Date: Fri, 14 Mar 2003 18:31:52 +0100 From: des@ofug.org (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) To: "Gregory A. Gilliss" <ggilliss@netpublishing.com> Cc: freebsd-chat@freebsd.org Subject: Re: Linux and Oracle Going for Security Certification Message-ID: <xzp4r65am7r.fsf@flood.ping.uio.no> In-Reply-To: <20030314170248.GA40497@netpublishing.com> ("Gregory A. Gilliss"'s message of "Fri, 14 Mar 2003 09:02:48 -0800") References: <20030314170248.GA40497@netpublishing.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Gregory A. Gilliss" <ggilliss@netpublishing.com> writes: > details how Oracle and Red Hat are attempting to have RH Linux certified > for an EAL2 certification. A successful eval will allow RH (and Oracle, > who are adopting the platform aggressively) to create a "standard" secure > distro, which will almost certainly be adopted by the public and private > sector. As has already been pointed out in other fora, an EAL certification - especially EAL2, which is the second lowest level rung on the 7-rung EAL ladder - means absolutely nothing. Microsoft Windows 2000 SP3 was recently certified at EAL4. I'm sure the RedHat are *real* proud that (if you give EAL certification any credence) their OS is certifiably less secure than Windows 2000, by about two levels of magnitude. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp4r65am7r.fsf>