Date: Fri, 12 Mar 1999 07:43:08 -0700 From: Wes Peters <wes@softweyr.com> To: Robert Watson <robert+freebsd@cyrus.watson.org> Cc: Matthew Dillon <dillon@apollo.backplane.com>, andrewr <andrewr@slack.net>, Archie Cobbs <archie@whistle.com>, Andrew McNaughton <andrew@squiz.co.nz>, freebsd-security@FreeBSD.ORG Subject: Re: disapointing security architecture Message-ID: <36E927FC.ACDEEEC3@softweyr.com> References: <Pine.BSF.3.96.990312084725.6494Q-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote:
>
> C2 certification is presumably also an expensive process; if someone wants
> to find a sponsor, we could almost certainly achieve C2 compliance with a
> little restriction of the base system and appropriate POSIX.1e options.
> Having a nice big "C2-Compliant!" stamp on the 4.0 CD would blow the
> competition out of the water (so to speak) and certainly be excellent PR.
You cannot certify a piece of software, only a computing system. What
would be certified is a particular configuration of FreeBSD X.Y,
configured precisely so, on exactly THIS hardware. ANY deviation from
the specified hardware, even more or less RAM, invalidates the
certfication (unless various RAM configurations are part of the
certified system, of course). Your best bet for a sponsor may be a
computer vendor.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://www.softweyr.com/~softweyr wes@softweyr.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36E927FC.ACDEEEC3>