Bid requirement rejected, with predjudice...
-
Today's fun with bid documents (stuff we get before/while we decide on bidding for a job):
Client bid requirements:
For encryption with HTTPS, SSL v3 (TLS 1.x) with a secure cypher suite MUST be used.
Granted, the spec was written before POODLE, but.. seriously guys? That's the lowest level and you REQUIRE™ (a-la RFC) it?!?!
Yes - comments will be sent back pointing out the error of their ways but still...
-
I found this part of the Wikipedia article particularly amusing.
This article is about the security vulnerability. For the dog, see poodle.
-
You have to love an RFP that specs a requirement that is rapidly being deprecated due to an exposed security vulnerability. By the time you finish the bid process, no client will even support it.
Although, you could make this in to a story where the client receives exactly what they asked for, but nothing of what they needed.
-
We're still trying to get through to our BAs that there's often a difference between what our (internal) customers ask for and what they actually want.
-
That may be the greatest difficulty in IT: being able to translate from English to "geek speak" and back again without losing meaning.
-
That's why a good BA is worth their weight in gold, and a developer who can talk business yet still cut good code is a unicorn.
-
I sort of managed at my old job to do that - but then the company collapsed due to stupidity that couldn't be fixed.