How can the NDcPP certification report be used to select the suitable equipment for different data classification levels?

Data can be classified differently. How could the NDcPP certification report of a product be used to determine suitable equipment for the required data classification?
For an example, where to look in the NDcPP report to determine the suit… Continue reading How can the NDcPP certification report be used to select the suitable equipment for different data classification levels?

Does defining "a minimum path length" for certification validation have any security benefit?

As you may know, Common Criteria (AKA ISO/IEC15408: A standard for IT Security Evaluation) have provided some security base-line documents named "Protection Profile" for software developers and product manufacturers. Developers a… Continue reading Does defining "a minimum path length" for certification validation have any security benefit?

Validate the conformance of an OpenSSL created certificate with FIPs standards

Trying to test the conformance of the certificates inside our application, with the below requirement:

The application shall [selection: invoke platform-provided
functionality, implement functionality ] to generate asymmetric
cryptographi… Continue reading Validate the conformance of an OpenSSL created certificate with FIPs standards