On 9/27/05, Tripp Sims <[EMAIL PROTECTED]> wrote: > Stephen J. Smoogen wrote: > > > The standard big stick is that the US Govt OMB will require all US > > Govt Computers to use vendors that list their viruses with the CME > > numbers. This uses the 'we are going to spend our money on those who > > comply' which gets most vendors to comply. This also works against > > 'free' products if they do not 'comply'. > > Do you have a basis of reference for this assertion? > _______________________________________________
>From my day job. When looking at purchasing various products, we go from our Department guides which are based on OMB and/or NIST standards. If the US Govt is serious about it.. then the OMB would put in a clause that US Government funds could only be used when the anti-virus company meets XYZ NIST standard. Then the various US Departments (Energy, Defense, Homeland Security, etc) will write up procurement standards to meet those guidelines. If the US Govt is not serious about it, then they wont. It usually takes 2-4 years for one of these procedural changes to work their way through the bueracracy so I wouldnt expect it til 2008 but could be wrong as some things get pushed by OMB as an immediate item. -- Stephen J Smoogen. CSIRT/Linux System Administrator _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
