Archived
TD0281: NIT Technical Decision for Testing both thresholds for SSH rekey
Publication Date
2018.01.05
Protection Profiles
CPP_ND_V1.0, CPP_ND_V2.0, CPP_ND_V2.0E
Other References
FCS_SSHC_EXT.1.8, FCS_SSHS_EXT.1.8, ND SD V1.0, ND SD V2.0
Issue Description
The Network Interpretations Team (NIT) has issued a technical decision regarding Testing both thresholds for SSH rekey. Resolution
To align with NIT interpretation # 201717 the following changes shall be implemented: For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfi201717.pdf. Justification
As stated in the 'Resolution' section above, the NIT confirms that the intention of FCS_SSHC_EXT.1.8 and FCS_SSHS_EXT.1.8 is that both thresholds are implemented and tested. But in particular case when the threshold cannot be met due to hardware limitations, it is reasonable that testing could be omitted for this threshold. It is not expected that a check is implemented for a threshold that cannot be reached by the TOE. |