DSD Approved Products
Robert Watson
rwatson at FreeBSD.org
Wed Mar 15 12:01:44 UTC 2006
On Tue, 14 Mar 2006, Dag-Erling Smørgrav wrote:
> Timothy Smith <timothy at open-networks.net> writes:
>> it can't be too hard to get on that list. windows 2000 is on there.
>
> Very funny.
>
> Getting a Common Criteria certification requires:
>
> - a big wad of money
> - lots and lots of very boring paperwork
> - an even bigger wad of money
>
> Sadly, Microsoft has that, and we don't.
Having been involved in the certication process for Mac OS X, I know a little
about this process now, and the main thing to understand is that the common
criteria process is about certifying products from vendors. We have a
product, but we're not actually a vendor. Vendors are typically the ones that
find the rather large sums of cash required to complete the certification
process.
That said, we're now at the point where we basically have all the required
functionality for a CAPP evaluation in 7.x-CURRENT, and I'll be merging the
audit support to 6.x in the near future. I had hoped to ship it in 6.1, but
things haven't gone quite as quickly as I hoped. I'll MFC the security audit
support pretty quickly after the 6.1 release now that it has settled out some
in CVS HEAD. There is some additional functional work that needs to be done,
but it is generally in progress at this point.
Something we can do to make a CAPP evaluation for FreeBSD easier is to start
providing the security target documentation and assurance documentation.
That way if a vendor turns up and is interested in certifying, it will be a
lot easier for them.
Robert N M Watson
More information about the freebsd-security
mailing list