[BSDcert] Initial thoughts

G. Rosamond george at sddi.net
Sun Dec 19 12:43:43 EST 2004 

Looks like things have taken off with a boom. . .

On Dec 19, 2004, at 12:13 PM, Tillman Hodgson wrote:

> On Sun, Dec 19, 2004 at 11:44:37AM -0500, Richard Bejtlich wrote:
>> On Sun, 19 Dec 2004 10:17:02 -0600, Tillman Hodgson
>> <tillman at seekingfire.com> wrote:
>>>
>>> Why not piggy-back? Require someone to hold "one of the following 
>>> basic
>>> Unix certs", and then have a cert that covers _only_ BSD specific 
>>> stuff.
>>
>> Hello,
>
> Howdy Richard,
>
> Love your blog, BTW. I've passed it's URL around the office a few times
> now.

That's why it's great to have him on the list. . .

>
>> I recommend not tying our effort to another organization.  First, LPI
>> is the "Linux Professional Institute."  BSD is not Linux.  Second,
>> should LPI or another group make changes we do not like, our whole
>> model is jeopardized.  Third, they may not want us involved.
>
> I don't want to tie it to a single organization, the idea was more like
> a sign (like those at the carnival) that says "you must be --> this 
> tall
> to play here". Provide a list of the basic Unix certs (and there's a 
> lot
> of them!) and require sometime attempting the BSD cert to hold one of
> them (any of them, so to speak).

The reality is many BSD people are anti-cert, so I don't know what 
we're piggy-backing off of.

I'm sure everyone understands technically that an individual BSD cert 
is justifiable, but we also have to fight for it to be politically 
independent.

>
> Since it covers only basic Unix stuff, I don't think the danger to our
> model is very high. We also don't need the involvement of the other
> certifying organizations -- the student just needs to hold a cert from
> *somewhere*, that's the extent of the involvement.

To me, it's all about easily justifying a BSD Certs own existence. . . 
this undercuts it severely.

>
> It gets us out of the Yet Another Basic Unix Admin Cert game, where the
> path is rocky and the list of failed certifying organizations is long.

What do you mean "the list of failed. . "?  I'm a bit confused.  Oh, 
you mean certs that start then cease?

> After my (albeit short) experience with the LPI development process, 
> I'm
> anxious to avoid playing that game. It seems to take years and dollars
> that I'd rather avoid and that's only to get to the point where one is
> allowed to play the political game for general acceptance.

That's why the foundations are important.  And the backing of each of 
the projects.

>
>>> The written practical might help out here. If everytime someone 
>>> googles
>>> for information on X, they run across a paper on the BSD Cert web 
>>> site
>>> describing how to do X on BSD ... well, there'd be some easy dots to
>>> connect there. It's definitely worked that way for the SANS folks.
>>
>> This is an excellent idea.  Only the practicals we vet would be
>> posted.  Suddenly we're adding practial information to the BSD body of
>> knowledge.  I think our certification "test" should concentrate on
>> specifics of the OPERATING SYSTEM (at least initially) and not on
>> applications.  Perhaps the practicals would cover applications, like
>> "setting up Apache on NetBSD."
>
> Exactly. As SANS does, only the practicals that *pass* get posted.

Right. . . .  (mine is ;-).  It would be a significant contribution to 
the BSD body of documentation.  Another reason why BSD book sales lag. 
. . <g>

>
> Actually, there's a lot from the SANS model that we could borrow from.
>

I agree.  The GSEC is my only cert, and is really only different in 
form from the CISSP.  The CISSP covers the same ten 'domains', but is a 
6 hour sitdown exam, closed book, more like a marathon.  The GSEC is, 
as mentioned earlier, two three hour open book at home exams plus the 
written practical.

It would make sense to do a comparison of various relevant certs in 
terms of form, eg, exams required, number of questions, format, etc.  
More for the wiki. . .

> I like your idea of splitting the OS from applications. The OS we have
> more direct control over (through the various BSD projects), so the
> tests would need to be updated less often -- and when it would need to
> be updated would be clearer to all of us.

Very true. . . but there should at least be sections on www, mail, dns, 
etc, configs.  These exams are aimed, IMHO, at sysadmins, not 
developers.

George

More information about the BSDCert mailing list