[Cryptography Team] CC and Squeak.
Matthew S. Hamrick
mhamrick at cryptonomicon.net
Fri Nov 24 19:07:46 UTC 2006
Yup.
This is what I was talking about last year with respect to Spoon.
On Nov 23, 2006, at 7:44 PM, Cerebus wrote:
> I was poking through the list archives and I notice a large amount of
> traffic relating to CC certification.
>
> All the CC OS PPs require--at a minimum--implementation of
> discretionary access control over user actions. As Squeak has no
> concept of users or access control at all, I don't think any CC
> certification is a realistic goal. In fact, as Squeak is a live
> system, I don't think access control is implementable without
> rewriting the VM from scratch; and the result wouldn't be anything
> like the Squeak you know and love.
>
> For that matter, the live nature of the Squeak image will make FIPS
> certification problematic. FIPS certification requires strict version
> control over the crypto code. While subclassing a FIPS certified
> crypto class would be OK, overloading a FIPS method could invalidate
> the certification (unless it calls super for the certified sections).
> Extending a FIPS certified class would be a similar problem.
>
> Other crypto libraries have similar issues, but compiled code can
> generally show that they are using a fixed API and are linked to a
> certified version. A live system such as Squeak faces unique
> challenges. Every application built on an ostensibly FIPS-certified
> Squeak crypto library would have to be examined to ensure that FIPS
> code is not being overloaded, and even then you can't be sure that the
> final system isn't being modified by the end user...
>
> -- Tim
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/
> cryptography
More information about the Cryptography
mailing list