From owner-freebsd-security  Fri Mar 12  6:44:58 1999
Delivered-To: freebsd-security@freebsd.org
Received: from obie.softweyr.com (unknown [204.68.178.33])
	by hub.freebsd.org (Postfix) with ESMTP id C80C414E6F
	for <freebsd-security@FreeBSD.ORG>; Fri, 12 Mar 1999 06:44:05 -0800 (PST)
	(envelope-from wes@softweyr.com)
Received: from softweyr.com (wes@zaphod.softweyr.com [204.68.178.35])
	by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id HAA03334;
	Fri, 12 Mar 1999 07:43:08 -0700 (MST)
	(envelope-from wes@softweyr.com)
Message-ID: <36E927FC.ACDEEEC3@softweyr.com>
Date: Fri, 12 Mar 1999 07:43:08 -0700
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr llc
X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 3.1-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Robert Watson <robert+freebsd@cyrus.watson.org>
Cc: Matthew Dillon <dillon@apollo.backplane.com>,
	andrewr <andrewr@slack.net>, Archie Cobbs <archie@whistle.com>,
	Andrew McNaughton <andrew@squiz.co.nz>, freebsd-security@FreeBSD.ORG
Subject: Re: disapointing security architecture
References: <Pine.BSF.3.96.990312084725.6494Q-100000@fledge.watson.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Robert Watson wrote:
> 
> C2 certification is presumably also an expensive process; if someone wants
> to find a sponsor, we could almost certainly achieve C2 compliance with a
> little restriction of the base system and appropriate POSIX.1e options.
> Having a nice big "C2-Compliant!" stamp on the 4.0 CD would blow the
> competition out of the water (so to speak) and certainly be excellent PR.

You cannot certify a piece of software, only a computing system.  What
would be certified is a particular configuration of FreeBSD X.Y,
configured precisely so, on exactly THIS hardware.  ANY deviation from
the specified hardware, even more or less RAM, invalidates the
certfication (unless various RAM configurations are part of the
certified system, of course).  Your best bet for a sponsor may be a
computer vendor.

-- 
       "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                 Softweyr LLC
http://www.softweyr.com/~softweyr                      wes@softweyr.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message