Clarke, speaking at the eWEEK Security Summit here Wednesday, said Rumsfeld should be held accountable for the abuse scandal and that he should follow the lead of Les Aspin, who served as secretary of defense under former President Bill Clinton.
Aspin resigned in 1993 following the deaths of 18 U.S. soldiers in a firefight in Mogadishu, Somalia. Aspin had rejected a request by commanders on the ground for more tanks and armored vehicles.
As for those who say Rumsfeld should stay in office because its not proper for someone in his position to resign because of soldiers actions, Clarke said they are forgetting their history.
"People forget about Les Aspin. I think its time for Donald Rumsfeld to resign and take responsibility for Iraq the way Les Aspin did," Clarke said.
Clarke also was sharply critical of the Bush administrations decision to invade Iraq, although he said the United States must stay and finish the job.
His comments about Rumsfeld and the Iraq war overshadowed an earlier speech in which he called on the federal government and enterprises to work together to hold software vendors responsible for the poor quality and security of their applications, according to the White Houses former top cyber-security official.
Clarke, who was also chairman of the presidents Critical Infrastructure Board before retiring from government service in 2003, said the inherent insecurity of most software produced today is one of the major factors in the security problems that are plaguing enterprises and home users alike right now. Clarke called on the government to put pressure on the software industry to develop and maintain secure coding practices.
"The reason you have people breaking into your software all over the place is because your software sucks," Clarke said in his speech. "I dont like the idea of buyer beware. It was great in the fourteenth century, but I think weve moved beyond buyer beware now."
Clarke also encouraged enterprises to get together and inform their vendors that theyre not happy with the security of their software.
"Industries should establish what they want from the software industry. Lets allow these industries to get together and say what they expect," he said. "If they need an antitrust exemption for that, lets give it to them. Baseball has one."
Clarke also suggested that CIOs and home users should encourage the government to do its part in the process and lead by example.
"All of you should pressure the government to do something about security. If the government was doing its job, things would be better," he said.
The emphasis on better software quality was just one entry on two separate "top 10" lists of pressing security issues for the government and the private sector that Clarke discussed. Among his other suggestions were an increase in funding for security research and development inside and outside the government, and a proposal that President Bush amend his broadband-access bill to require ISPs to add security measures such as personal firewalls to their offerings.