Introductory Message for May Postings

Subject: Introductory Message for May Postings
From: "NIAP Interpretations Board" <ccevs-nib@nist.gov>
Date: Tue, 13 May 2003 10:31:06 -0700
Content-description: Mail message body
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=US-ASCII
Priority: normal
Reply-to: cc-cmt@nist.gov

[version 7 2003-05-13]

Greetings to readers of the CC-CMT list from the CCEVS NIAP Interpretations
Board (NIB)

The purpose of this message is to alert readers that the NIB will soon be
posting the latest set of proposed NIAP interpretations (NIs) that it has
developed under the CCEVS scheme.  Because of the importance of a public
discussion of proposed NIAP interpretations, the NIB is soliciting comments on
these proposed NIs in the form of postings on this list.

In commenting on the proposed NIs, please remember that this list is for
NON-PROPRIETARY discussions only.  Please do NOT post any proprietary
information here.  Please contact CCEVS management at the email addresses
identified below if you have proprietary information that you believe is
relevant to any of the proposed NIs posted here.

This list is archived and postings are saved in the NIST listproc archive at:

(http://www.nist.gov/itl/div896/emaildir/cc-cmt/maillist.html).

To assist readers in reviewing the proposed NIs, the following information is
provided.

NIAP INTERPRETATIONS

One of the responsibilities of the NIB is the development of NIAP
interpretations (NIs) of the Common Criteria (CC) and the Common Evaluation
Methodology (CEM).  The sources of NIs include (1) issues that are raised from
interim decisions produced by CCEVS for individual evaluations (called
Observation Decisions), and (2) sections of the CC and CEM that the NIB has
found to be confusing based on its review during NIB meetings.  As part of the
NI development process, the NIB distributes the proposed NIs on this list for
public review and comment.

POSTING INFORMATION

The following describes each section of a proposed NI posting:

NUMBER

The NIB maintains a database (called the "NIB/IWG Queue") of the CC-related and
CEM-related issues that it is investigating. Whenever the NIB identifies a new
issue, that issue is assigned a number of the form "I-nnnn" and added to the
Queue.  NIB members develop NIs from the issues in the Queue.  The
"I-nnnn" number associated with an NI is the number of the associated issue in
the IWG Queue.

Note that the order in which the NIB works on Queue entries is not the same as
the order in which issues are added to the Queue.  Consequently, the "I-nnnn"
numbers of proposed NIs posted on this list will not necessarily be in
sequential order.

Approved NIs (and other publicly available Queue entries) are available at
the following site:

http://niap.nist.gov/cc-scheme/PUBLIC/index.html

STATUS

Each entry in the IWG Queue is assigned a status that indicates the proposed
NI's progress through the NI development process.

When a Queue entry is ready for public review, it is assigned a status of
"Posted for External Review" and posted to this mailing list.  Thereafter, it
remains publicly viewable, although its status may change to one indicating
that the Queue entry is undergoing revision or a new review, that it has
become a NIAP interpretation, or that it has been superseded, withdrawn,
or tabled.

TYPE

There are three types of interpretations that will be posted for public
review: NIAP Interpretations (discussed above), Guidance, and Requests for
Interpretation.

Guidance entries attempt to clarify a Common Criteria or a CEM issue, but do
not result in any changes to the document. They are similar in some sense to
Predecent Decisions issues from CCEVS ODs. 

Sometimes a CC or CEM issue is identified that the NIB is unable to resolve
through an NI.  In this case, the NIB will submit a Request for Interpretation
(RI) to the Common Criteria Interpretation Management Board (CCIMB), the
international body responsible for CC and CEM interpretations.  Similarly to
NIs, the NIB will post RIs to this list for public review and comment prior to
submitting them to the CCIMB.

TITLE

This entry provides the title of the proposed NI (or RI).

COMMENTS DUE DATE

This section indicates the date by which the NIB will accept public comments
for the posting.  This date is usually a few days prior to the NIB's next
meeting.  Readers of the list should provide their comments by this date so
that the NIB can consider them during its meeting.

If a public reviewer wishes to make a comment privately, it should be mailed
to Daniel Faigin, the NIB recordkeeper, at faigin@aero.org, in a form
suitable for the NIB to post as an anonymous comment to the list at large.

SOURCE REFERENCE

Citations of the Common Criteria and/or the Common Evaluation Methodology
(CEM) sections affected by, or related to, this proposed NI or RI.

RELATED TO

This entry identifies other Queue entries related to the proposed NI.

ISSUE

This section provides a short and succinct statement of the issue.

STATEMENT OF INTERPRETATION

This section provides a high-level statement of the proposed NI.

SPECIFIC INTERPRETATION

This section describes the specific changes to be made to the source criteria
(i.e., CC and/or CEM) to address the NIAP interpretation.  These changes
to the source criteria may result in modifications to existing CC classes, CC
families, CC components, CC elements, CC EALs and/or CEM work units; or they
may result in the addition of new CC classes, CC families, CC components, CC
elements, CC EALs, and/or CEM work units.

To clarify the CC or CEM sections that have been modified or to which new
information has been added, the NIB has developed a labeling convention.  A
description of the labeling convention is available at the following URL:

http://www.nist.gov/itl/div896/emaildir/cc-cmt/msg00017.html

Note: Criteria changes in approved interpretations are to be treated as
explicitly stated requirements. CCEVS Scheme Policy is that the interpretation
development process (the IWG and superseding processes) and the content of the
interpretation provides an equivelent level to the APE_SRE/ASE_SRE evaluation
for the changes. When the criteria changes from an interpretation are used in
a PP or ST, no justification other than indicating the changes arise from an
approved CCEVS interpretation are required.

PROJECTED IMPACT

This section identifies anticipated impacts of the NIAP interpretation on
future evaluations, from the point of view of the validation community. There
may be additional impacts on developers not captured in this statement.

SUPPORT

This section provides supporting information and rationale behind the NIAP
interpretation.

CCEVS MANAGEMENT CONTACTS

CCEVS management can be contacted at the following email address:

Jean Schaffer, Director, CCEVS Validation Body:  jhschaf@missi.ncsc.mil
Prev by Date: =?GB2312?B?1PnK1NPD06rP+sa9zKg=?= 12:53:52:910
Next by Date: I-0464: Conditional Requirements
Prev by thread: Re: I-0464: Conditional Requirements
Next by thread: RE: Introductory Message for May Postings
Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov