From owner-trustedbsd-discuss@FreeBSD.ORG  Sat Aug 26 01:44:39 2006
Return-Path: <owner-trustedbsd-discuss@FreeBSD.ORG>
X-Original-To: trustedbsd-discuss@FreeBSD.org
Delivered-To: trustedbsd-discuss@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B5D9216A4DA
	for <trustedbsd-discuss@FreeBSD.org>;
	Sat, 26 Aug 2006 01:44:39 +0000 (UTC)
	(envelope-from geddis@apple.com)
Received: from mail-out3.apple.com (mail-out3.apple.com [17.254.13.22])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 62DCB43D4C
	for <trustedbsd-discuss@FreeBSD.org>;
	Sat, 26 Aug 2006 01:44:39 +0000 (GMT)
	(envelope-from geddis@apple.com)
Received: from relay7.apple.com (a17-128-113-37.apple.com [17.128.113.37])
	by mail-out3.apple.com (8.12.11/8.12.11) with ESMTP id k7Q1idEI014855; 
	Fri, 25 Aug 2006 18:44:39 -0700 (PDT)
Received: from [17.219.214.137] (unknown [17.219.214.137])
	(using TLSv1 with cipher RC4-SHA (128/128 bits))
	(No client certificate requested)
	by relay7.apple.com (Apple SCV relay) with ESMTP id D84BAE;
	Fri, 25 Aug 2006 18:44:38 -0700 (PDT)
In-Reply-To: <e782d7390608250956v42d05ceew8f61b0e21ad653d@mail.gmail.com>
References: <e782d7390608250956v42d05ceew8f61b0e21ad653d@mail.gmail.com>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: multipart/signed; micalg=sha1; boundary=Apple-Mail-1-8332790;
	protocol="application/pkcs7-signature"
Message-Id: <BB0580FB-1E5B-46A2-B436-73B4DC0B48F9@apple.com>
From: Shawn Geddis <geddis@apple.com>
Date: Fri, 25 Aug 2006 18:44:32 -0700
To: 473219@googlemail.com
X-Mailer: Apple Mail (2.752.2)
X-Brightmail-Tracker: AAAAAA==
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: trustedbsd-discuss@FreeBSD.org
Subject: Re: Common Criteria certification?
X-BeenThere: trustedbsd-discuss@FreeBSD.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TrustedBSD General Discussion List <trustedbsd-discuss.FreeBSD.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-discuss>, 
	<mailto:trustedbsd-discuss-request@FreeBSD.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/trustedbsd-discuss>
List-Post: <mailto:trustedbsd-discuss@FreeBSD.org>
List-Help: <mailto:trustedbsd-discuss-request@FreeBSD.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-discuss>, 
	<mailto:trustedbsd-discuss-request@FreeBSD.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Aug 2006 01:44:39 -0000



--Apple-Mail-1-8332790
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	delsp=yes;
	format=flowed

On Aug 25, 2006, at 9:56 AM, 473219@googlemail.com wrote:\
> Hello,
>
> Have any official evaluations been done (or planned) to test BSD  
> operating
> systems for Common Criteria[1,2] certification ?
>
> BSD could be a good match for my project, but the project must use  
> an OS
> with CC EAL certification.  Sponsoring a full CC EAL evaluation  
> would be too
> expensive, but might be possible if there was previous work to  
> start from.
> (Perhaps there is a "chicken-and-egg" problem!)
>
> Thanks!
>
> [1] http://www.commoncriteriaportal.org/
> [2] http://niap.bahialab.com/cc-scheme/index.cfm


Considering that you are asking about BSD Operating Systems, Mac OS X  
is a BSD based system and Mac OS X 10.3.6 & Mac OS X Server 10.3.6  
were both certified under Common Criteria against CAPP at EAL3, I  
would suggest that as your first option.  ALL of the source code and  
services that had to be evaluated are part of the open source  
components of OS X available as part of "Darwin".

All Darwin source code is available at:
	http://www.opensource.apple.com/darwinsource/

Common Criteria Tools
	http://www.apple.com/support/downloads/commoncriteriatools.html


Additional Resources
	Common Criteria Test Case Download
		http://download.info.apple.com/Mac_OS_X/061-1665.20050216.CCCTsCs/ 
CCTestCases.dmg

See the following resources for further information:

	Common Criteria Evaluation and Validation Scheme
		http://niap.nist.gov/cc-scheme/st/ST_VID4012.html
	NIAP Report
		http://www.apple.com/support/security/commoncriteria/CC_NIAP.pdf
	Common Criteria Support
		http://www.apple.com/support/security/commoncriteria
	White Paper
		http://images.apple.com/support/security/commoncriteria/ 
CC_Whitepaper.pdf
	Admin Guide
		http://images.apple.com/support/security/commoncriteria/ 
CC_AdminGuide.pdf


- Shawn
___________________________________________
Shawn Geddis
Security Consulting Engineer
Apple Enterprise Division    (Public & Private Sector)




--Apple-Mail-1-8332790--