In the world of security certifications, the Common Criteria is one of the strongest ways that a company can look to gain business from Government agencies. It acts as a great way to gain international business as well. And as of Thursday, the Red Hat announced that they will be seeking the same certification (but different level) for their Java software, JBOSS. What are you thoughts on the effectiveness of Common Criteria certifications on actual security, versus as a business and marketing tool?

The link for this article located at CNET.com is no longer available.