Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Mon, Feb 22, 2010 at 04:04:39PM +0200, Aram H??v??rneanu wrote: Besides what's written above. EAL is meaningless unless you read the Protection Profile. EAL is the assurance level *against* the protection profile. If your PP specifies only that in your systems, users login using passwords

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Mon, Feb 22, 2010 at 03:51:28PM +0200, Aram H??v??rneanu wrote: EAL4 is meaningless. The auditor is not required to view the software in any way (binary or source). Wrong. EAL4 is the lowest EAL that includes ADV_IMP.1, which in turn requires checking the actual implementation, i.e. source

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On 2/22/2010 9:23 AM, Bret S. Lambert wrote: Unless some benefactor is willing to come forward and deal with the logistical headache of doing the paperwork and keeping it all as up to date as it needs to be, it's not going to happen, even if getting an EAL meant ponies, rainbows, and money trees

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

EAL4 is meaningless. The auditor is not required to view the software in any way (binary or source). Any vendor with money can get its OS to be certified at least at EAL 4 because all that means is that the OS has some mechanisms in place for implementing security. It does not guarantee that those

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Mon, Feb 22, 2010 at 3:51 PM, Aram HDvDrneanu ara...@mgk.ro wrote: EAL4 is meaningless. The auditor is not required to view the software in any way (binary or source). Any vendor with money can get its OS to be certified at least at EAL 4 because all that means is that the OS has some

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Mon, Feb 22, 2010 at 04:04:39PM +0200, Aram H??v??rneanu wrote: On Mon, Feb 22, 2010 at 3:51 PM, Aram HDvDrneanu ara...@mgk.ro wrote: EAL4 is meaningless. The auditor is not required to view the software in any way (binary or source). Any vendor with money can get its OS to be

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Mon, 22 Feb 2010, Aram HD~CvD~Crneanu wrote: SNIP *model*, not the *implementation*. I seriously doubt .mil or .gov has such requirements for high security networks. I see this kind of nonsense in the Enterprise world. Chuckle, you are living in a fantasy world if you think this kind of

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Monday, February 22, 2010, Bret S. Lambert bret.lamb...@gmail.com wrote: Unless some benefactor is willing to come forward and deal with the logistical headache of doing the paperwork and keeping it all as up to date as it needs to be, it's not going to happen, even if getting an EAL meant

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On 2/22/2010 9:23 AM, Bret S. Lambert wrote: Unless some benefactor is willing to come forward and deal with the logistical headache of doing the paperwork and keeping it all as up to date as it needs to be, it's not going to happen, even if getting an EAL meant ponies, rainbows, and money trees

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

Steve Shockley wrote: On 2/22/2010 9:23 AM, Bret S. Lambert wrote: Unless some benefactor is willing to come forward and deal with the logistical headache of doing the paperwork and keeping it all as up to date as it needs to be, it's not going to happen, even if getting an EAL meant ponies,

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

Thank you Seth and Brooke for materializing and putting on a great OpenBSD booth at SCaLE in Los Angeles. Overheard question of the day: Could you please get EAL level 4 certification so I can use you in the US Air Force? (Milaero country...) Michael

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Sun, 21 Feb 2010 15:35 -0800, Michael Dexter dex...@bsdfund.org wrote: Thank you Seth and Brooke for materializing and putting on a great OpenBSD booth at SCaLE in Los Angeles. Overheard question of the day: Could you please get EAL level 4 certification so I can use you in the US Air

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Sun, 21 Feb 2010, Michael Dexter wrote: Thank you Seth and Brooke for materializing and putting on a great OpenBSD booth at SCaLE in Los Angeles. Overheard question of the day: Could you please get EAL level 4 certification so I can use you in the US Air Force? (Milaero country...) Michael

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

In my own opinion EAL level 4 cert has some serious issues. A lot of what you get is Process and Procedure done by some large corporate entity. What you find is code revs rarely go through certification. For example Cisco ASA / Pix have to run pretty old code to get EAL 4 cert. my US$.02

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Sun, Feb 21, 2010 at 03:35:32PM -0800, Michael Dexter wrote: Thank you Seth and Brooke for materializing and putting on a great OpenBSD booth at SCaLE in Los Angeles. Seth and Brooke? I know those two! Good people. -- Darrin Chandler| Phoenix BSD User Group | MetaBUG

Re: OpenBSD Volunteer needed today in Los Angeles - Solved!

On Sun, Feb 21, 2010 at 8:39 PM, Darrin Chandler dwchand...@stilyagin.comwrote: On Sun, Feb 21, 2010 at 03:35:32PM -0800, Michael Dexter wrote: Thank you Seth and Brooke for materializing and putting on a great OpenBSD booth at SCaLE in Los Angeles. Seth and Brooke? I know those two! Good