Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 14 Mar 2003 18:31:52 +0100
From:      des@ofug.org (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=)
To:        "Gregory A. Gilliss" <ggilliss@netpublishing.com>
Cc:        freebsd-chat@freebsd.org
Subject:   Re: Linux and Oracle Going for Security Certification
Message-ID:  <xzp4r65am7r.fsf@flood.ping.uio.no>
In-Reply-To: <20030314170248.GA40497@netpublishing.com> ("Gregory A. Gilliss"'s message of "Fri, 14 Mar 2003 09:02:48 -0800")
References:  <20030314170248.GA40497@netpublishing.com>

next in thread | previous in thread | raw e-mail | index | archive | help
"Gregory A. Gilliss" <ggilliss@netpublishing.com> writes:
> details how Oracle and Red Hat are attempting to have RH Linux certified
> for an EAL2 certification.  A successful eval will allow RH (and Oracle,
> who are adopting the platform aggressively) to create a "standard" secure
> distro, which will almost certainly be adopted by the public and private
> sector.

As has already been pointed out in other fora, an EAL certification -
especially EAL2, which is the second lowest level rung on the 7-rung
EAL ladder - means absolutely nothing.  Microsoft Windows 2000 SP3 was
recently certified at EAL4.  I'm sure the RedHat are *real* proud that
(if you give EAL certification any credence) their OS is certifiably
less secure than Windows 2000, by about two levels of magnitude.

DES
-- 
Dag-Erling Smorgrav - des@ofug.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp4r65am7r.fsf>