Common Criteria Users’ Forum
Draft v0-1
1. Mission a. The Common Criteria User s’ Forum mission is to provide a voice and communications channel between the CC community and the Common
Criteria organizational committees, national schemes, and policy makers.
In order to further the CCUF mission, our objectives are to improve and promote Common Criteria by seeking to:
Support and foster the goal of worldwide mutual recognition
Promote focused technical working groups, to enable the creation of useful, realistic, internationally-recognized protection profiles
Assure customers of evaluated products with meaningful evaluation results
Encourage viable policies and processes for maintaining certification through product updates
Encourage viable policies and processes for certifying systems that are composed of certified parts
Minimize the time, effort, and cost required to complete evaluations which lead to appropriate levels of assurance
2. Principles of Operation a. The CCUF will seek to operate within the guidance of these Principles and will refrain from actions, or inactions, which would contradict these
Principles. b. The CCUF will provide an open forum for a broad spectrum of participants. c. The CCUF will accept any member who joins and participates in good faith. d. The CCUF will not favour any group or interest within its membership. e. The CCUF will protect the interests of and voices of minority groups within its membership.
Документ1 Page 1 of 6 09 Apr 2020
f. The CCUF may address issues which are also being addressed by other organisations or groupings. g. The CCUF will maintain its independence and identity in order to adhere to these principles. h. The CCUF will remain vigilant to ensure that no one group acquires undue influence within the CCUF which would contravene these Principles.
3. Management Board a. The Management Board (MB) consists of 7 elected members from across the CCUF membership. Current members are listed in the Annex to this
Governance document. b. The role of the CCUF MB is to operate the CCUF generally in accordance with the guiding Principles. c. Members of the Board are elected for a 2 year term of office, with elections being held as in “Elections” below. d. Incumbent members of the CCUF MB may stand for re-election with no limit on the number of times that a person may be re-elected. e. If, for whatever reason, a member of the CCUF MB stands down mid term then the CCUF MB may nominate a replacement subject to a vote by the remaining members of the CCUF MB. f. The Board decides on roles required to operate, which are currently a
Chair, a Vice-Chair, and a Web manager. Other roles may be identified by the Management Board as part of normal business, and the roles will either be filled by existing Board members or by seeking a volunteer from outside the current Board. Such volunteers will not become Board members are will not accrue Board voting rights (see “Voting” below).
4. CCUF Membership a. Membership of the CCUF is open to all with an interest in the Common
Criteria including, but not limited to, certificate consumers, product vendors, national Schemes, consultancies, labs, academia and individuals. b. Membership is effectively maintained by allowing membership of the
CCUF mailing list. c. The CCUF MB reserves the right, as an ultimate sanction, to withdraw a person or entity from membership of the CCUF if it becomes apparent that
Документ1 Page 2 of 6 09 Apr 2020
the person or entity is wilfully operating in contravention of the CCUF
Principles.
5. Elections a. There are no requirements to be elected to the membership of the CCUF other than a willingness to operate in accordance with the CCUF guiding
Principles. b. Elections to the CCUF MB are required on a twice yearly basis and will follow the CCUF Voting rules set out below.
6. CCUF Voting a. Before voting commences the CCUF MB will notify the CCUF
Membership, via the mailing list, of the purpose of the vote and the relevant timescales (freeze date for eligible membership, dates when nominations will open and close, when voting will start and finish, and when results will be announced and will take effect). b. Special rules will also be announced if, for example, the vote is for the 7 seats on the MB where each entity will be allowed to vote for up to 7 different candidates (but not more than once for any candidate). c. General rules of CCUF voting are: i. Voting will be 1 vote per ‘entity’ (Entity is a Vendor, lab, or scheme etc). ii. Voting will be 1 vote per person if the person represents multiple entities iii. Voting period of a minimum of one week, a Wednesday to Tuesday
(including all relevant time zones) to allow for vacation times. iv. Voting by email (alias to be distributed). v. In order for ballot email to count it must include the name of the person casting the vote and their entity (but these will not be tracked along with the actual vote, just that that person and entity have voted). vi. Results will list which entities voted (not who from the entities or for whom they voted). vii. In the case of a tie there will be a runoff run under these rules.
Документ1 Page 3 of 6 09 Apr 2020
viii. Vote counters will be volunteers and there should be a minimum of
3 vote counters including at least 2 who are not running for election. ix. CCDB/CCMB etc. representatives will not be considered as candidates, as the CCDB may select the appropriate person to liaise with and be a part of the CCUF Management Group.
7. CCUF MB Voting a. Where votes are required within the MB then majority voting applies, with a quorum of 5 CCUF MB participating. b. Where meetings are not quorate then interim votes may be held for subsequent ratification or rejection at the next quorate meeting. c. Outcomes of MB voting will be recorded in meeting notes which will be published on the CCUF website.
8. Meetings a. The CCUF MB will meet (usually via teleconference) on a monthly basis or as agreed within the CCUF MB. b. The CCUF shall be invited to face to face meetings twice yearly, of which it is likely that one will coincide (in time and location) with the annual
International Common Criteria Conference and the other with the annual
RSA conference. The CCUF MB may decide to vary these arrangements with appropriate notice to the Membership. c. Draft Agendas for such meetings will be published by the CCUF MB and
CCUF members will be able to request additional items to be added to such Agendas.
9. Publications a. The CCUF MB will publish, via the CCUF website, notes of meetings
(including the twice yearly face to face meetings). b. The CCUF MB may also publish requests for comment or information, blogs, or other items of potential interest to the membership of the CCUF on the CCUF website. c. The CCUF MB may also publish information, such as dates of proposed meetings, directly to the membership via the mailing list.
Документ1 Page 4 of 6 09 Apr 2020
10. Tasks a. Allocation of tasks within the CCUF MB will be by agreement of the MB. b. Where the CCUF MB proposes to seek assistance with the completion of tasks then a Working Group shall be formed to carry out one or more identified pieces of work. Such Working Groups will be free to choose their method of operations subject to timescales agreed with the CCUF
MB. It is likely that a named member of the CCUF MB will be identified as
Point of Contact for the Working Group. c. Outputs from such Working Groups will be provided to the CCUF MB who will decide on future work requirements and/or publication timescales
(which may include the “never” option).
Документ1 Page 5 of 6 09 Apr 2020
A. Current Management Board d. At the time of writing (August 2012) the MB consists of: i. Alicia Squires - Chair ii. Matt Keller - Vice Chair iii. Brian Smithson - Web iv. Miguel Ba
n v. Mike Grimm vi. Petra Manche vii. Simon Milford
Документ1 Page 6 of 6 09 Apr 2020