Frank, perhaps we can make up our own definition of what a step in functionality is? For example, a 5.x stage could be certified, and 6.x would need to be recertified? This seems largely arbitrary, so they probably have some guidelines on this.
We could set up some automated tests that would help (but not solve) the challenge of making sure that the security holes remain closed.
I'm really happy to see more security-conscious people involved with OpenACS. It has a pretty good track record, but the more scrutiny, the better, I think.
