On Fri, Feb 11, 2022 at 12:56 PM Bryan Smith <[email protected]> wrote:
> ... and LZ77-LZ4 (p7z**) ...
> **P.S. ... NIST 800-171/172 ... which affects any federal contractors --
> not just DoD ...
>
I guess I did a poor job of explaining why I brought this up.
In-a-nutshell, a lot of US NIST -- basically the US' long-standing
'national standard' entity that goes all the way back to the Geodetic
Survey some 200 years ago** -- including technology (ANSI is a sister,
private entity commonly associated with NIST), basically makes the
standards in the US. And CyberSecurity is being implemented to NIST at a
national level on everything that now touches US infrastructure ...
including federally regulated industries from banking/financial to
communications/telecom, not just typical 'federal contractors.' That means
... US states and locales will usually 'fall in line' as well, plus ...
anyone with treaties with the US or doing business with US companies.
In other words ... if it isn't allowed by NIST, it's going to affect a lot
of IT standards in the US, possibly beyond, far more than just DISA STIGs
... so a lot of GNU/Linux. ;)
- bjs
**P.S. I cannot stress how NIST is very controlling of any standards in
the US, and it's going to be impossible to do anything without following
NIST standards.
<history>
The US Geodetic Survey broke with the UK, and created the precursor to the
US Customary system of measurement 200 years ago, especially around units
of volume. E.g., 50mpg-imp (Miles per Imperial Gallon) is only 40mpg-us
(Miles per US Customary Gallon) -- which is rarely known by even those in
the Anglo-American world ("Why do even American economy cars have worse gas
mileage?"). By the 1840s, when the French were developing a base 10
system, the US Geodetic and related agencies (which were under
Commerce-Treasury early on) decided to standardize all US Customary (first
standardized in 1938) on this system to the same number of significant
digits as the French system itself, 5, utterly at odds with the new UK
Imperial standardization effort, which is why US Customary and UK Imperial
required a number of 'committees' over the decades -- e.g., 'International
Mile' standard. The US formalized with the French in the late 1850s, was a
signatory to the 1875 Metric Convention (the only country of Commonwealth
origin at the time), formalizing all US Customary on Metric to the same of
Metric itself, 7 significant digits. This became 9 when Metric became 9,
right around the time the creation of the US Bureau of Standards to start
the 20th century, which is now the National Institute of Standards and
Technology (NIST). So while the US didn't formally standardize on Metric
until 1975, and it's all that is taught in schools and required for all
public documentation -- even if the very ignorant US Media continues to use
US Customary, and highway signs are still US Customary because of the SAE
and auto industry, much like SAAMI for ordinance, because it's not always
just the measure, but angles, bore v. bullet, etc... nomenclature -- all US
Customary measurements have, essentially, converted exactly (to 5, 7 and
then the current 9) the same number of significant digits as Metric is
defined itself. This is why US manufacturing and other industries haven't
had any issues with Metric manufacturing since the 1850s, unlike in
UK/Imperial countries which forced the UK to convert to metric by the
1960s. NIST is the standard the US uses, and now Cyber is defined by NIST
standards and being pushed ... hard.
</history>
--
Bryan J Smith - http://www.linkedin.com/in/bjsmith
E-mail: b.j.smith at ieee.org or me at bjsmith.me
_______________________________________________
lpi-examdev mailing list
[email protected]
https://list.lpi.org/mailman/listinfo/lpi-examdev
