Archived
TD0336: NIT Technical Decision for Audit requirements for FCS_SSH*_EXT.1.8
Publication Date
2018.08.01
Protection Profiles
CPP_ND_V2.0E
Other References
ND SD V2.0, FCS_SSHC_EXT.1.8, FCS_SSHS_EXT.1.8
Issue Description
The NIT has issued a technical decision for audit requirements for FCS_SSH*_EXT.1.8. Resolution
The second paragraph of the test section for FCS_SSHC_EXT.1.8 shall be replaced by: "For testing of the time-based threshold the evaluator shall use the TOE to connect to an SSH server and keep the session open until the threshold is reached. The evaluator shall verify that the SSH session has been active longer than the threshold value and shall verify that the TOE initiated a rekey (the method of verification shall be reported by the evaluator )." The fifth paragraph of the test section for FCS_SSHC_EXT.1.8 shall be replaced by: " The evaluator shall verify that more data has been transmitted within the SSH session than the threshold allows and shall verify that the TOE initiated a rekey (the method of verification shall be reported by the evaluator)." The second paragraph of the test section for FCS_SSHS_EXT.1.8 shall be replaced by: "For testing of the time-based threshold the evaluator shall use an SSH client to connect to the TOE and keep the session open until the threshold is reached. The evaluator shall verify that the SSH session has been active longer than the threshold value and shall verify that the TOE initiated a rekey (the method of verification shall be reported by the evaluator)." The fifth paragraph of the test section for FCS_SSHS_EXT.1.8 shall be replaced by: "The evaluator shall verify that more data has been transmitted within the SSH session than the threshold allows and shall verify that the TOE initiated a rekey (the method of verification shall be reported by the evaluator)."
For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201814.pdf Justification
See issue description. |