I'm seeing a good response so far. Hoping to reach 100 small and medium businesses providing software to the US Government sign-on to this collaborative joint filing effort before the filing deadline for this CISA call for comments.
Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council – A Public-Private Partnership Never trust software, always verify and report! ™ http://www.reliableenergyanalytics.com Email: [email protected] Tel: +1 978-696-1788 -----Original Message----- From: SCITT <[email protected]> On Behalf Of Michael Richardson Sent: Sunday, April 30, 2023 1:18 PM To: [email protected]; [email protected]; [email protected] Subject: Re: [SCITT] [spdx] CISA's proposed attestation form is now available and they are seeking comments L Jean Camp <[email protected]> wrote: > I am interested. Also I would like to know if anyone else has any interest > in ensuring attestation standards have space to enable cryptographic > agility or move towards self attesting addresses? If you pick an IETF specification like CWT/COSE (EAT) and agility is built in to the specification. Roll your own stuff, and you are probably in trouble. But there is more than formats and specifications needed to support agility. People have to use a variety of things so that software regularly is ready to accept the variety. -- Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#1684): https://lists.spdx.org/g/spdx/message/1684 Mute This Topic: https://lists.spdx.org/mt/98598024/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/spdx/leave/2655439/21656/1698928721/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
