daniel:// stenberg://

1 month ago

daniel:// stenberg://
1 month ago

"Secure Software Lifecycle for Open Source Software" according to the German Federal Office for Information Security (BSI)

bsi.bund.de/SharedDocs/Downloa…

BSI TR-03185-2 Secure Software-Lifecycle for Open Source Software

This Technical Guideline BSI TR-03185-2 “Secure SoftwareLifecycle for Open Source Software”, or “SecureOSS Lifecycle” for short, complements the BSI TR-03185(-1) “Secure Software Lifecycle”, which solely addresses the lifecycle of proprietary softwar…

^{Federal Office for Information Security}

in reply to daniel:// stenberg://

daniel:// stenberg://

in reply to daniel:// stenberg:// 1 month ago

They're perfectly reasonable and even half-decent projects should have no problems complying.

in reply to daniel:// stenberg://

lb1a

in reply to daniel:// stenberg:// 1 month ago

Sensitive content

@daniel:// stenberg://

in reply to daniel:// stenberg://

Andreas Wieland

in reply to daniel:// stenberg:// 1 month ago

Thx for sharing this. Our products are not OSS, but I'm in the process of gathering all sorts of information about the upcoming #CRA and this might be helpful.

#cra

⇧

daniel:// stenberg://

daniel:// stenberg:// 1 month ago • •

BSI TR-03185-2 Secure Software-Lifecycle for Open Source Software

daniel:// stenberg://

lb1a

Andreas Wieland

daniel:// stenberg://
1 month ago