Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 15 Mar 2006 12:02:19 +0000 (GMT)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no>
Cc:        Timothy Smith <timothy@open-networks.net>, freebsd-security@freebsd.org, Julian Elischer <julian@elischer.org>, Jason M <talonz@gmail.com>
Subject:   Re: DSD Approved Products
Message-ID:  <20060315115842.M5861@fledge.watson.org>
In-Reply-To: <86irqhf6om.fsf@xps.des.no>
References:  <f325996d0603130203h5b14fd0drf4942c487208fe4e@mail.gmail.com> <4415C065.7040206@elischer.org> <4416C64C.7090309@open-networks.net> <86irqhf6om.fsf@xps.des.no>

next in thread | previous in thread | raw e-mail | index | archive | help
  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--0-1890501141-1142424139=:5861
Content-Type: TEXT/PLAIN; charset=iso-8859-1; format=flowed
Content-Transfer-Encoding: QUOTED-PRINTABLE


On Tue, 14 Mar 2006, Dag-Erling Sm=F8rgrav wrote:

> Timothy Smith <timothy@open-networks.net> writes:
>> it can't be too hard to get on that list. windows 2000 is on there.
>
> Very funny.
>
> Getting a Common Criteria certification requires:
>
> - a big wad of money
> - lots and lots of very boring paperwork
> - an even bigger wad of money
>
> Sadly, Microsoft has that, and we don't.

Having been involved in the certication process for Mac OS X, I know a litt=
le=20
about this process now, and the main thing to understand is that the common=
=20
criteria process is about certifying products from vendors.  We have a=20
product, but we're not actually a vendor.  Vendors are typically the ones t=
hat=20
find the rather large sums of cash required to complete the certification=
=20
process.

That said, we're now at the point where we basically have all the required=
=20
functionality for a CAPP evaluation in 7.x-CURRENT, and I'll be merging the=
=20
audit support to 6.x in the near future.  I had hoped to ship it in 6.1, bu=
t=20
things haven't gone quite as quickly as I hoped.  I'll MFC the security aud=
it=20
support pretty quickly after the 6.1 release now that it has settled out so=
me=20
in CVS HEAD.  There is some additional functional work that needs to be don=
e,=20
but it is generally in progress at this point.

Something we can do to make a CAPP evaluation for FreeBSD easier is to star=
t=20
providing the security target documentation and assurance documentation.=20
That way if a vendor turns up and is interested in certifying, it will be a=
=20
lot easier for them.

Robert N M Watson
--0-1890501141-1142424139=:5861--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060315115842.M5861>