted specification. This is because we had to institute a mandatory 60 day review period as part of the adoption voting process. It is also more onerous for the members as some may decide that they need to do a formal internal IPR review.
CSB: Has the focus on IPR rights made your job more difficult?
KB: Yes, significantly, and this will only increase over time.
SO: No, other than the problem of trying to get the participants to tell us about patents. (By and large they are just not willing to spend a lot of their personal time on this sort of thing.)
G. What is to be Done
CSB: If there are things that you think don't work well about the standard setting process, what are they?
KB: I think that the standards-setting process itself is still good, but the increased tendency for “gaming”, and the change in attitude towards competition in the standards environment, is troubling.
SO: The standards process is not good at distinguishing general relevance of standards except to the extent that the participants are willing to spend money to be there (and who may be either pushing their own products or acting in a purely defensive way.) This is made worse by a system that assumes that having a standard is always better than not having one; voting, for example, usually will allow a simple YES but requires reasons for a NO. The result is standards of questionable utility.
CR: In the OGC, perhaps the most difficult aspect of our work is keeping our standards harmonized (or consistent) with each other as well as working to stay harmonized or in sync with the standards work being done in ISO TC 211, OASIS and other SSOs.
CSB: If something could be done to fix those things, what would that be?
SO: New projects should have to pass an “I care” ballot – say at least 25% of the members think that a standard would be a good idea. That way they would at least think about it. In IEC TC 100, which does multimedia standards, a new project can be approved even if only two countries say they plan on working on it. Not the best situation.
CR: Resources and time – more of both!
Copyright 2004 Andrew Updegrove
FROM THE STANDARDS BLOG:
#22 This One’s for You, Albert Regular readers of this Blog will be aware that I am prone to developing a number of recurring themes, among them:
The concept of standards (e.g., things we agree on because we’re all better off when we do) manifests itself in ways both broad and rich,
As supposedly observed by Albert Einstein, “The universe is not only a queerer place than you imagine; the universe is a queerer place than you are capable of imagining”
In pursuit of news on the first theme, I often conclude that the great Einstein need not have looked beyond his morning paper to find weirdness beyond mortal comprehension. With 8 billion Web pages now indexed by Google and who knows how many million more being added every day, I am struck with this realization with increasing frequency.
How does such material come my way? Because this site publishes not only the Consortium Standards Bulletin, but also maintains a news portal (with RSS feed) on standards news that is updated on a daily basis, I use a variety of methods to gather news for filtering and presentation. And that brings me in intimate contact with all those billions of Web pages.
One of those news aggregation methods involves taking advantage of the automated search function that the good folks at Google provide free of charge to anyone that cares to use it. Try it yourself: Interested in punk rock toy poodles? Just set up an appropriate search request, and news of their antics may arrive in your in-box with alarming (at least to me) regularity.
Despite the fact that my own news gathering employs much less exotic search terms (e.g., consortium OR forum +”new standard”), I still receive notice of an amazing array of organizations that are, in their own way, quite exotic, and would doubtless suffice to set our friend Albert to head scratching.
As you may have expected, it’s now time for me to share. Herewith, some of my favorite recent examples of what the search engine dragged in, like a cat presenting a dead mouse to its bemused master. I dedicate them to the memory and wisdom of that master of the universe, Albert Einstein:
Isle of Man Hospitality Forum: When actor Stephen Fry commented publicly that this island in the Irish Sea had “the most appalling hotels”, as well as terrible food (except for the Tanroagan restaurant, which offers fresh seafood he found had “not been mucked about with”), the local hospitality industry sprang into action. And just in time, as Treasury Minister Allan Bell noted that business visitors often complain to him that the ancient Isle offers “very poor quality hotels, worse quality restaurants and very inconsistent levels of service.” What to do? Band together, of course, to set new standards for service. And just to show how determined they are to improve the image of the island, all of the negative quotes in the article in question at the Isle of Man website were removed two days later.
Isle of Man On-Line also holds other delights. With cow tipping the source of much levity in the U.S. these days, my favorite Isle of Man On-Line headline can only be this: “Fly Tippers Will be Prosecuted.” From the story itself, I quote Environment Minister, John Rimington, MHK: "My Department is determined to work with other agencies on the Island in order to identify fly-tippers and ensure they are prosecuted for their irresponsible behaviour….I hope that the recent case will cause those who might be tempted to fly-tip to think twice before doing so!" No nonsense allowed on the Isle of Man, where fly-tipping can bring a fine of up to 2,000 quid. (The link is below, for those that would know more.)
Manure Management Consortium: Some states have a lot of hogs. Logically, they soon find that they also have a lot of hog manure, which poses certain issues which cry out for, well, management. So it was that the State Universities of Oklahoma, Michigan, Iowa, North Carolina and Missouri banded together (how to say this delicately) to take the matter in hand. From a press release from the MMC, we learn that Iowa is the nation's leading hog producer, while Michigan lags behind in hogs (and presumably in their byproducts) at number 12. On the occasion of Michigan's admission to this worthy collaboration, Vern Bernuth (who heads the formidably named “MSU Animal Manure Management Task Force”), observed: "Finding improved methods for managing livestock wastes as an economic asset will remove many barriers to what is the forefront of a potentially large expansion in the animal industry in Michigan." Even in 12th place Michigan, more than 24 million tons of livestock wastes are generated each year. It makes you stop and think, doesn't it?
European Football Finance Forum: It goes without saying that soccer is big business, at least outside the U.S. That’s why we were surprised to learn from a recent press release that the 3 rd Annual Meeting of the European Football Finance Forum will be confronting the fact that the football industry is apparently wallowing in “a period of sobering stagnation.” No assemblage of athletes or hooligans, this, but rather representatives from global accounting firm Deloitte, leading investment bank Credit Suisse First Boston, and a host of other media, bank, and supporting industries, as well as owners of football clubs. Topics addressed at the Forum’s two day meeting in London included:
- The role of trade finance in negotiating player transfers
- The financial impact of youth development, player loans and tie-up deals
- How to profit from the relationship between the fans
- A quantified approach to sponsorship and alternative revenue streams
With topics like these, no one could argue with the Forum’s assertion that “If maintaining future stability and growth in football finance affects your business, this event is not to be missed.” One can only assume that those who did not attend will be burdened with expensively developed youth, and will fail to make a single Euro as a result of their fans enjoying their relationships.
Still and all, each of these strange examples of collaboration once again go to show that every type of standard matters (at least to someone), whether it applies to maintaining sufficient civility in Isle of Man taxi drivers, or optimal exploitation of the relationships of sports spectators.
As Albert Einstein could hardly fail to agree, when you live in a universe that is queerer than you are capable of imagining, standards are all that lie between us and chaos.
Or at least a hell of a lot of unmanaged manure.
Copyright 2004 Andrew Updegrove
Postings are made to the Standards Blog on a regular basis. Bookmark:
THE REST OF THE NEWS
Who’s Doing What to Whom
Whither goest thou, UWB? The entire concept of standards is based upon agreeing on one way of doing things. For every rival way of accomplishing exactly the same task, the value of having a standard at all decreases dramatically. Thus an important goal of any standards development activity is keeping everyone working within the same virtual room. When that goal is thwarted, everyone tends to lose, at least until such time (if ever) as one rival group succeeds in convincing the marketplace that its solution should win (with market forces, rather than quality, often deciding the winner). The prospect for such a result has just arisen in the Ultrawideband (UWB) space. Time will tell whether the competing efforts of the two rival groups described below will be reconciled in the near term, or whether a protracted struggle, with attendant unfortunate market results for vendors and customers alike will ensue.
