Certification (was RE: realpath(3) et al)

Devon H. O'Dell dodell at sitetronics.com
Tue Aug 12 13:32:34 PDT 2003


This is what I'm wondering about and what I'd like to contribute and donate
to/for. I don't feel that it would be a waste of time. I feel that it would
give:

a) A better image of FreeBSD
b) More reason for corporations to actually *use* FreeBSD, and 
c) Stop all the people on /. from whining about how FreeBSD is dead (like
anybody gives a (#*@ but okay ;)

My other thread is re: stack smashing protection. Lets separate the two.

--Devon

> -----Oorspronkelijk bericht-----
> Van: owner-freebsd-security at freebsd.org [mailto:owner-freebsd-
> security at freebsd.org] Namens twig les
> Verzonden: Tuesday, August 12, 2003 10:28 PM
> Aan: security at freebsd.org
> Onderwerp: Certification (was RE: realpath(3) et al)
> 
> I actually just asked about FreeBSD's status regarding Common
> Criteria last week on -questions but no one knew; one guy
> answered that it would be wasteful.  Is this the cert on
> everyone's mind?  It would be nice to have this cert for the 5.x
> line but I understand that it is massively expensive and the
> resources may be better spent on development.  Has the team
> discussed this?
> 
> 
> --- "Devon H. O'Dell" <dodell at sitetronics.com> wrote:
> > > On Tue, Aug 12, 2003 at 01:41:13PM +0200, Devon H. O'Dell
> > wrote:
> > > > However, it is also one that
> > > > will boost the image of FreeBSD as well as make it more
> > accepted by
> > > > third-party auditors (who I'd also like to see audit
> > FreeBSD).
> > >
> > > Who are these `third-party auditors'?
> >
> > There are a few who do security-related audits. I'll see if I
> > can get a list
> > made up.
> >
> > > > Additionally (and somewhat unrelated), Linux was recently
> > audited and
> > > given
> > > > the status "very secure".
> > >
> > > REALLY?  Wow, ``very secure''!!  I'm switching!!
> > (Tongue-in-cheek)
> > >
> > > I think we'd need deep pockets for just about ANY kind of
> > useful
> > > certification, security-related or not.
> >
> > We probably would. This is why I'm suggesting that it become
> > something we
> > stick on the front page of freebsd.org/freebsdfoundation.org.
> > Since FreeBSD
> > is a not-for-profit organization (as Chris Odell pointed out)
> > I think it'd
> > actually be attractive for people (and corporations using
> > FreeBSD) to donate
> > as it would be tax-deductible. It just needs to be made
> > well-known that this
> > is a goal of the Foundation, and I think people will be
> > willing to donate to
> > it. We've already had $300 of pledges today :)
> >
> > --Devon
> >
> > > Cheers,
> > > --
> > > Jacques Vidrine   . NTT/Verio SME      . FreeBSD UNIX
> > . Heimdal
> > > nectar at celabo.org . jvidrine at verio.net . nectar at freebsd.org
> > .
> > > nectar at kth.se
> > > _______________________________________________
> > > freebsd-security at freebsd.org mailing list
> > > http://lists.freebsd.org/mailman/listinfo/freebsd-security
> > > To unsubscribe, send any mail to "freebsd-security-
> > > unsubscribe at freebsd.org"
> >
> > _______________________________________________
> > freebsd-security at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-security
> > To unsubscribe, send any mail to
> "freebsd-security-unsubscribe at freebsd.org"
> 
> 
> =====
> -----------------------------------------------------------
> Emo is what happens when the glee club goes punk.
> -----------------------------------------------------------
> 
> __________________________________
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
> http://sitebuilder.yahoo.com
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-
> unsubscribe at freebsd.org"



More information about the freebsd-security mailing list