From: Ray Arachelian <sunder@brainlink.com>
Date: Thu, 8 May 1997 06:53:25 +0800
To: cypherpunks@toad.com
Subject: Re: [NTSEC] 64-bit En/Decryption speed (fwd)
Message-ID: <Pine.SUN.3.91.970507182059.999L-100000@beast.brainlink.com>
MIME-Version: 1.0
Content-Type: text/plain



---------- Forwarded message ----------
Date: Wed, 7 May 1997 14:17:55 -0400
From: Craig Nulan <Craig.Nulan@ccmail.irs.gov>
To: Bill Stout <stoutb@pios.com>, ntsecurity@iss.net
Subject: Re: [NTSEC] 64-bit En/Decryption speed

          577 Mghz
          No hardware abstraction layer
          The native platform on which NT was developed

          No need to validate beyond this.  10 times or faster.

          The DEC marketing rhetoric re: Alphas, is fairly reliable,
          unlike Microsoft's representations re: NT security.

          Has anyone else on this list examined the apparent demise of
          TCSEC product evaluations?  Anyone else questioned why MS
          failed to keep NT in the RAMP process subsequent to getting
          version 3.5 C2 certified in a workstation configuration?

          Does it strike anyone else as odd that the U.K.'s ITSEC
          product evaluations are vendor sponsored, vendor scheduled,
          and conducted in private test environments?

          Does anyone believe that NT can ever be restructured
          into a general purpose operating system?  A secure, general
          purpose O/S?

          Two URL's you'll want to remember.

          csrc.nist.gov  - here you'll want to look at the the `94 and
          `95 annual reports (and meeting minutes) of the Computer
          Security and Privacy Advisory Board

          www.ecma.ch - where you can read first hand how security
          evaluation criteria are evolving

          Could it be that it's time to consider NT security from the
          perspective of the forest rather than from the perspective
          of endless little leaves on endless expanses of trees?