UWB standard split as product roll-out takes priority
By: Denes Bolza
Ferret.com.au, November 12, 2004 -- Pressured by business and consumer imperatives, an Ultrawideband (UWB) vendor group has bypassed a standards-setting quagmire and struck out in its own, confirming what has been lately increasingly evident: that there will now not be a universal UWB standard. Consumers will thus be faced with having to choose between two competing common air interfaces. Last month, the Multi-Band OFDM Alliance (MBOA) announced that it had finalised its physical layer (PHY) 1.0 specification for UWB, the leading contender for the technology behind the emerging IEEE 802.15.3a standard for high-speed, short-range wireless networks. The MBOA, which is strongly aligned to Intel and Texas Instruments, hopes to complete its specification by the end of the year. The rival vendor group - the UWB Forum - has yet to respond to MBOA’s challenge. Driven to a large part by Motorola and XtremeSpectrum, the UWB Forum is developing a Direct Sequence version of UWB (as opposed to the MBOA’s “frequency hopping” solution)….Full Story
Standards and the Home
Good News/Bad News/Good News: A mixed bag on the (literal) home front this month. On the plus side, the first and last stories below report progress on two different consumer product interface fronts, offering hope that use-specific remote controls won’t proliferate in scale to the explosion of wireless light, heat, entertainment and other computer controlled devices and systems that will be propagating like guinea pigs in our homes over the decade to come. Absent such progress, you’ll need to reprogram your Roomba to follow you around the house with a basket of remotes balanced on its back. The middle story is less happy, reporting on a “standards conundrum” impeding the advent of High Definition video in the home.
Converged home entertainment standard mooted
By: Robert Jaques
VNUNet.com, November 1, 2004 -- A group of consumer electronics and semiconductor companies, including Samsung and Philips, have thrown their weight behind a scheme to develop standard hardware-independent application programming interfaces (APIs) for next-generation home entertainment devices. Launched today, the Universal Home Application Programmer Interface (UHAPI) Forum aims to standardise APIs for analog and digital televisions , set-top boxes, DVD players and recorders, personal video recorders, home servers and other consumer audio/video devices. ...Full Story
By: Maury Wright
EDN.com, November 1, 2004 -- HD (high-definition) video is stalled again. That refrain is familiar to those of us who have waited the better part of a decade to get our HDTV . But this time, high-definition is DVD stuck in the standards conundrum. The situation perfectly illustrates the complexities involved in setting standards for state-of-the-art products-with a global plot twist thrown in for good measure. The DVD industry's track record when it comes to standards is far from perfect. Remember when Sony, Philips, and others went against the DVD Forum to establish theDVD+RW format after the Forum shunned the +RW technology in favor of DVD-RAM and DVD-RW? That fight delayed the widespread adoption of DVD recorders for three years. ...Full Story
UPnP Forum and UPnP Implementers Corporation Launch Standard for Remote User Interfaces
BusinessWire.com, San Ramon, CA, October 26, 2004 -- The UPnP Implementers Corporation announced today that its device certification program now includes support for new functionality for UPnP enabled products. The Remote User Interface (UI) standard will allow users to control a variety of products via wireless or wired networks . "The Remote UI (RUI) standard delivers a key piece of UPnP technology functionality that allows a server to deliver a user interface application to a remote client for display and user interaction," said Toby Nixon, chair of the UPnP Forum Steering Committee. "For example, using the RUI standard, the user interface for a home security, lighting or climate control system running on a PC or a dedicated box could be discovered, connected to and utilized on a Remote UI client connected to (or imbedded in) a television set. ...Full Story
Standards and Society
Remember natural disasters? With all of the attention focused on first responder communications and other terrorist-related standards since 9/11, its easy to forget that the standard setting infrastructure, both private and regulatory, has worked for decades to better protect us when natural disasters strike – as they do somewhere every week. The following article highlights the type of quiet and pervasive work that continues on a steady basis in a multitude of standards venues to make not only the world around us, but the homes we live in as well, a safer place to be.
National Groups Join to Improve Disaster-Related Building Codes
ICC Press Release, November 4, 2004 -- Two national organizations with a mutual interest in developing and implementing effective building codes to protect homes and businesses from natural disasters today joined forces to share resources and expertise. The International Code Council, based in Falls Church, Va., and the Institute for Business & Home Safety (IBHS) of Tampa, Fla., have signed a strategic alliance agreement that paves the way for the two groups to work together on the research, development, adoption and enforcement of building codes on the state and national levels that address disaster-resistant residential and commercial construction. ...Full Story
Now you could vault the turnstiles and not get arrested: Card readers in commuter stations were quite an innovation when they first appeared, adding convenience and lowering personnel and other costs. Now, short-distance wireless technologies are set to revolutionize a multitude of everyday tasks, from transferring data and pictures to speeding up your passage through commuter turnstiles even more. The following story reports on a pilot using standards-based “contactless” fare cards that was conducted last month in San Francisco.
Contactless cards and readers pass interoperability tests by New York/New Jersey transit organization
CR80 News, October 25, 2004 -- The Port Authority of New York and New Jersey (PATH) have been conducting pioneering work on a standard for contactless fare collection. Last week (October 19, 2004), officials conducted an interoperability test to demonstrate the ability of various ISO 14443 compliant contactless technology to function running their evolving standard. The public trial was held in San Francisco using a series of cards and readers from different vendors, testing each one's ability to perform a different type of fare setup. ...Full Story
Do not pass go, do not download Explorer 6.0: One well-understood problem with monopolies is that they stifle innovation. It usually doesn’t pay to try to try to displace the monopolist, and the monopolist has no incentive to update or innovate, since there’s no pressure from competition. The result is that the marketplace has to take what the monopolist is willing to give it. Even when the monopolist does choose to upgrade, the features added needn’t be the ones that the customer really wants. That may be about to change on the Web, as a number of new browsers have recently been released or upgraded. The one that is picking up the most momentum is Firefox, based on the venerable Netscape platform where easy Web browsing all began. The popularity of Firefox arises party because of its features, partly because it is open source (which guarantees it an initial market among the aficionados of that development methodology) - and partly because it appears to be very good. Whether it will leap the chasm from early adopters to mainstream users remains to be seen, but given the increasing popularity of Linux with IT department decision makers, the importance of browsers to corporate users, and the annoyances of spyware and similar plagues to which Explorer is vulnerable, we think that Explorer is finally going to feel some pressure to respond to marketplace desires. If that happens, even those that stick with Explorer will win, as Microsoft will need to begin competing feature for feature with Firefox, and not just give the marketplace what Microsoft wants it to have.
Firefox 1.0 Lives Up to Hype
By: Jim Rapoza
eWeek, November 9, 2004 -- There's been a lot of hype surrounding the Mozilla Foundation's Firefox browser, and eWEEK Labs' tests of Version 1.0, released today, show the hype is well-deserved. During tests, we found Firefox 1.0 to be extremely intuitive, with probably the most minimal learning curve imaginable. In addition, the Linux and Mac OS X versions of Firefox are functionally identical to those on Windows, making Firefox an excellent cross-platform solution. Given the unprecedented pickup of Firefox in beta form, many people may be surprised that Firefox hasn't already shipped. ...Full Story
And while we’re talking about Microsoft: As noted above, Linux has already jumped the chasm, and Microsoft has been reacting to that reality. The following story focuses on one way that Microsoft is trying to counter the rapidly accelerating penetration of open source operating systems into its market place: by focusing on possible vulnerabilities of LInux to claims of infringement. The following story reports that Microsoft has decided to capitalize on SCO-induced infringement fears by broadening its own infringement warranty – the equivalent of trying to sell more cars by doubling the number of years and miles that your factory warranty will last. Of course, the risk to Microsoft of doing so is probably very low, given that its products have been deployed for many years without challenge, its patent portfolio is rapidly increasing (and can therefore be used for defensive cross-licensing purposes if it ever is sued for infringement), and its largest customers (i.e., the only ones who would ever be likely to actually make a warranty claim) were already covered. In short, a smart marketing move.
Microsoft Expands Intellectual Property Indemnification Coverage
Yahoo.com, November 9, 2004 -- Microsoft Corp. said it will expand its intellectual property (IP) protection policy and now cover all customers using current and earlier versions of its software, in a move designed to further differentiate its products from Linux (news - web sites) competitors. Until now, Microsoft's large volume licensing customers were the only ones protected under its IP indemnity program, but this latest move, to be announced by the Redmond, Wash. software maker on Wednesday, extends that to all users running software covered under the program. ...Full Story
There’s always room for one more: The last few years have seen a veritable algal bloom of new consortia in the security space: homeland security, cyber security, you name it security, not to mention all manner of anti-spam, anti-phishing and other initiatives targeted at curbing a wide range of abuses of email. The following article reports on yet one more new collaborative effort launched to try and hold off the barbarians at the gate (or, in this case, at Web services application firewalls). It’s unlikely to be the last new security group we will bring to your attention, although we believe that the pace of new security organization formation will slow down in 2005.
Group aims to create hallmark of security
By: Matt Hines and Dawn Kawamoto
CNETNews.com, November 8, 2004 -- The Applications Security Consortium, comprised of F5 Networks, Imperva, NetContinuum and Teros, plans to make its formal launch at the Computer Security Institute's annual conference in Washington, D.C., on Tuesday. The joint initiative aims to establish "minimum criteria" for protecting Web-based applications. "The four of us have expertise in application firewalls, and it occurred to us independently that there was a need for clarification in the market," said Gene Banman, chief executive of NetContinuum, who noted the group formed last month. "The incumbent security vendors have made claims about application firewalls that have created confusion in the space." ...Full Story
Yin and Yang: The following stories represent the continuing angst in XML circles regarding at what point a lot of something valuable tips over into being too much of a good thing.
Yin: In the Ying category this month, we have the following two stories. The first reports on the release of an important new broad-impact XML-based standard from OASIS that will facilitate the conduct of business. The second reports on a more narrow but equally important data challenge, as Homeland Security “tweaks” the XML Data Reference Model to facilitate exchange of counter terrorism data. More of a good thing in both cases.
Universal Business Language (UBL) Version 1.0 Approved as an OASIS Standard.
The Cover Pages, November 8, 2004 -- OASIS has announced the approval of the Universal Business Language (UBL) Version 1.0 as an OASIS Standard. UBL "defines a common XML library of business documents, such as purchase orders and invoices, as well as reusable data components from which an unlimited number of other documents can be constructed. UBL is the first standard implementation of the ebXML Core Components Technical Specification." Developed within the OASIS Universal Business Language Technical Committee and numerous subcommitteees, UBL "is the product of an international effort to define a royalty-free library of standard electronic XML business documents. ...Full Story
Counterterror data sharing will rely on XML
By: Susan M. Menke
GCN.com, November 8, 2004 -- The Homeland Security Department will tweak the new Data Reference Model to create a data model for the exchange of counterterrorism data. Under Executive Order 13356, DHS data architect Michael Daconta is leading a revision of the Federal Enterprise Architecture's 30-page DRM to share counterterrorism data while preserving individual privacy. "I'm amazed that Extensible Markup Language has become so important" to the effort, Daconta said last week at a meeting of the Association for Information and Image Management's National Capital Chapter in Arlington, Va. ...Full Story
Yang: In the too much of a good thing category, we have the comments of an author in the first story below believes that after the “elders” gave XML to the world, things soon “spiraled out of control.” In the second, the author reports that German IT industry leaders are “demanding” greater discipline in resisting the proliferation of XML dialects.
