[Am-info] DoD Must Purchase Only NIAP Certified Products
Fred A. Miller
fm@cupserv.org
Wed, 22 May 2002 11:43:10 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
DoD Must Purchase Only NIAP Certified Products
Starting in July, the Defense Department will be required to purchase
only the information assurance products that have been certified by
the National Information Assurance Partnership (NIAP). NIAP, an NSA
initiative, has certified about two dozen products so far.
http://www.fcw.com/fcw/articles/2002/0513/web-niap-05-16-02.asp
[Editor's (Ranum) Note: This is interesting. What about the installed
base? What about enforcing this? What organizations will be able to
get waivers? Excuse me if I am cynical but I remember "C2 by 92!" and
the orange book. I bet this is going to accomplish nothing.]
- --=20
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjzrvI4ACgkQB9vk4ichYXfv+ACgktndv6wYINOx4xY1+zPRx/eu
nrYAn12TE1feH2lmhKusHq4Cj6NL7Kiy
=3DlDby
-----END PGP SIGNATURE-----