| From: | Ron Mayer <rm_pg(at)cheapcomplexdevices(dot)com> |
|---|---|
| To: | Eric McDonald <norbus(at)hotmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Postgres DOD Certification Common Criteria Level |
| Date: | 2011-01-02 22:12:33 |
| Message-ID: | 4D20F851.9060604@cheapcomplexdevices.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Eric McDonald wrote:
> Greetings All:
>
> Does anyone here have any insight on to what EAL level Postgres is at
> for DOD/Military installations? I see that there's an SE-Linux
> fortified version on the Wiki, but no certifications are listed in the
> contents.
>
> Any direction to certifications, STIG, or otherwise would be greatly
> appreciated--
Well, there's an (ancient) 8.1.5 which NTT got certified at EAL1
back in 07.
You can go here: http://www.commoncriteriaportal.org/products/
and expand "Databases" to see it.
It seems like there are some proprietary forks on the list
as well, at much higher levels (EAL4+); but I guess these
forks have diverged quite a bit.
I guess I'd be somewhat surprised to see the community
version on the list, since Wikipedia claims that getting
such certifications cost millions even back in the 90's.
http://en.wikipedia.org/wiki/Evaluation_Assurance_Level
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Schmidt | 2011-01-02 22:22:14 | CSV-bulk import and defaults |
| Previous Message | Adrian Klaver | 2011-01-02 19:22:02 | Re: problem updating from form |