XML's growing pains
By: Uche Ogbuji
ADTMag.com, November 1, 2004 -- XML 1.0 was developed by a roundtable of SGML veterans, the worthy founding elders of the phenomenon that XML has become. The result of their initial burst of energy was the first generation of XML technologies. The elders always said that XML 1.0 was but one part of a foundational trio comprising XML Core (syntax), XML Stylesheets and XML Linking, but it didn't take long for things to spiral out of control. Some influential early voices wanted vocabulary namespace capabilities, so XML Namespaces were born. The effects of namespaces combined with other considerations to drive the development of an XML schema language to supersede DTDs, so W3C XML Schemas (WXS) were born. The programming folk wanted a standardized API for XML, so DOM was born. ...Full Story
Standardization cuts e-government costs
Heise Online, October 29, 2004 -- The German Federal Association of the IT, telecommunications and new-media industries (Bitkom) demands that public authorities in Germany in developing e-government applications adhere to a greater degree to existing standards. In its capacity as the leading organization dedicated to standardizing e-business and e-government the United Nations Centre for Trade Facilitation and Electronic Business (UN/CEFACT) had adopted the data model UN/CEFACT Core Components Technical Specification (CCTS) and the process model UN/CEFACT Modeling Methodology (UMM), the Association noted. Anzeige Bitkom's demand was prompted by the fact that meanwhile about 1,000 different XML dialects are making data interchange increasingly difficult. ...Full Story
Social responsibility and manufacturing: In our July, 2004 issue of the CSB, we reported that ISO had decided to address ethical as well as technical issues (see ISO to Set Guidelines for Social Responsibility)The following article reports on one example of this concept taking root in the technology sector which, like the athletic shoe industry, does much of its manufacturing in those parts of the world where labor is cheapest.
Electronic suppliers to implement code of conduct
By: Spencer Chin
EETimes, Manhasett, NY, November 10, 2004 -- Cisco Systems Inc., Hewlett-Packard (HP), Microsoft and Intel Corp. announced Wednesday (Nov. 10) the formation of a supply chain working group to develop integrated implementation plans for the recently announced Electronics Industry Code of Conduct (EICC). The code was recently developed to establish and promote unified industry expectations for socially responsible practices across the electronics industry's global supply chain. The new working group, facilitated by Business for Social Responsibility (BSR), will develop common mechanisms and tools that will enable compliance with the Code. ...Full Story
| What can we say - We like the Unicode: Ever since we learned of the Unicode Consortium, we’ve had a soft spot for it and its good work. Unlike the large, well-financed groups that directly serve the interests of their large corporate members, the Unicode project serves those who have no power, no money, and no voice. By doing the hard labor of making more and more of the languages of the world computer readable, they give access to all that the Internet and the Web can offer to those who need it most. Here is a report on their newest release.
Unicode Releases Common Locale Data Repository, Version 1.2
Yahoo.com, Mountainview, CA, November 4, 2004 -- The Unicode(r) Consortium announced today the release of new versions of the Common Locale Data Repository (CLDR 1.2) and the Locale Data Markup Language specification (LDML 1.2), providing key building blocks for software to support the world's languages. This new release contains data for 232 locales, covering 72 languages and 108 territories. There are also 63 draft locales in the process of being developed, covering an additional 27 languages and 28 territories. To support users in different languages, programs must not only use translated text, but must also be adapted to local conventions. ...Full Story
| Honest – I’m really not dead yet: In recent issues, we have reported on the rebellion by the Open Source community over sublicensing restrictions that Microsoft had sought to attach to the anti-spoofing technology it had offered to the IETF as part of the proposed Sender ID standard. As a result of those objections, the IETF disbanded the MARID working group that had been advancing the specification. As the following articles report, there have been continued discussions, and it appears that Sender ID may yet achieve wide usage.
Sender ID Up for Discussion in D.C.
By: Jim Wagner
Internetnews.com, November 9, 2004 -- Microsoft's controversial Sender ID for E-Mail dominated the opening panel of a two-day e-mail authentication summit sponsored by the Federal Trade Commission (FTC) and the National Institute of Standards and Technology (NIST). In addition to Sender ID, the summit will focus on other technologies it is hoped will combat the growing amount of spam and phishing attacks that clog user inboxes and steal personal information. ...Full Story
AOL to Support Sender ID E-Mail Standard
By: Larry Seltzer
eWeek, October 25, 2004 -- America Online Inc. will support a new, modified version of the Sender ID e-mail authentication specification that is being submitted to the IETF for consideration Monday. The Sender ID specification had been in limbo since the collapse of the MARID working group in September. A new version of Sender ID, modified to address concerned such as AOL's, is being submitted Monday to the IETF by SPF author Meng Wong and Microsoft. ...Full Story
…But you might want to kill me anyway: While Microsoft was showing flexibility on Sender ID licensing terms, other actions on its part were causing new alarums to sound within the IETF. In the following article, an engineer active in the evaluation of another licensing offer by Microsoft states his opinion that new mischief may be afoot. Stay tuned.
Is Microsoft Ready to Assert IP Rights over the Internet?
By: Steven J. Vaughan-Nichols
eWeek, November 5, 2004 -- Has Microsoft been trying to retroactively claim IP (intellectual property) rights over many of the Internet's basic protocols? Larry J. Blunk, senior engineer for networking research and development at Merit Network Inc., believes that might be the case. Blunk expressed these concerns about Microsoft's Royalty Free Protocol License Agreement in a recent note to the IETF's Intellectual Property Rights Working Group. Specifically, Blunk suggested that Microsoft seemed to be claiming IP rights to many vital Internet protocols. And by so doing, "Microsoft is injecting a significant amount of unwarranted uncertainty and doubt regarding non-Microsoft implementations of these protocols," Blunk said. ...Full Story
Once upon a time: There was a time not so long ago where there was only one way that ICT (and many other) standards could be approved globally: they had to be created by organizations that were “accredited” by an internationally recognized national standards body as meeting certain requirements. Only organizations that were so accredited, or that were themselves the internationally recognized standards body for a country, could offer their standards for approval by the various global standards organizations. In the last 20 years, however, hundreds of consortia have sprung up that have elected not to seek accreditation, even though many of them meet accreditation criteria. As the work of those organizations has become more important, the global standards bodies have responded by creating ways that consortium standards can be approved internationally, thus allowing useful work to be properly recognized, but decreasing the importance of national standards accrediting organizations. The following press releases give examples of this process.
GlobalPlatform Contributes Card Technology to ISO For New International Smart card Standard
Global Platform Press Release, November 2, 2004 -- GlobalPlatform has submitted a technical contribution, based on the GlobalPlatform Card Specification v2.1.1, to the International Organization for Standardization (ISO) to aid in the development of a new international standard within the ISO IEC* 7816 standard series for smart cards - the ISO/IEC 7816 part 13 standard, for application management in a multi-application environment. GlobalPlatform's contribution was supported by the US InterNational Committee for Information Technology Standards (INCITS), the American National Standards Institute (ANSI) committee responsible for smart card technology. ...Full Story
ISO/TC211 Approves OGC Web Map Service as International Standard
Open Geospatial Press Release, Wayland, MA, November 1, 2004 -- ISO has approved an International Standard developed by the Open Geospatial Consortium (OGC(TM)) with input from the ISO technical committee responsible for the ISO geographic information: ISO/TC211 Geographic Information/Geomatics. The OpenGIS(R) Web Map Service (WMS) Interface Specification was approved by a ballot of the national bodies that are members of ISO. The OGC's WMS Specification (now also ISO 19128) specifies protocols that provide uniform access by HTML clients to maps rendered by WMS enabled map servers on the internet. Software complying to the specification enables automatic overlay, in ordinary web browsers, of map images obtained from multiple map servers, regardless of map scale, projection, earth coordinate system, storage format, or vendor solution. ...Full Story
| High stakes: In our May 2004 issue, we focused on the ways that nations can use standards as trade barriers, and highlighted the point with an article that described an impasse between U.S. manufacturers and China over the Wi-Fi wireless standard (See: Breaking Down Trade Barriers: Avoiding the China Syndrome ). After high-level State Department intervention, China agreed to join the fold and adopt an international standard rather than its own domestic variant. However, that resolution is just the beginning. The Chinese government places a high priority on standards development, and funds such efforts heavily. As with so many other areas of commerce, we can expect that the efforts of the Chinese will be felt from inside the process as well as from outside. The following article from ChinaDaily.com demonstrates the sharp contrast between this centrally planned economy’s approach to standard setting, in contrast to the United States government’s “hand’s off” approach, and almost total absence of economic support.
