Date: Tue, 12 Aug 2003 23:32:14 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: twig les <twigles@yahoo.com> Cc: security@freebsd.org Subject: Re: Certification (was RE: realpath(3) et al) Message-ID: <Pine.NEB.3.96L.1030812232612.71381A-100000@fledge.watson.org> In-Reply-To: <20030812202822.28566.qmail@web10108.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 12 Aug 2003, twig les wrote: > I actually just asked about FreeBSD's status regarding Common Criteria > last week on -questions but no one knew; one guy answered that it would > be wasteful. Is this the cert on everyone's mind? It would be nice to > have this cert for the 5.x line but I understand that it is massively > expensive and the resources may be better spent on development. Has the > team discussed this? Evaluation to CC doesn't necessary mean improved security -- the lower evaluation levels (such as EAL3) are really about documentation and certification for particular uses, and don't involve any code auditing or implementation checking. Only at higher EAL levels will you see extensive evaluation of the implementation itself. An important part of higher EAL levels is product life cycle consideration, which will present a substantial challenge to the open source community. If you're not feature complete for a spec, you can also expect to spend a lot of time developing the missing features, which can be quite expensive :-). People are interested in evaluation, but generally what it takes to make evaluation happen is a large interested customer, an evaluation lab, and a substantial amount of developer involvement. FreeBSD has probably already gone through a number of security certifications as an integral part of a number of evaluated commercial products. The TrustedBSD Project has had as one of its goals providing feature compliance to CAPP, as well as providing supporting documentation, the goal being to support companies looking to evaluate FreeBSD-based products. My hope is that sometime relatively soon on the 5.x branch, we'll be feature-complete for CAPP, and largely feature-complete for LSPP. But I think this really needs to be driven by a consumer who wants the evaluation to happen -- evaluating without a consumer is of little value because of the cost of maintaining the evaluation over time. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1030812232612.71381A-100000>