On Tue, Jan 27, 2009 at 06:20:41AM -0800, Ron Mayer wrote: > For what it's worth, we can see that there are indeed > Postgres forks on the Common Criteria certified list. > > http://www.commoncriteriaportal.org/products_DB.html > PostgreSQL Certified Version V8.1.5 for Linux > Manufacturer Assurance level Certification date > NTT DATA CORPORATION EAL1 22-MAR-07 > Certification report > c0089_ecvr.pdf > http://www.commoncriteriaportal.org/files/epfiles/c0089_ecvr.pdf > > though at EAL1 they're quite far from the EAL4+ that DB2, > Oracle, etc get.
As far as I understand, the different levels are about assuring a set of code/features to some assurance level. The Wikipedia page[1] gives a reasonable overview of the levels, but basically EAL1 says that a limited amount of effort (in practical terms, several person months/years of time for something like PG) was put in, EAL4 is the highest level before things start getting formal (i.e. you actually have to start doing some mathematical proofs about the design) and EAL7 has barely started, but says that the design is formally verified but the code isn't (as far as I understand). Research groups are suggesting that there should also be levels above EAL7 as we are *starting* to know how to verify code well enough that the code, as well as the design, can now be formally verified (e.g. [2]). Equally important as the assurance level are the actual feature set (there are technical names for this that I know very little about) that was actually tested for. For example, it would be comparatively easy to get PG certified saying that it loads and could be killed, but much harder to get it certified as complying with the complete SQL spec. -- Sam http://samason.me.uk/ [1] http://en.wikipedia.org/wiki/Evaluation_Assurance_Level [2] http://ertos.nicta.com.au/research/l4.verified/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers