[52547] in Cypherpunks
Re: NT's C2 rating
daemon@ATHENA.MIT.EDU (Mark Aldrich)
Sat Mar 23 14:38:49 1996
My-From: Mark Aldrich <maldrich@grctechs.va.grci.com>
Date: Sat, 23 Mar 1996 14:25:21 -0500 (EST)
From: Mark Aldrich <maldrich@grctechs.va.grci.com>
To: Bill Frantz <frantz@netcom.com>
Cc: Rick Smith <smith@sctc.com>, cypherpunks@toad.com
In-Reply-To: <199603230800.AAA24157@netcom6.netcom.com>
On Sat, 23 Mar 1996, Bill Frantz wrote:
> At 5:11 PM 3/22/96 -0600, Rick Smith wrote:
> >The big deal is that few vendors have tried to get NCSC evaluations.
>
> We walked KeyKOS a long way down the path to a B2 rating. Our investors
> refused to fund the estimated $1 million it would cost to do all the
> paperwork. They felt there was no market for NCSC secure systems. Perhaps
> others felt the same way.
Hopefully, with the Common Criteria replacing the Orange Book (pray, this
year), you'll now be able to evaluate against a profile for a lot less
money. And, believe it or not, customers will actually get security
products they need instead of another instance of the Bell-LaPadula model
crafted to military specs.
-------------------------------------------------------------------------
| Liberty is truly dead |Mark Aldrich |
| when the slaves are willing |GRCI INFOSEC Engineering |
| to forge their own chains. |maldrich@grci.com |
| STOP THE CDA NOW! |MAldrich@dockmaster.ncsc.mil |
|_______________________________________________________________________|
|The author is PGP Empowered. Public key at: finger maldrich@grci.com |
| The opinions expressed herein are strictly those of the author |
| and my employer gets no credit for them whatsoever. |
-------------------------------------------------------------------------
