[Fed-Talk] [Announce] Common Criteria Certifications - iOS 12 (A8 - A12X)
[Fed-Talk] [Announce] Common Criteria Certifications - iOS 12 (A8 - A12X)
- Subject: [Fed-Talk] [Announce] Common Criteria Certifications - iOS 12 (A8 - A12X)
- From: "Shawn A. Geddis" <email@hidden>
- Date: Wed, 27 Mar 2019 14:49:51 -0700
Common Criteria Certification Interested Communities,
Apple Inc.’s Platform Security Certifications Program has exciting news to
share with you…
Common Criteria Certifications
Common Criteria: Certification References
Related: Common Criteria Certifications
Apple: Knowledge Base References
Review all resources for questions you may have related to the validations and
platform compliance. If you still have any questions related to security
certifications, please direct them to email@hidden
<mailto:email@hidden>.
__________
Common Criteria Certifications
The Apple Platform Security Certifications Program is pleased to announce the
recent certification of iOS 12 against the following Common Criteria Protection
Profiles, PP-Module, and Extended Packages. Apple continues to build and
expand on the previous certifications for iOS 9, iOS 10, and iOS 11.
Platform: iOS 12 on iPhone and iPad (A8 - A12X)
Validation Report: CCEVS-VR-VID10937-2019
<https://www.niap-ccevs.org/Product/Compliant.cfm?PID=10937>
Technology: Mobility, Wireless LAN, Virtual Private
Network
Completion Date: 2019.03.14
Protection Profile(s) / Extended Packages:
— Protection Profile for Mobile Device Fundamentals Version 3.1
<https://www.niap-ccevs.org/Profile/Info.cfm?PPID=417&id=417>
— Extended Package for Mobile Device Management Agents Version 3.0
<https://www.niap-ccevs.org/Profile/Info.cfm?PPID=403&id=403>
— Extended Package for Wireless LAN Client Version 1.0
<https://www.niap-ccevs.org/Profile/Info.cfm?PPID=386&id=386>
— PP-Module for PP-Module for VPN Client Version 2.1
<https://www.niap-ccevs.org/Profile/Info.cfm?PPID=419&id=419>
Note:
With updates to the Biometric SFRs, Face ID was now allowed to be certified for
a 1:1M FAR (False Acceptance Rate).
See “[Explained] iOS 12 CCC — A7” email to understand the removal of A7 based
devices from the iOS 12 Certification.
__________
Common Criteria Certification References
Common Criteria Portal
As noted on the Common Criteria Portal [1], The certification of the security
properties of an evaluated product can be issued by a number of Certificate
Authorizing Schemes [2], with this certification being based on the result of
its evaluation.
The product “Apple iPad and iPhone Mobile Devices with iOS 12” listing and
corresponding link to the Certification Reports, Security Targets and related
Protection Profiles, can be found on the Certified Products [3] page. You can
also go directly to the Common Criteria posting of the Validation Report [4]
and the Security Target [5].
Apple Inc. chose to submit to the US Scheme [NIAP] [6] as the Certificate
Authorizing Scheme. It is important to note that product developers can
achieve certification under any of the 17 Certificate Authorizing Schemes [2].
NIAP has not been nor will it be the only Certificate Authorizing Scheme used
by Apple for product certifications under Common Criteria (ISO15408).
Scheme: NIAP (US) [4]
As noted on NIAP’s Product Compliant List page [7], Apple iOS 12 along with MDM
Agent, WLAN Client, and VPN Client was recently certified and posted under its
Validation ID (VID) #10937 [8]. The posting also includes links to five
relevant documents:
MDF / MDM / WLAN / VPN
Common Criteria Certificate [9]
Security Target [10]
Validation Report [11]
Assurance Activity [12]
Administrative Guide [13]
__________
Top Level Product Compliance Postings - Common Criteria Portal
[1] http://www.commoncriteriaportal.org <http://www.commoncriteriaportal.org/>
[2] http://www.commoncriteriaportal.org/schemes/
<http://www.commoncriteriaportal.org/schemes/>
[3] http://www.commoncriteriaportal.org/products/
<http://www.commoncriteriaportal.org/products/>
[4] https://www.niap-ccevs.org/MMO/Product/st_vid10937-vr.pdf
<https://www.niap-ccevs.org/MMO/Product/st_vid10937-vr.pdf>
[5] https://www.niap-ccevs.org/MMO/Product/st_vid10937-st.pdf
<https://www.niap-ccevs.org/MMO/Product/st_vid10937-st.pdf>
Top Level Product Compliance Postings - NIAP (US)
[6] https://www.niap-ccevs.org <https://www.niap-ccevs.org/>
[7] https://www.niap-ccevs.org/Product/ <https://www.niap-ccevs.org/Product/>
iOS 12 Certification Documentation
[8] https://www.niap-ccevs.org/Product/Compliant.cfm?PID=10937
<https://www.niap-ccevs.org/Product/Compliant.cfm?PID=10937>
[9] https://www.niap-ccevs.org/MMO/Product/st_vid10937-ci.pdf
<https://www.niap-ccevs.org/MMO/Product/st_vid10937-ci.pdf>
[10] https://www.niap-ccevs.org/MMO/Product/st_vid10937-st.pdf
<https://www.niap-ccevs.org/MMO/Product/st_vid10937-st.pdf>
[11] https://www.niap-ccevs.org/MMO/Product/st_vid10937-vr.pdf
<https://www.niap-ccevs.org/MMO/Product/st_vid10937-vr.pdf>
[12] https://www.niap-ccevs.org/MMO/Product/st_vid10937-aar.pdf
<https://www.niap-ccevs.org/MMO/Product/st_vid10937-aar.pdf>
[13] https://www.niap-ccevs.org/MMO/Product/st_vid10937-agd.pdf
<https://www.niap-ccevs.org/MMO/Product/st_vid10937-agd.pdf>
__________
RELATED: Common Criteria Certifications
Platform: iOS 12: “Contacts"
VID: 10961
<https://www.niap-ccevs.org/Product/Compliant.cfm?PID=10961>
Technology: Application Software
Completion Date: 2019.02.28
Protection Profile for Application Software v1.2
<https://www.niap-ccevs.org/Profile/Info.cfm?PPID=394&id=394>
There are additional Common Criteria Certifications for iOS 12 pending of which
we wanted to be sure you were aware. Now that the iOS Platform is complete and
once the Validators are complete, these too will be listed at the Common
Criteria Portal, NIAP Product Compliance Pages, and on the corresponding Apple
Knowledge Base Article(s).
Platform: iOS 12: “Safari"
VID: 10960
<https://www.niap-ccevs.org/Product/Compliant.cfm?PID=10960>
Technology: Web Browser
ETA Completion Date: April 2019
Protection Profile for Application Software v1.2
<https://www.niap-ccevs.org/Profile/Info.cfm?PPID=394&id=394>
Extended Package for Web Browsers v2.0
<https://www.niap-ccevs.org/Profile/Info.cfm?PPID=378&id=378>
When evaluations are complete, they will join the other completed
certifications performed with NIAP where you can pull up all Apple
Certifications using the following link.
NIAP: Product Compliant List (Apple)
https://www.niap-ccevs.org/Product/PCL.cfm?par303=Apple
<https://www.niap-ccevs.org/Product/PCL.cfm?par303=Apple>
When they are in evaluation, all Apple products actively being evaluated can be
found at:
NIAP: Products in Evaluation (Apple)
https://www.niap-ccevs.org/Product/PINE.cfm?par303=Apple
<https://www.niap-ccevs.org/Product/PINE.cfm?par303=Apple>
__________
Apple: Knowledge Base References
There are Apple Support Knowledge Base Articles for each operating system
resources relating to ALL Validations and Certifications including FIPS 140-2,
Common Criteria Certification, Security Guidance Resources, and more.
Note: There may be a delay in the posted updates to these KB Articles. Keep the
following URLs handy to review now and in the future.
[1] Product security certifications, validations, and guidance for iOS
https://support.apple.com/HT202739 <https://support.apple.com/HT202739>
[2] Product security certifications, validations, and guidance for macOS
https://support.apple.com/HT201159 <https://support.apple.com/HT201159>
[3] Product security certifications, validations, and guidance for watchOS
https://support.apple.com/HT208390 <https://support.apple.com/HT208390>
[4] Product security certifications, validations, and guidance for tvOS
https://support.apple.com/HT208389 <https://support.apple.com/HT208389>
[5] Product security certifications, validations, and guidance for T2 Firmware
https://support.apple.com/HT208675 <https://support.apple.com/HT208675>
brought to you by the…
Apple Platform Security Certifications Program
email@hidden <mailto:email@hidden>
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden