Russ,
Thanks for the link. I had a quick look at them and I have noted that contrary to the NIST CIMC PP, which as indicated in my previous Email created new security functional requirements even for key management, the SPYRUS CIMS PPs contain no security functional requirements whatsoever about cryptographic functionality. Each SPYRUS's PP contains the same statement, "I haven't got a clue" when addressing Common Criteria requirement statements about cryptographic support. Does SPYRUS plan to add some security functional requirements from the Class FCS on cryptographic support in a future version of its PPs?
Reagards,
Francois
___________________________________
Francois Rousseau
Director of Standards and Conformance
Chrysalis-ITS
1688 Woodward Drive
Ottawa, Ontario, CANADA, K2C 3R7
frousseau@chrysalis-its.com Tel. (613) 723-5076 ext. 419
http://www.chrysalis-its.com Fax. (613) 723-5078
-----Original Message-----
From: Russ Housley [mailto:housley@spyrus.com]
Sent: Wednesday, June 21, 2000 10:48 PM
To: FRousseau@chrysalis-its.com
Cc: ghilborn@csc.com; jean.med@arabtrust.com; ietf-pkix@imc.org
Subject: RE: certification for pki
Please take a look at the protection profiles being proposed by SPYRUS. You can find them at http://www.spyrus.com/documents/cims. We have released the Level 3 profile to ANSI X9 as a strawman for a financial industry protection profile.
Russ
[snip]