CERT C Secure Coding Standard

["Robert C. Seacord" <rcs () cert org>]

The CERT/Coordination Center at the Software Engineering Institute at
Carnegie Mellon University has lead a community effort to develop secure
coding standards for the C and C++ programming languages. This work is
being performed on the secure coding wiki at
www.securecoding.cert.org.   In particular, we have made significant
progress on the CERT C Programming Language Secure Coding Standard since
work first begun over a year and half ago and our progress as been
reviewed by the ISO/IEC WG14 international standardization working group
for the programming language C at both the London and Kona meetings. 

We would again like to invite the community to review and comment on the
current version of the standard available at www.securecoding.cert.org
before we publish version 1.0 of the standard.  We prefer that you post
your comments directly on the wiki, but can accept comments by email. 
To post comments directly on the wiki, simply create an account on
www.securecoding.cert.org and post your comments below the appropriate
rule or recommendation.

There is some possibility that ISO/IEC WG14 may eventually publish this
document as either a type II or a type III (informational) technical
report. This document may also be mined for ideas for the next major
revision of the C language standard.  As a result, we would greatly
appreciate your time and expertise in reviewing the standard, and we
will acknowledge your contributions.

Thanks,
rCs


-- 
Robert C. Seacord
Senior Vulnerability Analyst
CERT/CC 

Work: 412-268-7608
FAX: 412-268-6989

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave