There is much rejoicing going on at Slashdot but I think we have to remain skeptical. Defense is notorious for appearing to support change while the bureaucracy continues to stifle it.
What's most important to note is we're not just talking about security here. Jack reports that the first fruit of this effort is a system for automating the secure configuration of Solaris systems.
We should also note that Defense programmers also have access to the rest of the open source mountain. It's not necessary for the military to run its own molehill in order to gain the public benefits open source provides. Just let its programmers out.
Jack is concerned that access to the new forge is strictly limited, with only 20 projects due to go online in the next six months. That should not be a problem if the new forge encourages use of other forges, and of open source code generally. In theory forge.mil should only be necessary for projects which need special security before being used.
Some Slashdotters are skeptical of the whole story. It's not yet on DefenseLink. It's hosted at a publicly-registered site called forgemil.com. Access procedures seem to be squirrelly.
Point is we're at the start of a process, one milestone down a long road. What happens to programmers who bring things in from outside -- do they win promotion for initiative or do they get pushed out?
That's a more important question to me than whether there is a forge site in the military network.