Government Computer News (GCN) -- Contract addendum could enforce software security

["Kenneth R. van Wyk" <Ken () krvw com>]

Another FYI today...  I saw an interesting article in GCN (via a link from 
LinuxSecurity.com) regarding an announcement from the folks at Ounce Labs.  
The article (which is at http://www.gcn.com/23_26/product-briefs/27167-1.html 
for those interested) states, "Ounce Labs has published sample contract 
language for software development that sets specific security standards and 
requires a security audit of the source code. The language frees the buyer 
from having to pay for software that does not meet the standards."

Anyone here familiar with any organizations that have adopted Ounce Labs' 
contract verbiage -- or something conceptually similar to it?

Cheers,

Ken van Wyk
-- 
KRvW Associates, LLC
http://www.KRvW.com