[Cryptography Team] Todays Meeting update
Ron Teitelbaum
Ron at USMedRec.com
Fri Dec 1 14:22:34 UTC 2006
Tim could you explain this in more detail?
> You get EAL2 just for showing up at the meetings is what I hear. :)
Thanks,
Ron
> -----Original Message-----
> From: cryptography-bounces at lists.squeakfoundation.org
> [mailto:cryptography-bounces at lists.squeakfoundation.org] On Behalf Of
> Cerebus
> Sent: Friday, December 01, 2006 12:01 AM
> To: Ron at usmedrec.com; Cryptography Team Development List
> Subject: Re: [Cryptography Team] Todays Meeting update
>
> On 11/30/06, Ron Teitelbaum <Ron at usmedrec.com> wrote:
>
> > We may want to review openSSL and integrate that or NSS into squeak for
> > people that have to have an FIPS validated system. This would remove
> our
> > need to be validated, and shift our job to interpreting and implementing
> > external modules properly.
>
> Personally I prefer NSS over OpenSSL. OpenSSL's FIPS status is still
> sorta in question (Why does the cryptval list still say "Not
> Available"?). NSS has better certificate management features. In
> addition, I've found it easier to get RedHat to address bugs &
> features in NSS than it is to get active OpenSSL developers fired up
> to fix things.
>
> > It seems to me that there is little use for us to proceed with CC. CC
> is
> > more like a system evaluation. They even call it a system evaluation.
> The
> > evaluation has different levels we would probably want 2 or 3 but in
> order
> > to have something to validate we would actually need to write a system.
>
> You get EAL2 just for showing up at the meetings is what I hear. :)
>
> > I'm told that if we want to do CC then we should look into foreign labs
> > since CC is international and a validation from say the EU would be
> valid in
> > the US. Apparently Oracle saved a bundle doing this.
>
> I'm given to understand that the US CC evaluators are backed up into
> the next decade as well. CC validation takes forever. It takes
> longer to get a PP approved (SLOSPP-MR took years, frex.).
>
> -- Tim
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
More information about the Cryptography
mailing list