NIAP: NIAP CCEVS Announcements
NIAP/CCEVS
  NIAP  »»  Announcements  »»  NIAP Announcements  
NIAP Announcements

  Call for Participants in the Authentication Server Technical Community (23 August 2021)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the Authentication Server Extended Package (EP) to a PP-Module. Members of this TC are expected to provide technical input to support Multi-Factor Authentication (MFA) and incorporating Technical Decisions (TDs).

Please note: If you are already a member of this Technical Community, there is no need to re-apply.

All interested parties should contact NIAP/CCEVS at TC-AuthSvr-Staff@niap-ccevs.org providing the information listed below for each potential participant:

·       Name

·       Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)

·       Telephone number

·       Email address

·       A brief statement of the qualifications for participation in the TC

NIAP plans to hold the Kick-Off meeting on 15 September 2021 at 1100 Eastern. We look forward to your participation!

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1262

  PP-Module for VPN Client v2.3 Published! (10 August 2021)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile-Module for Virtual Private Network (VPN) Clients, Version 2.3. This is a minor update to align with changes to MDF PP v3.2 and the BlueTooth PP-Module, and incorporates all applicable Technical Decisions. 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1261

  NIAP Progress Report - Second Quarter 2021 (03 August 2021)

See the NIAP Second Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases. 

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1260

  Call for Participants in Virtual Private Network (VPN) Client and VPN Gateway Technical Community (15 July 2021)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the VPN Client and VPN Gateway (GW) PP-Modules.  Members of this TC are expected to provide technical input to update the Modules to incorporate two-factor authentication.

Please note: If you are already a member of this Technical Community, there is no need to re-apply.

All interested parties should contact NIAP/CCEVS at TC-VPNClient-Staff@niap-ccevs.org and/or TC-VPNGW-Staff@niap-ccevs.org, providing the information listed below for each potential participant:

·       Name

·       Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)

·       Telephone number

·       Email address

·       A brief statement of the qualifications for participation in the TC

NIAP plans to hold the Kick-Off meeting on 3 August 2021 at 1100 Eastern. We look forward to your participation!

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1259

  NIAP Policy #5 FAQ and Certificate Reporting Template (CRT) Updated (29 June 2021)

 

The NIAP CCEVS Policy #5 Frequently Asked Questions (FAQ) and Certificate Reporting Template (CRT)  have been updated and published to the NIAP website. These documents provide clarification and guidance of how NIST's algorithm and module validations are determined to be acceptable evidence for meeting some PP/cPP assurance activities.

 

The documents can be found here:  https://www.niap-ccevs.org/Documents_and_Guidance/policy.cfm

If you have any questions or concerns, please contact us by email 
niap@niap-ccevs.org.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1258

Previous Announcements

  Virtualization Protection Profile v1.1 and PP-Modules for Client and Sever Virtualization v1.1 Published! (17 June 2021)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Virtualization Protection Profile, Version 1.1 (VIRTUALIZATION PP), PP-Module for Client Virtualization, Version 1.1 (CV PP-Module), and PP-Module for Server Virtualization, Version 1.1 (SV PP-Module).  The Virtualization PP was modified to align with the new PP-Modules and update audit requirements. In addition, all applicable NIAP Technical Decisions were incorporated. The changes to the PP-Modules were limited to converting the CV and SV Extended Packages to PP-Module format for use with the new version of the Base-PP, and incorporating all applicable Technical Decisions. 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1257

  Call for Participants in Wireless Local Area Network (WLAN) Technical Community (09 June 2021)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the Wireless LAN Access System (WLAN AS) and Wireless LAN Client (WLAN Client) PP-Modules V1.0.  Members of this TC are expected to provide technical input to update the Modules to incorporate Wi-Fi Protected Access 3 (WPA3).

Please note: If you are already a member of this Technical Community, there is no need to re-apply.

All interested parties should contact NIAP/CCEVS at tc-wlan-staff@niap-ccevs.org, providing the information listed below for each potential participant:

  • Name
  • Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
  • Telephone number
  • Email address
  • A brief statement of the qualifications for participation in the TC

NIAP plans to hold the Kick-Off meeting on 23 June 2021 at 1100 Eastern. We look forward to your participation!

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1256

  Call for Participants for Transport Layer Security (TLS) Technical Community (08 June 2021)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the Functional Package for Transport Layer Security (TLS).  Members of this TC are expected to provide technical input to update the Package to include requirements for TLS v1.3 and deprecate support for versions prior to TLS v1.2.

Please note: If you are already a member of this Technical Community, there is no need to re-apply.
 
All interested parties should contact NIAP/CCEVS at tc-tls-staff@niap-ccevs.org, providing the information listed below for each potential participant:

  • Name
  • Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
  • Telephone number
  • Email address
  • A brief statement of the qualifications for participation in the TC


NIAP plans to hold the Kick-Off meeting on 22 June 2021 at 1100 Eastern. We look forward to your participation!

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1255

  PP-Module for Intrusion Prevention Systems (IPS) Published! (20 May 2021)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for Intrusion Prevention Systems (IPS), Version 1.0. 

Changes were limited to converting the IPS Extended Package to PP-Module format for use with the current versions of the Base-PP (NDcPP v2.2e) and incorporating all applicable Technical Decisions. 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1254

  NIAP Progress Report - First Quarter 2021 (18 May 2021)

See the NIAP First Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases. 

Read the report here.

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1253

  Functional Package for Secure Shell (SSH), Version 1.0 Published (17 May 2021)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Functional Package for Secure Shell (SSH), Version 1.0. NIAP converted the SSH Extended Package (EP) to a Functional Package (FP) for easier use with PPs and PP-Modules and updated the SFRs/EAs to match current best practices with respect to the SSH protocol. Notable changes include the removal of SHA-1, the addition of audit events, and all applicable NIAP Technical Decisions were incorporated.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1252

  Mobile Device Fundamentals Protection Profile v3.2 and Bluetooth PP-Module v1.0 Published! (16 April 2021)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Mobile Device Fundamentals Protection Profile, Version 3.2 (MDF PP) and the PP-Module for Bluetooth (BT PP-Module), Version 1.0.  The MDF PP was modified to utilize both the TLS Functional Package and the new BT PP-Module. In addition, all applicable NIAP Technical Decisions were incorporated.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1251

  NIAP 2020 Annual Report (13 April 2021)

See the NIAP 2020 Annual Report to learn about NIAP accomplishments and activities in 2020.  Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1250

  Implementation Guidance for Policy Letter #28 Published (15 March 2021)

NIAP has published implementation guidance for Policy Letter #28, Use of evaluated Dedicated Security Components (DSCs) in Common Criteria Evaluation and Validation Scheme (CCEVS) evaluations.  This document provides guidance on the production and use of documentation from the DSC and dependent technology evaluation efforts, and the activities that need to be performed in order for the evaluation of the “Composed TOE” to be accepted by NIAP. Please contact NIAP with any questions.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1249

  PP-Module for VPN Clients (VPN), Version 2.2 Published! (05 January 2021)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for VPN Clients (VPN), Version 2.2.

This updated version resolves numerous inconsistencies and conflicts for evaluations of standalone VPN applications (e.g VPN Client PP-Module with the Application Software PP as its Base-PP).  Specifically, the updates for standalone VPN Client apps allows the TOE to rely on the platform for its cryptographic primitives, but the TOE must provide all the IPsec functionality. This ensures the client application provides applicable VPN security functionality while still allowing the application to leverage the platform capabilities.  Other changes include adding MDM Version 4.0 as an applicable Base-PP, incorporation of all published TDs, and updates to the CC format for PP-Modules (added rationale sections).

 

 

 

 

 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1248

  NIAP Progress Report - Third Quarter 2020 (09 December 2020)

See the NIAP Third Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1247

  New Scheme Policy Letter #28 Published (07 December 2020)

NIAP has issued Policy Letter #28, Use of evaluated Dedicated Security Components (DSCs) in Common Criteria Evaluation and Validation Scheme (CCEVS) evaluations.  Please review and contact NIAP with any questions.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1246

  PP-Module for Enterprise Session Controller (ESC), Version 1.0 Published (04 December 2020)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for Enterprise Session Controller (ESC), Version 1.0. 

Changes were limited to converting the ESC Extended Package to PP-Module format for use with the current versions of the Base-PP (NDcPP v2.2e) and incorporating all applicable Technical Decisions. 

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1245

  NIAP publishes the Protection Profile Module for VVoIP, Version 1.0 (29 October 2020)

NIAP has published the PP-Module for Voice and Video over IP (VVoIP), Version 1.0, its Supporting Document, and a PP-Configuration to the NIAP-Approved PP List.  Products may now be evaluated against the PP-Configuration for Application Software and Voice/Video over IP
(VVoIP) Endpoints, Version 1.0, dated 28 October 2020. Changes were limited to converting the VVOIP Extended Package to PP-Module format for use with the current versions of the Base-PPs (APP v1.3) and (NDcPP v2.2e) and incorporating all applicable Technical Decisions. 

In addition, NIAP is developing the necessary iTC required documentation to request the VVOIP PP-Module be added to the allowed-list for NDcPP v2.2e. Once approved, the PP-Configuration will be published.

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1244

  PP-Modules for EDR and EDR Host Agent Published (27 October 2020)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for Endpoint Detection and Response (EDR), Version 1.0 and the PP-Module for Host Agent (HA), Version 1.0. These PP-Modules are the first in a new series of Enterprise Security Management (ESM) PPs to be developed.

The PP-Modules may be found here: https://www.niap-ccevs.org/Profile/PP.cfm

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1243

  PP-Module for Wireless Intrusion Detection/Prevention Systems (WIDS/WIPS), Version 1.0 Published (16 October 2020)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for Wireless Intrusion Detection/Prevention Systems (WIDS/WIPS), Version 1.0.

This PP-Module replaces the Extended Package for Wireless Intrusion Detection/Prevention Systems (WIDS/WIPS), Verison 1.0. This update included conversion to PP-Module format, incorporation of TDs, requirement updates to provide more clarity, and alignment with the Capability Package (CP) Annex for WIDS in support of wireless monitoring efforts.

The PP-Module may be found here: https://www.niap-ccevs.org/Profile/PP.cfm

direct link to this item: https://www.niap-ccevs.org/Announcements/announcements.cfm#ann1242
Site Map              Contact Us              Home