Mailinglist Archive: opensuse (3637 mails)

< Previous Next >
Common Criteria and ITSEC (BSxxyy, etc..), Free Beer vs. Free Speech
  • From: Stefano Papini <stefano.papini@xxxxxxxxxxxxxxxx>
  • Date: Fri, 18 May 2001 10:01:59 +0100
  • Message-id: <3B04F317.1EDE2576@xxxxxxxxxxxxxxxx>
Hello,
I apologize for the priority but I think that this is a big issue,
indeed.

I recently learned that italian PA (Public Administration) is defining a
law (or sort of) about the informative systems which can be adopted for
its purpouse, by asking the systems the compliance with some level (I
think EAL2) of Common Criteria (CC), or European equipollents (ITSEC, or
BS (British Standards)).

I was told that it was recently stated on the web that Linux solutions
wouldn't be compliant to such criteria, above all for what addresses the
user "policy" (or something like that).

Can somebody point me to some useful direction towards this issue?
Do anybody know whether a Linux system can or has been certified versus
CC?

I think that this lack of certification is given by the lack of
interest, or absence of motivation, by the Linux community rather than
by technical limits.

I think, of course, that the compliance to these international
certification criteria should be considered as an essential feature in
order not to limit the diffusion of Linux systems and "free software"
(in the sense of freedom, of course) also in PA which is a "strategic"
area of users.

Of course the same PA, and the State, should be the first instituion
sponsoring Free Software, just to guarantee the accessibility to all
citizens to the services proivided (first of all about the
documentation).

Please if you have any information, let's cohordinate a project aimed to
"raise" the problem towards the international community, asking for
support of EU, Free Software Foundation, ...

Thanks a lot,
Ste

< Previous Next >