Date: Fri, 21 Jan 2000 10:48:25 -0600 From: Tom Haigh <tom_haigh@securecomputing.com> To: securedistros@nl.linux.org Subject: Secure Computing's Plans for Type Enforced Linux I just posted the following message to the open-source discussion group at SRI. It belongs here as well. --Tom It is past time for me to jump into this discussion. Secure Computing is commited to being a responsible, contributing member of the open source community. One of the conditions of accepting the contract from NSA was that we be able to make the results of the contract available to the community. I have appended a portion of a FAQ that we released internally on the topic. I will also say that our legal folks are still looking at the best way to do this. Needless to say, we are not excited about other vendors coming up with proprietary versions of type enforcement. We believe that opening up the TE work to the broader community will be a win for all of us. The proposals made by Brian Witten and Richard Stallman are very interesting to us, and I want to explore those more out of band with anyone who is interested. When we have figured out just how to handle this, I will post the resolution here. We appreciate the interest that you all have shown and the good suggestions that have been made. Thanks very much. Tom Haigh, CTO Secure Computing Corp. 2675 Long Lake Road Roseville, MN 55343 651-628-2738 haigh@securecomputing.com Question 5: What about the open source licensing? What does this mean for your Type Enforcement technology on Linux? It is our intention to be an active, responsible member of the open source community. We will work with partners to develop new product offerings that will benefit our customers, our partners, and us. Our modifications to Linux will consist of: - strong policy enforcement code which is in the kernel itself, - a flexible policy engine which is structured as a separate module We will open source all the modifications to the kernel as well as deliver a general-purpose security policy engine. We are still defining the exact functionality of this engine, but it will support a broad set of basic applications, it will be functional and it will be complete enough to enable the Linux community to develop other policy engines. We hope that others will choose to enhance this engine and/or develop their own policy engines that are optimized for their purposes. Separately, we will use Linux and develop Linux policy engines for our own products, such as Sidewinder. These policy engines will remain proprietary to Secure Computing. - Securedistros: A common list for all secured Linux distributions Archive: http://humbolt.nl.linux.org/lists/