|

 
|
| | Name : | Ron Crane | Organization : | N/A | Post Date : | 9/30/2005 |
| Section : | .20.5.4.2 | Page no. : | | Line no.: | | Comment : | 7f.
f. Vol. II, §5.4.2's coding conventions are actually meant to be used only
"if the vendor does not identify an appropriate set of coding conventions in accordance with the provisions of
Volume I, section 4.2.6.a."
That section, in turn, only requires that "vendors shall identify the published, reviewed, and industry-accepted coding conventions used and the test lab shall test for compliance."
But an arbitrary "industry-accepted coding convention" chosen by a vendor does not provide sufficient security for voting systems. The Guidelines should provide and require
the use of rigorous standards. | |
|
|