China dialing into radio tags?
By: LI WEITAO
ChinaDaily.com, October 19, 2004 -- Chinese companies are being urged to play a greater role in drafting standards for radio-tag technology, which is expected to revolutionize the manufacturing and retailing sectors. The technology, called radio frequency identification (RFID ), also referred to as a supercharged version of the barcode, can help track goods, automate banking services and improve product quality. "Chinese industries and businesses should work together, and co-operate with relevant foreign companies, to set a unified standard for RFID," said Zheng Xinli, vice-director of the Policy Study Office under the Central Committee of the Communist Party of China. ...Full Story
Smart Cards Update
| One card to rule them all: Magnetic stripe credit cards have been around for quite some time, but most people are not aware that a new generation of card, with an on-board microprocessor, is a next generation technology that is preparing to be widely deployed. Such cards can store data on a wealth of topics, such as health information and travel preference profiles, all of which are controlled by standards that have been under development for some years. Not surprisingly, credit card companies have at the forefront of standards efforts in this area, but it is the Federal Government that has been most active in committing to the actual deployment and use of this new technology. The following selection of articles give an idea of how smartcards will be used in the near future, as well as some of the challenges of transitioning to this new technology.
One card for travel and payment could become reality in Asia
By Farah Abdul Rahim
Channel NewsAsia, SINGAPORE, November 14, 2004 -- There could soon be one standard for ID cards to be used throughout Asia -- from Singapore to Japan and even China -- so you won't need to carry multiple cards in future. The One Card-One Asia vision is an ambitious expansion of Singapore's EZ-Link card, a smart contactless card now used not just on Singapore's public transport system, but also the library and even a fast food restaurant…. The ultimate aim is to use such a card for travel as an e-passport, and even for payment….But they say it will take at least three more years and some political will from regional countries to bring the One Card, One Asia vision closer to reality. There are also legal and security concerns that have yet to be worked out....Full Story
NIST Requests Comments on Draft Federal ID Standard
NIST Tech Beat, November 10, 2004 -- The National Institute of Standards and Technology (NIST) is looking for comments on a draft Federal Information Processing Standard (FIPS) for a smart-card based form of identification that all federal government agencies will issue to its employees and contractors. On Aug. 27, 2004, President Bush issued a directive calling for the mandatory, government-wide standard (www.whitehouse.gov/news/releases/2004/08/20040827-8.html). The directive noted that adopting a uniform format for government ID badges will eliminate the wide variations in the quality and security of forms of identification used to gain access to federal facilities and non-national security systems. The draft standard specifies the framework, architecture and technical requirements for the personal identity verification (PIV) card, including cryptographic, biometric and card reader specifications...Full Story
U.S. government smart card efforts get major boost from the President, NIST, and ISO
CR80 News, October 24, 2004 -- Keeping tabs on the U.S. federal government's smart card progress is tough. Memorize a list of acronyms today and they are likely to become old news as new agencies and initiatives take precedence. Though somewhat frustrating, this is a very positive indicator of the rapid progress being made as the U.S. federal government's smart card approach matures. In recent weeks, this progress has been further expedited by a Presidential Directive (HSPD-12), a national standardization effort (FIPS 201), and progress toward a potential international standard (ISO 24727). ...Full Story (requires log-in)