Re: Congress is considering removing the SBOM provision from the NDAA Bill now before Congress
toggle quoted message Show quoted text
I’m not familiar with the GSA work you mention. Can you provide a pointer to GSA documents indicating that SBOM’s are required.
I’ve seen where SBOM’s are required in the Department of State Evolve RFP.
Also, why would ITI and others be lobbying Congress to have SBOM removed from the NDAA, as the linked article indicates.
There must be a reason. I suspect it’s because Congress creates laws, and the NDAA law makes SBOM a legal requirement.
Active Member of the CISA Critical Manufacturing Sector,
Sector Coordinating Council – A Public-Private Partnership
Never trust software, always verify and report! ™
Tel: +1 978-696-1788
From: spdx@... <spdx@...> On Behalf Of Eliot Lear
Sent: Friday, December 16, 2022 4:13 PM
Subject: Re: [spdx] Congress is considering removing the SBOM provision from the NDAA Bill now before Congress
Why? GSA is already specifying SBOMs. And is the list to encourage congressional lobbying?
On 16.12.22 20:38, Dick Brooks wrote: