At 9:44 AM -0400 6/30/08, Kenneth Van Wyk wrote: > Happy PCI-DSS 6.6 day, everyone. (Wow, that's a sentence you don't > hear often.) > > http://www.internetnews.com/ec-news/article.php/3755916 > > In talking with my customers over the past several months, I always > find it interesting that the vast majority would sooner have root > canal than submit their source code to anyone for external review. > I'm betting PCI 6.6 has been a boon for the web application firewall > (WAF) world.
The "Note:" at the end of PCI DSS (v1.1) 6.6 talks about "this method" but typographically seems to apply to both bullets. Does anyone know what the authors had in mind ? -- Larry Kilgallen _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________