Archived
TD0369: Long-term trusted channel key material
Publication Date
2018.10.17
Protection Profiles
PP_MD_V3.1
Other References
FCS_STG_EXT.2.1, FCS_STG_EXT.2.2, FCS_STG_EXT.3.1
Issue Description
LTTCKM includes WPA2 PSK keys in addition to IPsec and Bluetooth keys Resolution
The following changes are made to the PP to clarify the ST author’s assignments:
FCS_STG_EXT.2.1’s app note (changes in red) “…. Long-term trusted channel key material includes WPA2 (PSKs), IPsec (PSKs and client certificates) and Bluetooth keys. These keys shall not be protected by the password, as they may be necessary in the locked state. For clarity, the ST author must assign any Long-term trusted channel key material supported by the TOE. At a minimum, a TOE must support at least WPA2 and Bluetooth keys...“
FCS_STG_EXT.2.2’s app note (changes in red) “Application Note: The ST author selects which key encryption schemes are used by the TOE. This requirement refers only to KEKs as defined this PP and does not refer to those KEKs specified in other standards. The ST author must assign the same Long-term trusted channel key material assigned in FCS_STG_EXT.2.1.“
FCS_STG_EXT.3.1’s new app note (changes in red) “Application Note: The ST author must assign the same Long-term trusted channel key material assigned in FCS_STG_EXT.2.1.”
Justification
See issue description. |