From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from jazzswing.ncsc.mil (jazzswing.ncsc.mil [144.51.68.65]) by tycho.ncsc.mil (8.12.8/8.12.8) with ESMTP id h77Kk6Ha003049 for ; Thu, 7 Aug 2003 16:46:06 -0400 (EDT) Received: from jazzswing.ncsc.mil (localhost [127.0.0.1]) by jazzswing.ncsc.mil with ESMTP id h77KioOD024792 for ; Thu, 7 Aug 2003 20:44:50 GMT Received: from gw.enyo.de (sinma-gmbh.17.mind.de [212.21.92.17]) by jazzswing.ncsc.mil with ESMTP id h77KinKO024788 for ; Thu, 7 Aug 2003 20:44:49 GMT To: "David Eaves" Cc: Subject: Re: Fw: [ISN] IBM earns Linux certification References: <01d001c35d11$ca9deb00$6418a8c0@PSIMONT2> From: Florian Weimer Date: Thu, 07 Aug 2003 22:45:45 +0200 In-Reply-To: <01d001c35d11$ca9deb00$6418a8c0@PSIMONT2> (David Eaves's message of "Thu, 7 Aug 2003 11:29:08 -0700") Message-ID: <87brv1w612.fsf@deneb.enyo.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov "David Eaves" writes: > The Windows product lines already have EAL4+ (what the plus means I > don't know) EAL 4 plus flaw remediation procedures. > versus CAPP, which as a protection profile is next to worthless from > my pov. I agree. > Solutions I need will have to address the MDSPP and MNISPP profiles, which > are much wider in scope and more difficult to assure. Are the profiles already fully defined and available for certification, and can they be applied to software which wasn't designed from the beginning to meet those criteria? -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.