NIAP Progress Report - Third Quarter 2023 (29 November 2023)
See the NIAP Third Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases. Read the Report Here
NIAP SBOM Policy Review (24 November 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) has released draft SBOM policy documents and an accompanying comment matrix to the CCUF portal. If you are interested in providing feedback please send your completed comment matrix to SBOM_team@niap-ccevs.org by COB December 8th.
Also, if you'd like to be added to the NIAP SBOM information alias, please send your request to SBOM-staff@niap-ccevs.org.
Call for Participants in the Retransmission Device Technical Community (07 November 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be a part of the Retransmission Device (RD) Technical Community (TC). Members of this TC are expected to provide technical input to develop a baseline set of security requirements for inclusion in the RD Protection Profile and support the RD requirements in the Commercial Solutions for Classified program's Mobile Access Capability Package.
For more information regarding the new Protection Profile, please view the Essential Security Requirements (ESR) document here.
All interested parties should contact NIAP/CCEVS at tc-rd-staff@niap-ccevs.org, providing the information listed below for each potential participant:
• Name
• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
• Telephone number
• Email address
• A brief statement of the qualifications for participation in the TC
The initial kick-off meeting will commence December 7, 2023. We look forward to your participation!
Call for Participants in the SDN Technical Community (18 October 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be a part of the Software Defined Networking (SDN) Technical Community (TC). Members of this TC are expected to provide technical input to develop a baseline set of security requirements for inclusion in the SDN Protection Profile.
All interested parties should contact NIAP/CCEVS at tc-sdn-staff@niap-ccevs.org, providing the information listed below for each potential participant:
• Name
• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
• Telephone number
• Email address
• A brief statement of the qualifications for participation in the TC
We look forward to your participation!
PP-Module VPN Gateway v1.3 Published! (05 September 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile-Module for Virtual Private Network (VPN) Gateway, Version 1.3. Notable changes include fixing issues with multifactor authentication and applying all applicable NIAP Technical Decisions.
Previous Announcements
Call for Participants in the x509 Technical Community (24 August 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the development of the x509 Functional Package. Members of this TC are expected to provide technical input to unify the FIA_x509 requirements.
All interested parties should contact NIAP/CCEVS at tc-x509-staff@niap-ccevs.org, providing the information listed below for each potential participant:
• Name
• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
• Telephone number
• Email address
• A brief statement of the qualifications for participation in the TC
We look forward to your participation and will hold a kickoff meeting on 12 September 2023 at 1100 EST.
NIAP Progress Report - Second Quarter 2023 (10 August 2023)
See the NIAP Second Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases. Read the report here.
NIAP Progress Report - First Quarter 2023 (11 May 2023)
See the NIAP First Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases. Read the report here.
Cryptographic Technical Community Kickoff on 12th of April, 1100 EST (07 April 2023)
The kickoff meeting for the Cryptographic Technical Community will take place on the 12th of April at 1100, EST. If you previously sent your interest and did not receive confirmation, please resend your request to tc-crypto-staff@niap-ccevs.org as per the previous announcement (https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann1287).
New Scheme Policy Letter #29 Published (31 March 2023)
NIAP has issued Policy Letter #29, Certificate Maintenance Length of Common Criteria Evaluation and Validation Services (CCEVS) Evaluations. Please review and contact NIAP with any questions.
PP-Module for MACsec Ethernet Encryption V1.0 Published! (02 March 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for MACsec Ethernet Encryption V1.0. This was a minor update to align with Network Device cPP v2.2e, add updates requested by the Australian Certification Authority, supports the conversion to PP-Module, and incorporates all applicable NIAP Technical Decisions. This will complete the conversion to PP-Modules for all Extended Packages using ND cPP as a base.
Call for Participants in the Cryptographic Technical Community (23 February 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the development of Cryptographic requirements. Members of this TC are expected to provide technical input to the development and update of cryptographic Security Functional Requirements (SFRs) to incorporate quantum-resistant (QR) algorithms from the Commercial National Security Algorithm (CNSA) Suite 2.0 across multiple NIAP Protection Profiles. These initial QR updates will focus on implementing Leighton-Micali Signatures (LMS) for software and firmware signing, mandating CNSA Suite 1.0 requirements as minimums, and standardizing selections as much as possible.
Additional QR updates will be made in the future for eXtended Merkle Signature Scheme (XMSS) for software and firmware signing, CRYSTALS-Kyber for key establishment, and CRYSTALS-Dilithium for digital signatures. More information can be found in NSA's CNSA Suite 2.0 Cybersecurtiy Advisory (https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF) and FAQ (https://media.defense.gov/2022/Sep/07/2003071836/-1/-1/0/CSI_CNSA_2.0_FAQ_.PDF).
All interested parties should contact NIAP/CCEVS at tc-crypto-staff@niap-ccevs.org, providing the information listed below for each potential participant:
• Name
• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
• Telephone number
• Email address
• A brief statement of the qualifications for participation in the TC
We look forward to your participation and plan to hold a kickoff meeting in late March, 2023.
Call for Participants in the Mobility Technical Community (17 February 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the PP-Module for MDM Agent v1.1. The purpose of this update is to align with the Protection Profile for General Purpose Operating Systems v4.3 and incorporate Technical Decisions (TDs).
Please note: If you are already a member of this Technical Community, there is no need to re-apply.
All interested parties should contact NIAP/CCEVS at TC-Mobility-Staff@niap-ccevs.org providing the information listed below for each potential participant:
· Name
· Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
· Telephone number
· Email address
· A brief statement of the qualifications for participation in the TC
We look forward to your participation!
NIAP 2022 Annual Report (14 February 2023)
See the NIAP 2022 Annual Report to learn about NIAP accomplishments and activities in 2022. Read the report here.
Authentication Server PP-Module V1.0 Published! (25 January 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Authentication Server PP-Module V1.0. This was a minor update to align with Network Device cPP v2.2e, add two-factor authentication, and support the conversion to PP module. In addition, all applicable NIAP Technical Decisions were incorporated.
Functional Package for Transport Layer Security (TLS) Version 2.0 Published (19 December 2022)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Functional Package for Transport Layer Security (TLS) Version 2.0. This update removes TLS 1.1/1.0 and adds TLS 1.3. It also incorporates all applicable Technical Decisions. As new and updated PPs/PP-Modules are published, they will make use of this TLS package, where applicable.
NIAP Progress Report - Third Quarter 2022 (12 December 2022)
See the NIAP Third Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.