From: futplex@pseudonym.com (Futplex)
Date: Mon, 2 Oct 95 01:11:28 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: C2 Evaluation of Win NT (was: Hack Microsoft?)
In-Reply-To: <199509260404.AAA14297@clark.net>
Message-ID: <199510020811.EAA28491@giane.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Ray writes:
>    Microsoft recently got C2-security status approved for Windows NT by
> the National Computer Security Center, a division of the NSA. 

Do you have a pointer to a source for this information ?  I've been searching
through NCSC Orange Book stuff and M$'s web server, to no avail. 
http://www.microsoft.com/BackOffice/techbriefs/tech4000.htm, the Win NT Server
3.5 Technology Brief, only says that NT was in the final evaluation phase as
of June 1995. 

I haven't been able to find on-line copies of any NCSC Product Evaluation
Bulletins, or a current Evaluated Products List. The closest I've seen is
http://www.itd.nrl.navy.mil:80/ITD/5540/xtp1/epl.html, which lists items
evaluated or under evaluation, at the A and B levels.

The status of NT's evaluation for C2 is a recurrent topic on the firewalls
list, so I'm surprised I haven't seen the final approval mentioned there.

-Futplex <futplex@pseudonym.com>