STO_EXT 1.1 - AA for Linux needed.

commoncriteria / application

Protection Profile for Application Software

The Unlicense

9 stars 3 forks source link

STO_EXT 1.1 - AA for Linux needed. #75

Closed bourdett closed 9 years ago

bourdett commented 9 years ago

AA was added.

zsmi commented 9 years ago

Is this currently finished? It went from TBD to The Linux platform currently does not have suitable encryption services built-in, so applications on it satisfy this requirement by default. Now it says "The evaluator shall verify that all keys are stored with GNOME Keyring or KDE KWallet." I thought we weren't using this wording

jeffblank commented 9 years ago

I don't think this has been sufficiently researched. What if X Windows is not installed, for example? Kernel keyrings are a thing. What are they used for?

jeffblank commented 9 years ago

Let us do a little research and then ask Red Hat.