Re: How to write assumptions
- Subject: Re: How to write assumptions
- From: "Dr.Ir. D.J. Out" <firstname.lastname@example.org>
- Date: Thu, 03 Apr 2003 08:05:58 +0200
- Content-Transfer-Encoding: 7bit
- Content-Type: text/plain; charset=us-ascii; format=flowed
- Organization: TNO-ITSEF BV
- References: <009c01c2f996$c36ee2f0$0915a8c0@yokota>
- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9) Gecko/20020408
YOKOTA HIROFUMI wrote:
> I am very sorry for my careless excerpt of the sample assumption.
> I apologize that "Secure host communications" was just a title and not the
> full statement of the assumption.
> The full statements of the assumption in the PP are:
> If the host establishes a secure connection between itself and the TOE that
> conforms to the requirements imposed by the TOE, the host, including code
> security data it contains, is assumed to be trusted.
> The host may have the capability to establish a secure communication channel
> with the TOE. This is typically accomplished through shared private keys,
> public/private key pairs, and/or generation of local keys derived from other
> stored keys. When such a sucure link is established, the TOE may assume the
> host to be adequately secure for trusted communications. The host is
> considered to be beyond the scope of this PP.
> There is no probem in the assumption about the sufficiency.
> We could learn the good description here. Is it?
Yes. This is definitely sufficient in level of detail. The first
paragraph would already be sufficient (in my opinion) and the second
paragraph makes it even clearer what is meant.
TNO ITSEF BV
P.O. Box 96864 tel +31 70 374 0304
2509 JG The Hague fax +31 70 374 0651
The Netherlands www.commoncriteria.nl
Date Index |
Thread Index |
Problems or questions? Contact email@example.com