>> On Apr 8, 2014 11:32 PM, "ToddAndMargo" <[log in to unmask]
>> <mailto:[log in to unmask]>> wrote:
>>
>>     On 04/08/2014 08:25 PM, Paul Robert Marino wrote:
>>
>>         Well frankly if you need PCI-DSS compliance pay for RHEL. Its
>>         honestly
>>         not that expensive for the few systems that really require it.
>>         Only  the
>>         system's that handle credit cards supposedly require it and in most
>>         ecommerce companies that's probably 2 to 4 system's so what's the
>>         problem wit paying $750 a year each for those few systems to not
>>         have to
>>         deal with the problems and giving the stock investors a warm and
>>         fuzzy
>>         feeling. Your time spent on it costs them more money and ti
>>         reduces all
>>         the stress on every one if you buy compliance on the cheap.
>>
>>
>>     Hi Paul,
>>
>>     Is SL not PCI compliant because it is not a commercial
>>     effort?  I thought SL got all the patches the RHEL
>>     got?  Please elucidate.
>>
>>     Oh, and it is a sole proprietor and CHEAP doesn't
>>     begin to describe him.  (Nice guy though.)
>>
>>     Many thanks,
>>     -T
>>



On 04/08/2014 09:24 PM, Jamie Duncan wrote:
> PCI compliance is a lot more than just the code. Red Hat goes through
> multiple processes with these governing bodies to certify RHEL. That
> doesn't pass down to downstream distributions.
>

Hi Jamie,

Yikes.  That I did not realize.  Thank you for the
heads up!

-T