riaa.org, mpaa.org, and universalmusic.com I could see being unpatched, but I would have thought justice.gov would have to be patched for compliance reasons.
That's a logical point. But compliance with what? All I can find after a quick google search is National Institue of Technology GUIDELINES, and the only laws mentioned seem to deal with user privacy.
In fact, the only compliance regulations I know of with government sites have to do with accessibility.
[EDIT] Wait, I might be wrong. The DoD guide seems to cite quite a few regs, some of which may apply to the Justice department. Too bad I can't check their site :P
> but I would have thought justice.gov would have to be patched for compliance reasons.
I don't think that's true. I'd imagine the server behind justice.gov has no connectivity to anything important for compliance reasons, so patching it isn't really a big deal.
