After Y2K, critical infrastructure

Alex Pilosov alex at
Fri Dec 24 02:50:43 UTC 1999

On Thu, 23 Dec 1999, I Am Not An Isp wrote:

> At 08:49 PM 12/23/99 -0500, Deepak Jain wrote:
>  >
>  >> I'm hoping the "hackers" will party and get drunk over New Year's, and 
> leave
>  >> the so-called critical infrastructure alone.  If you think you filled out a
>  >> lot of paperwork for Y2K, and you ain't seen anything yet.  I for one sleep
>  >> much better knowing Microsoft NT is certified C2 ready :-)
>  >>
>  >
>  >Sorry to ruin your sleep. NT is ONLY C2 certified as a standalone
> I thought you had to remove the NIC, the floppy, and a few other things, 
> not just software.  C2 *Orange* Book, not Red Book.

Actually, as surprising as it is, NT4 has been certified to be Orange Book
C2 (TCSEC, US, non-networked, December 99) and Red Book EC2 (or something
like that) (ITSEC, UK, networked, April 99).

The only thing it proves is that TCSEC and ITSEC evaluations have become  
outdated and worthless, IMHO. ;)


More information about the NANOG mailing list