[Cryptography Team] Todays Meeting update

Ron Teitelbaum Ron at USMedRec.com
Fri Dec 1 14:22:34 UTC 2006 

Tim could you explain this in more detail?

> You get EAL2 just for showing up at the meetings is what I hear.  :)

Thanks,

Ron

> -----Original Message-----
> From: cryptography-bounces at lists.squeakfoundation.org
> [mailto:cryptography-bounces at lists.squeakfoundation.org] On Behalf Of
> Cerebus
> Sent: Friday, December 01, 2006 12:01 AM
> To: Ron at usmedrec.com; Cryptography Team Development List
> Subject: Re: [Cryptography Team] Todays Meeting update
> 
> On 11/30/06, Ron Teitelbaum <Ron at usmedrec.com> wrote:
> 
> > We may want to review openSSL and integrate that or NSS into squeak for
> > people that have to have an FIPS validated system.  This would remove
> our
> > need to be validated, and shift our job to interpreting and implementing
> > external modules properly.
> 
> Personally I prefer NSS over OpenSSL.  OpenSSL's FIPS status is still
> sorta in question (Why does the cryptval list still say "Not
> Available"?).  NSS has better certificate management features.  In
> addition, I've found it easier to get RedHat to address bugs &
> features in NSS than it is to get active OpenSSL developers fired up
> to fix things.
> 
> > It seems to me that there is little use for us to proceed with CC.  CC
> is
> > more like a system evaluation.  They even call it a system evaluation.
> The
> > evaluation has different levels we would probably want 2 or 3 but in
> order
> > to have something to validate we would actually need to write a system.
> 
> You get EAL2 just for showing up at the meetings is what I hear.  :)
> 
> > I'm told that if we want to do CC then we should look into foreign labs
> > since CC is international and a validation from say the EU would be
> valid in
> > the US.  Apparently Oracle saved a bundle doing this.
> 
> I'm given to understand that the US CC evaluators are backed up into
> the next decade as well.  CC validation takes forever.  It takes
> longer to get a PP approved (SLOSPP-MR took years, frex.).
> 
> -- Tim
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography

More information about the Cryptography mailing list