LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Red Hat and IBM get certified

Red Hat and IBM get certified

Posted Jun 21, 2007 4:34 UTC (Thu) by ab (subscriber, #788)
Parent article: Red Hat and IBM get certified

To be fair, EAL4 with CAPP certifications were achieved by IBM+RedHat and IBM+Novell for RHEL4 and SLES9 as well, in 2005 and 2006. This certification brings us EAL4+ with CAPP,LSPP, and RBAC. Linux distributions have been on par with Windows EAL-wise for couple of years already, and now RHEL5 is exceeding it.

While it is true that much of work goes into documenting process during certification, I can say that there is substantial development work as well. We've spent 9 months while doing RHEL4 certification in Russia (Russian certification body uses Common Criteria as a standard but doesn't accept existing certificates obtained in other countries), and that included also low-level analysis of the assembly code in several (~10 or so) packages that were different after control rebuilds of RHEL4. Multiply that by architectures (x86, x86_64, ppc64, S/390) and a lot of time spent to explain Linux distribution development process, including build farms and full distro rebuilds, you can get an idea how hard that can be.

The net result is that those certification efforts also bring us to better documentation. For example, High Level Design documents could serve as a good basis for general Linux-based cirricula.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds