[SCITT] NASA presentation today
Dick Brooks <dick@reliableenergyanalytics.com> Mon, 15 April 2024 19:37 UTC
Return-Path: <dick@reliableenergyanalytics.com>
X-Original-To: scitt@ietfa.amsl.com
Delivered-To: scitt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C288C14F5F1 for <scitt@ietfa.amsl.com>; Mon, 15 Apr 2024 12:37:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=reliableenergyanalytics.com header.b="BcExm0Zq"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="NP4WppoM"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kuDmN_wdKGOR for <scitt@ietfa.amsl.com>; Mon, 15 Apr 2024 12:37:50 -0700 (PDT)
Received: from fhigh4-smtp.messagingengine.com (fhigh4-smtp.messagingengine.com [103.168.172.155]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B198C14F5E2 for <scitt@ietf.org>; Mon, 15 Apr 2024 12:37:50 -0700 (PDT)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailfhigh.nyi.internal (Postfix) with ESMTP id 49ADB1140146 for <scitt@ietf.org>; Mon, 15 Apr 2024 15:37:49 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Mon, 15 Apr 2024 15:37:49 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= reliableenergyanalytics.com; h=cc:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :reply-to:subject:subject:to:to; s=fm3; t=1713209869; x= 1713296269; bh=zM2qNaP+1XE4JPPgPbGMsJQgzV3jQlGRVlVcRsQXhMs=; b=B cExm0ZqarB9myWJRHvBjF6rFJWtuTK4zMxrOpGNTTBHyw1NakKLIUEIiKwr3A2cD +UhXeyBCnF+H88DpimLXwEJSexFFBPSVe0ocBb5G1oYoycmROJRaKQkGE2UgWkhg +1P8SS0cGo3+HsTUtE30P0fuWlAU8PJVJNORw+uEUVHsx78tK+4toTAi4K5flVp7 J23ae7wtaqNowPG0O3IpXQFOFkFLupDJ+BCiadb0w3G9LOvdQtgIH+xawb/VBzDV Gj9nEHEjUFkgzLTB5r6H/p8/CJWD+CkRbR7wetVbv9zNU6TrJL/itry5eyHh9v2w Aw3jd3R3ER/j0x0TclnOQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:reply-to:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t= 1713209869; x=1713296269; bh=zM2qNaP+1XE4JPPgPbGMsJQgzV3jQlGRVlV cRsQXhMs=; b=NP4WppoMjgtACna/T0625eSdaPt3mpgjBT78E1mO+57qzZ30mlp a8K1BS5R4VODsWfQt2OTfInJimFmXjEmekwe6UqPNhbRFyq2kcNxs4xGJ7KbeQGr FjnBZFPmp/cRgKUnQr9nKwaQ2xjLcJZCQCoDSirj59StOZHJ+Ib7yypV9WLO6PgC T4dszKbF09zg+zloZJQMFfASSUSXIYtu0JXhc+Z3lxJJUivTdXucCSCbvkvsdFiK bmuATCiFPy6mDUSCEPljn/b+h4Sw4VFTk0GnoHPsn4lASkIDhSYpNmnPRGBTE++w RkxOWyJCQIrD9nDfFixpBxCDbcds0xKSGbQ==
X-ME-Sender: <xms:DYIdZv32kOaUbUXSGEDTSOWn7exn3e1PfeelZcSqigSSLQ_AgK0fcQ> <xme:DYIdZuGT0sinQsTSNtDyISYgurCH-8iHIcdQejm_iy4V8FOfkTL0SNDce_F7GHRMF WxgtNss3IazAd-bIw>
X-ME-Received: <xmr:DYIdZv50URvxMZ8YgnM7WV5XfFlq5thz8d1NJaZXix1A_1hc9oKWD8g>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrudejvddgudegtdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurheprhfhvffuffhokfggtgfothesrh dtghepvddtvdenucfhrhhomhepfdffihgtkhcuuehrohhokhhsfdcuoeguihgtkhesrhgv lhhirggslhgvvghnvghrghihrghnrghlhihtihgtshdrtghomheqnecuggftrfgrthhtvg hrnhepgfeiudejuddvudekjefgueelvdejvdelhefhleetgfeigfduudefleetieekudef necuffhomhgrihhnpehgihhthhhusgdrtghomhdpshhofhhtfigrrhgvrghsshhurhgrnh gtvghguhgrrhguihgrnhdrtghomhdplhhinhhkvgguihhnrdgtohhmpdhrvghlihgrsghl vggvnhgvrhhghigrnhgrlhihthhitghsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhepughitghksehrvghlihgrsghlvggvnhgvrhhg higrnhgrlhihthhitghsrdgtohhm
X-ME-Proxy: <xmx:DYIdZk1w1jMewrOFy8Hk93lbr7g7JermEtW9NU337WbUpaUxITmn2Q> <xmx:DYIdZiHDckT_8hoqoEAHa-qdUoHLdd-wOTDlDaCLW2qd3KqN5n6WUQ> <xmx:DYIdZl9Xf0FBqSz08KMg2ieIFbs4iIPsEJ9UiNXsfn0xH4J2hMNVAA> <xmx:DYIdZvke6auJodjy_I54q1mDHKolhdByFt0jcd_vLxkXZUVEV8DKyA> <xmx:DYIdZkNY3AfLh2qOvuvt4z51A9J4JQHMTLMUz4ry8V9mzocunldbLhic>
Feedback-ID: i57d944d0:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <scitt@ietf.org>; Mon, 15 Apr 2024 15:37:48 -0400 (EDT)
Reply-To: dick@reliableenergyanalytics.com
From: Dick Brooks <dick@reliableenergyanalytics.com>
To: scitt@ietf.org
Date: Mon, 15 Apr 2024 15:37:45 -0400
Organization: Reliable Energy Analytics LLC
Message-ID: <12bd01da8f6c$65b40ef0$311c2cd0$@reliableenergyanalytics.com>
MIME-Version: 1.0
Content-Type: multipart/related; boundary="----=_NextPart_000_12BE_01DA8F4A.DEA33240"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdqPayPsZQ9Ys/EiT7SVJztU7HIcQQ==
Content-Language: en-us
Archived-At: <https://mailarchive.ietf.org/arch/msg/scitt/rzG4n_cvcmXAiqQcYdzzd8tjr_g>
Subject: [SCITT] NASA presentation today
X-BeenThere: scitt@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Supply Chain Integrity, Transparency, and Trust" <scitt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scitt>, <mailto:scitt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scitt/>
List-Post: <mailto:scitt@ietf.org>
List-Help: <mailto:scitt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scitt>, <mailto:scitt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2024 19:37:55 -0000
Hello Everyone, I presented to NASA today showing how a software supplier can send the "Secure Software Attestation Form" to CISA via the RSAA portal: https://github.com/rjb4standards/Presentations/raw/master/NASA-Presentation- ICT_SCRM%20(003)-GEORGE-V3.pptx I also showed how a SCITT Trust Registry could be used to share "risk analysis findings" by registering a "trust label". This was the only item people wanted to know more about and expressed support for the "information sharing" benefits this could provide across agencies, resulting in efficiencies in the software risk assessment process across the US Government. I demonstrated how a US Govt agency could check for "Trusted Products" using an example from NATO, which could save some serious time/effort: https://softwareassuranceguardian.com/SAGCTR_inquiry/getTrustedProductLabel? ProductID=761E4EE1897337E571E407EA0D65F853EE912FC90581E9F29B5AE52451EE19F9 <https://softwareassuranceguardian.com/SAGCTR_inquiry/getTrustedProductLabel ?ProductID=761E4EE1897337E571E407EA0D65F853EE912FC90581E9F29B5AE52451EE19F9& html=1> &html=1 I continue to believe that a SCITT Trust Registry is valuable and beneficial to society in this digital age: https://www.linkedin.com/feed/update/urn:li:activity:7168953097795411968/ Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council - A Public-Private Partnership <https://reliableenergyanalytics.com/products> Never trust software, always verify and report! T <http://www.reliableenergyanalytics.com/> http://www.reliableenergyanalytics.com Email: <mailto:dick@reliableenergyanalytics.com> dick@reliableenergyanalytics.com Tel: +1 978-696-1788
- [SCITT] NASA presentation today Dick Brooks