Date: Fri, 12 Mar 1999 15:09:36 +0100 From: Espen Torseth <Espen.Torseth@sds.no> To: 'Robert Watson' <robert+freebsd@cyrus.watson.org>, Matthew Dillon <dillon@apollo.backplane.com> Cc: andrewr <andrewr@slack.net>, Archie Cobbs <archie@whistle.com>, Andrew McNaughton <andrew@squiz.co.nz>, freebsd-security@FreeBSD.ORG Subject: RE: disapointing security architecture Message-ID: <5C6B5666DB52D211BAA50000F6B9956A6401@nt1gj.da.posten.no>
next in thread | raw e-mail | index | archive | help
The Rainbow-series is availble from: http://www.radium.ncsc.mil/tpep/ The TCSEC is now beeing replaced by CC (Common Criteria). And certification is a costly process... :-( Espen Torseth espen.torseth@sds.no > -----Original Message----- > From: Robert Watson [SMTP:robert@cyrus.watson.org] > Sent: 12. mars 1999 14:51 > To: Matthew Dillon > Cc: andrewr; Archie Cobbs; Andrew McNaughton; > freebsd-security@FreeBSD.ORG > Subject: Re: disapointing security architecture > > On Thu, 11 Mar 1999, Matthew Dillon wrote: > > > It would be hillarious if we could get a C2 certification for a base > > GENERIC system. > > I think that would be great also, although possibly not GENERIC :-). > POSIX.1e was intended to match the requirements of the various colored > books. Once we have Auditing and ACLs, I suspect we are getting fairly > close to C2-capable. I've never actually read those specs though--anyone > know if they are still available, and if so have an ISBN? If not, I can > go dig up a reference librarian and have them find it for me, but Amazon > is usually easiest :-). > > C2 certification is presumably also an expensive process; if someone wants > to find a sponsor, we could almost certainly achieve C2 compliance with a > little restriction of the base system and appropriate POSIX.1e options. > Having a nice big "C2-Compliant!" stamp on the 4.0 CD would blow the > competition out of the water (so to speak) and certainly be excellent PR. > > Robert N Watson > > robert@fledge.watson.org http://www.watson.org/~robert/ > PGP key fingerprint: 03 01 DD 8E 15 67 48 73 25 6D 10 FC EC 68 C1 1C > > Carnegie Mellon University http://www.cmu.edu/ > TIS Labs at Network Associates, Inc. http://www.tis.com/ > Safeport Network Services http://www.safeport.com/ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5C6B5666DB52D211BAA50000F6B9956A6401>