http://blogs.technet.com/fred/archive/2006/03/02/421014.aspxThe common criteria IT Security evaluation process is a powerful, useful, well thought out, and well organised system from a technical perspective. To a deep techie it means that there should be some level of assurance that a particular product can standen-GBCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.technet.com/fred/archive/2006/03/02/421014.aspx#421077Fri, 03 Mar 2006 01:18:39 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:421077phoenixI definatly feel CC certification is a valuable step in a products evaluiation, whilst I aggree that a certificate alone does not make a product, and I remember reading the complex configuration required of windows 2000 to actually get it to the standard it was evaluated against, however looking at recent product launches from microsoft they are all secure products, designed to be just that, and all have past high level evaluation in part, because of that (yes we all know we can make a windows 2003 SP1 box Unsecure if we wanted to, but what would that accomplish?) <br> <br>I personally think it helps to change the perception of microsoft products, just looking at the products released since the Trusted Computing initiative was started is testiment to that <br> <br>Keep putting out good products, keep making sure they are secure by default, keep generating the great documentation to help us keep them that way, and by all means keep getting certified to back it up