[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <d3e0607e0608260332p202912det373e7fc1ad2523dd@mail.gmail.com>
Date: Sat, 26 Aug 2006 12:32:22 +0200
From: "Nguyen Pham" <nguyen.petronius@...il.com>
To: pen-test@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Cc:
Subject: CC evaluation
Hi all,
Could you please give your comments on the following point:
"CC is an evaluation of design methods, not an evaluation of security
functionality. It is the system development process that is being evaluated,
not the system itself. This means that the given EAL only states whether a
larger enough pile of paperwork over the design process exists or not. The
correctness and importance of those papers doase not even have to be
verified and examined".
Thanks for your helps,
Nguyen Pham.
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists