Re: Installation and setup of secure applications

[der Mouse <mouse () Rodents Montreal QC CA>]

> everything being written about here sounds like the domain of the
> software testing group,

I agree...

> not development.

...I don't agree.

Testing quality in is no substitute for building quality in, and if
anything that's even more true for software than physical artifacts.

> it's widely observable that the mixing of development and testing by
> one group of people leads to poorly tested code.

Yes.  You need a testing group distinct from your coding group.  But
you _also_ need your coders to do testing; just as there are some flaws
that those familiar with the code can't see, there are other flaws that
those _un_familiar with the code can't see.  And code familiarity is
not all there is to it.  Whatever your intended audience, you need
testers from that intended audience; if it's not coders, your own
coders, even if they test others' work (as well as their own), can't
test from a non-coder perspective.  (Well, most of them.  The few that
can will be worth their weight in gold, especially as they are probably
polymaths in other respects too.)

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               [EMAIL PROTECTED]
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B