|

 
|
| | Name : | Ian S. Piper | Organization : | Diebold Election Systems, Inc. | Post Date : | 9/29/2005 |
| Section : | A1C | Page no. : | | Line no.: | | Comment : | In Appendix C, in the best practice regarding "(6.0.4.1) Software Distribution Methodology Requirements", the first bulleted item uses language to indicate that voting system users can get their voting software from EAC accredited test authorities but the language does not indicate that any distribution from someone other than the vendor must be authorized by the vendor in writing. The voting software is the property of the vendor, whose business involves selling licenses to use the voting software. There needs to be a qualification identified with this best practice that indicates that written authorization from the vendor is required. If a customer feels that verification of vendor delivered software utilizing the NSRL hash codes is insufficient and requires the software delivered directly from the EAC accredited test authorities, then a request can be made to the vendor for such delivery. The hope is that customers will learn to use the NSRL hash codes and be self-sufficient in verifying the software delivered to them.
Proposed change: In the first bulleted item, add to the end of the sentence ", if authorized in writing from the vendor." | |
|
|