Adam Back wrote: > About the criticisms of Common Critera evaluation in general, I think > why people complain it is a documentation exercise is because pretty > much all it does ensure that it does what it says it does. So > basically you have to enumerates threats, state what threats the > system is designed to protect against, and which are out of scope. > > Then the rest of the documentation is just saying that in increasing > detail, that you have not made mistakes in the design and > specification and to some extent implementation.
CC has very good points. One of the best points is IMO the ST/PP concept which encourages to think what to protect against what. And I do think that most of the CC documents are helpful. But some, esp. these which occupy the most paper, are IMO not worth their effort. These are the low- and high-level design. They are meant to be the link between specification and implementation, but I am sure that there are simpler ways to show the link. And my experience is that these two documents do not change the product in any way. Matthias -- Matthias Bruestle, Managing Director Phone +49 (0) 91 19 55 14 91, Fax +49 (0) 91 19 55 14 97 MaskTech GmbH, Nordostpark 16, 90411 Nuernberg, Germany --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
