Certification Updates Archives - Page 6 of 6

Updates from the Joint CCDB/CCUF Workshop

4th February 20201st October 2013

It’s always great to get together with others from our industry to discuss advances and collaborate on moving processes forward for Common Criteria. Last month, several of us had the opportunity to work with colleagues from around the world at two separate events in Orlando, Florida. A group of us spent the first two weeks of September in Orlando, as Corsec sent multiple…

New FIPS 140-2 IG Update Released: What You Need to Know

21st July 201715th August 2013

In our recent post we talked about the recent changes to Common Criteria, FIPS, and UC APL, and the importance of putting these changes in context for your business. Today we have another change to tell you about. On July 25, CMVP issued an update to the FIPS 140-2 Implementation Guidance(IG). No matter where your module is in the…

But the Rules are Changing!

21st July 201725th July 2013

According to the ancient Greek philosopher Heraclitus, “There is nothing permanent except change.” As anyone following security certifications lately can tell you, there is a lot of truth in this statement. We have entered another …

Budgeting for Certifications: Avoid Cost Creep

10th January 201830th May 2013

Budgeting for a Common Criteria Certification can be difficult, but it’s not impossible. Understanding how to create your certification budget, and taking the necessary steps to follow through with that budget, can reduce your costs and simplify the certification process. We are frequently asked, “How much does certification cost…

New Discoveries at 2013 RSA Data Security Conference

4th February 20207th March 2013

We have completed another marathon week in San Francisco at the annual RSA Data Security Conference. For many in our industry, Corsec included, this conference continues to be an important place to gain new insights, visit with customers and partners, and attend meaningful talks.

What You Need to Know about FIPS 140-2, OpenSSL, and the new IG Requirement

27th August 20155th March 2013

You may have heard about the new interpretation of the mandatory requirement in Section 9.5 of the Implementation Guidance (IG) document, a key component of FIPS 140-2 documentation issued by the Cryptographic Module Validation Program (CMVP). This interpretation is causing conflicts with the architecture of the OpenSSL validations and how OpenSSL’s validation applies to customers using their software.