Tuesday, June 19, 2012

CESeCore gains Common Criteria certification


After 2 years of work, and 6 months of administrative waiting period CESeCore has finally received the final, signed, Common Criteria certification.

Providing a certified component library

By June 2012 the CESeCore project fullfilled its primary purposes: to make the CESeCore Security Core 1); Common Criteria EAL 4+ certified and 2); publicly available for integration with enterprise applications.
Vendors aiming to attain their own Common Criteria certification will continue to draw significant benefits through the use of the fully approved CESeCore library, which greatly shortens and simplifies implementation of many important security functions.
The certified CESeCore has also taken PrimeKey's EJBCA Enterprise edition a steady leap forward towards its own final Common Criteria certification.

"When we created CESeCore, we added the most important security functions from certificate management, certificate validation and timestamping, into a re-usable Java Enterprise component library. And we worked patiently to have it Common Criteria certified! Anyone who needs these security functions no longer have to re-invent the wheel."
— Tomas Gustavsson, PrimeKey CTO

Certification details

CESeCore is certified based on the CIMC Protection Profile (v1.0) at security level 3. The assurance level is EAL4+ (EAL4 augmented with ALC_FLR.2).
For those interested all details are available in the CESeCore Security Target.

EJBCA to be completed

Building on the CESeCore, EJBCA 5.0 has already completed the evaluation for the Common Criteria evaluation at the same level. We are only awaiting the administrative process to receive the final certificate also for EJBCA.

Tuesday, June 5, 2012

EJBCA 5.0.5 released

4 Jun 2012 — Stockholm, Sweden

Primekey proudly presents the 5.0.5 maintenance release of EJBCA.
Quite some effort was put into stabilizing the 5.0.x release for production use, including bug fixes and improvements of usability for issues discovered during production deployments.

To find out how to access EJBCA 5 visit PrimeKey's PKI Shop.

EJBCA PKI *5.0.5* release notes
A maintenance release containing a couple of small features and many bug fixes. The following are a selection of the most noteworthy:

New features
  • Index recommendations have changed.
  • CVC CAs can now be created from the Command Line Interface.
  • EJBCA now supports Japanese localization.
  • Overall performance increases.
  • Removed redundant and excessive logging to audit logs.

Bug fixes
  • Fixed bug where recursive deny rules caused deny for system user.

Development continues beyond this version and all requests from the community are scheduled for EJBCA 5.0.6 or later releases.
More information is available at the project web site and the complete changelog can be viewed in the issue tracker.

Friday, June 1, 2012

Mobile ID client from Nerd integrated with EJBCA PKI from PrimeKey

Mobile ID is a open source new Android app for signatures and encryption developed by Nerd in Greece. It is still a beta version, but I though it might be interesting to know. It has been integrated with EJBCA so you can get a certificate easily. Development and further integration will also continue beyond this point. Also see press release.