On 7 sep 2013, at 14:33, Jorge Amodio <jmamo...@gmail.com> wrote: > And who certify such agencies ?
Today the governments, and by mutual cooperation. That said, I think we need a generic way to have oversight over _any_ process. Including oversight where the review is done under NDA. In many countries that kind of oversight is by having (for example in Sweden) the Parliament appoint an independent body that do have insight in the police wiretap orders. Is that good enough? I do not know. But that is sort of my point. If we manage to design how to ensure things are done as they are announced, then we have solved many of the problems. Patrik > -J > > On Sat, Sep 7, 2013 at 1:24 AM, Patrik Fältström <p...@frobbit.se> wrote: > > > We do have a program in the world called Common Criteria. That certification > program includes CCRA (CC Recognition Agreement) that implies that countries > that run certification agencies agree that what is certified in one country > by one such certification agency is also viewed as certified in all countries. > >
