[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#51976: Inquiry: gzip for NASA Use
From: |
Zhang, Cynthia X. (GSFC-705.0)[TELOPHASE CORP] |
Subject: |
bug#51976: Inquiry: gzip for NASA Use |
Date: |
Fri, 19 Nov 2021 19:04:40 +0000 |
Hello, my name is Cynthia and I am a Supply Chain Risk Management Analyst at
NASA. NASA is currently conducting a supply chain assessment of gzip. As stated
by Sections 208 and 514 of the Consolidated Appropriations Act, 2021, Public
Law 116-260, enacted December 27, 2020, a required step of our process is to
verify the Country of Origin (CoO) information for the product, aka the country
where the products were developed, manufactured, and assembled. As gzip is open
source, we understand that this inquiry is not directly applicable, as
contributions may be made from individuals from around the world. In this case,
NASA is interested in confirming whether there is an organization which
sponsors/publishes the project, or a primary developer who audits the code for
potential vulnerabilities, errors, or malicious code. Does gzip have overseeing
organization or individual along these lines? If so, please provide the country
they are established in so we can provide as much insight as possible following
our federal mandate.
Thank you,
Cynthia
- bug#51976: Inquiry: gzip for NASA Use,
Zhang, Cynthia X. (GSFC-705.0)[TELOPHASE CORP] <=