Scaled Back Cybersecuruty

> Perhaps the Feds (and maybe states) could use their purchasing power
> to effect change. Short of that, or regulation, the I don't see how
> the serious issues we have with the 'net will get resolved.
> I suppose that the "problem" is likely that people don't understand
> what a nice actually well-written worm could/would do if it were
> targeted at the infrastructure.

People do. I've been beating this particular horse for a while now,
and we are starting to deploy the capex hammer. I suggest others start
to do the same. See my presentation at the eugene nanog.

So what's a good place to look for security requirements in RFPs for
hardware/software vendors ?