* Abhijit Menon-Sen (ams@2ndQuadrant.com) wrote:
> I foresee lots of disappointment, then. I don't think even Stephen is
> advocating NIST-compliance as the *baseline* for serious auditing in
> core, just that we need a design that lets us get there sometime.
Agreed. I'm not suggesting that we must be fully NIST/PCI-DSS/whatever
compliant before we add anything but rather that we have a plan for how
to get there. Note that the plan is needed primairly to ensure that we
don't end up in a situation that makes it difficult to move forward in
the future due to compatibility or upgrade issues.
Thanks,
Stephen