NIAP: Labgram #52 - Labgram #52/Valgram #73 - Update Scheme Publications and Policy Letters
NIAP/CCEVS
  NIAP  »»  Resources  »»  LabGrams  »»  ID No. 52  

Labgram #52/Valgram #73 - Update Scheme Publications and Policy Letters

All,

In preparation for the upcoming Voluntary Periodic Assessement (VPA) of CCEVS, all of our Scheme Publications and Policy Letters were reviewed and revised where necessary. The pulications had major revisions and therefore will need to be read in their entirety. The changes made to the policies are outlined below.

Policy 1 – Language in STs, ETRs, VPL & VRs – remained the same

Policy 2 – Reuse of Previous Evaluation Results & Evidence – remained the same

Policy 3 – TOE Security Targets Claiming Conformance to Protection Profiles – updated/re-dated it to remove statement that we would accept evaluations against draft PPs

Policy 4 – Inactive Evaluations – was updated/re-dated – made some wording changes to a & b

Policy 6 – Location of CCTL Evaluation Testing Activities - rescinded since we added that info to the appropriate Pub 4

Policy 7 – Evaluation Conflict of Interest - rescinded since we added the info from it to Pubs 1 and 4

Policy 8 - Rules for Component Evaluations under CCEVS – was transferred onto letterhead to match format of all other policy letters, no content changes made.

Policy 9 – Crypto in Common Criteria Evaluations – remains the same for now

Policy 10 – Acceptance of Security Targets (STs) Into NIAP CCEVS Evaluation – updated/re-dated with some minor wording changes on VORs –

Addendum to Policy 10 - rescinded

Policy 11 – Candidate CCTL Policy – remained the same

Policy 12 – Letter of Interest for CCEVS Evaluations – updated/re-dated with minor wording corrections

Policy 13 – Acceptable TOE’s for Evaluation and it’s Addendum – remained the same

Policy 15 – Mandatory Inclusion of Audit Generation Functionality in TOEs – updated/re-dated with minor word changes

Policy 16 – Validator Oversight Review (VOR) Scheduling Priorities – remained the same

Policy 17 – Effects of Vulnerabilities in Evaluated Products – remained the same

Policy 18 – Time Limits on CCEVS Evaluations – remained the same

Policy 19 – Requirements for Evaluations with Components above EAL 4 – updated/re-dated para 2 was modified to say CCTLs had to create methodologies where there were none

Thanks,


NIAP CCEVS Staff
410-854-4458 office
410-854-6615 fax


Posted on 2008-09-11 by NIAP Staff

 
Site Map              Contact Us              Home