[Ncep.list.cpcopcwpc-rfcmemo] security and accelerated RFCs

Christine Caruso.Magee - NOAA Federal chris.caruso.magee at noaa.gov
Thu Nov 20 19:15:53 UTC 2014

Hi All,

  For those of you who weren't at today's CCB -- last week, Ben Kyger asked
that the ISSO review all accelerated RFCs.  If the accelerated RFC has no
security risk, the ISSO may do the review after the change has been
implemented.  If the accelerated RFC might have a security risk, the change
should be run past the ISSO before it's made.

 One point of clarification - for accelerated RFCs that are submitted to
fix something operational which is broken, do not let anything hold up that
fix!  The ISSO may review the RFC after the fact.

  Also, if an accelerated change is being made to servers/machines that are
strictly internal, then you don't need to worry about having ISSO
approval.  The only accelerated changes which you'd want to run by the ISSO
are those which might introduce a security risk (e.g. some website changes,
pulling data from a non-NOAA server, etc.).

  What this boils down to is this -- when approving accelerated RFCs, ask
yourself if there's a possible security risk.  We want you to keep this in
mind but we don't want this slowing down the process.

The ISSO for CPC, NHC, OPC, and WPC is Rene Rodriguez.  Rene's backup is
Arthur Yo.

Rene's work phone:  301-683-3959
Rene's cell phone:  301-204-4557
Arthur's work phone:  301-683-3436

Any questions, please ask!


Christine Caruso Magee
NWS/NCEP/NCO Configuration Manager
chris.caruso.magee at noaa.gov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lstsrv.ncep.noaa.gov/pipermail/ncep.list.cpcopcwpc-rfcmemo/attachments/20141120/e9ad21a9/attachment.html 

More information about the Ncep.list.cpcopcwpc-rfcmemo mailing list