[CentOS] CENTOS not DoD approved

Tue Apr 28 22:10:04 UTC 2015
Johnny Hughes <johnny at centos.org>

On 04/28/2015 02:30 PM, John R Pierce wrote:
> On 4/28/2015 9:49 AM, bobby Orellano wrote:
>> nowhere does it say that centos is approved for use in DoD. it is not on
>> the APL, only RedHat and SuSE
> 
> 
> DoD approval requires spending lots of money jumping through arbitrary
> hoops.   Do you wish to pay for this?
> 
> skimming the requirements, it also requires extensive documentation of
> said 'Product'.   Do you wish to write this?

CentOS is not approved for DOD use.  In fact, CentOS is not now, nor has
it ever been *certified* for anything.  Certifications require people to
PAY to certify a product.

Specifically, EAL4 Certification, a requirement for the DOD, costs up to
2.5 million dollars .. see this link:

http://en.wikipedia.org/wiki/Evaluation_Assurance_Level#Impact_on_cost_and_schedule

That cost would be for each main version of CentOS (2.1, 3, 4, 5, 6, and
7) .. so the cost to have all 6 previous major versions certified would be:

6 x $2.5 Million =  $15 Million dollars.

Since CentOS is given away for free ... I can't afford to pay 15 million
dollars to have it EAL4 certified .. can anyone on this list?

Certifications and security testing and assurance, along with a Service
Level Agreement for fixing bugs is why people who require any of those
things need to buy RHEL.

Thanks,
Johnny Hughes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20150428/fe6bf9b2/attachment-0005.sig>