Archived
TD0268: FMT_MEC_EXT.1 Clarification
Publication Date
2017.12.15
Protection Profiles
PP_APP_v1.2
Other References
FMT_MEC_EXT.1
Issue Description
In PP_APP_v1.2, the intent of FMT_MEC_EXT.1 is to enable enterprise management of the configuration of application software running on client systems, and provide visibility into configuration settings that would be manipulated by users. However, it is not meant to apply to sensitive data.
Resolution
PP_APP_v1.2: The Application note for FMT_MEC_EXT.1 is modified as follows: Application Note: Configuration options that are stored remotely are not subject to this requirement. Sensitive Data is generally not considered part of configuration options and should be stored according to FDP_DAR_EXT.1 or FCS_STO_EXT.1. Justification
See issue description. |