[supernova87a]

The only problem I have with this document (which is quite good), is that it basically is a reflection of the mentality that we have to answer all these questions because commercial proprietary software is the "normal" path and we need all these justifications / answers for OSS.

For many things (or in an alternate universe), you would hope the opposite had been the default, and commercial proprietary software had to justify why it should be adopted.

[nonameiguess]

It's meant to combat that kind of mentality in the minds of the acquisitions specialists directly responsible for contracts. To be clear, it is absolutely the official position of the DoD CIO right now that you should be using off-the-shelf solutions everywhere possible and open-sourcing your own work unless you have a damn good reason not to, usually meaning hiding a classified capability. Otherwise, you need to answer for why you are not. Open source is very much intended to be the default for all new DoD software projects, but we need some way of overcoming the inertia of all the program-level responsible parties who still have the mindset that they need to hide everything and all software should be totally custom for their own narrow purpose.

What the senior leadership is trying to do here is create that alternate universe you want to see. Force anyone using or creating proprietary software to justify why they're doing that.

[MilStdJunkie]

Don't forget that with Open Source, all the blame lies with the implementer. One of the huge draws for paid solutions is that when the system gets borked - as it almost inevitably does - institutional blame can be routed on to the tools vendor, instead of a business process that, if you looked at it even medium-hard, shows itself to be a mobius strip of idiocy, incapable of existing in any meaningful sense.

Time to go tool shopping again! Rinse and repeat for many decades.

[golergka]

> commercial proprietary software is the "normal" path and we need all these justifications / answers for OSS

When you purchase commercial proprietary software (especially, I think, on the DoD scale) you purchase commercial support and put liability and responsibility on some other entity. If you use open-source software, you only just get the code without any guarantees.

As much as I love using open-source dependencies as a developer, I completely understand why a company or a government agency prefer the proprietary path.