Archived
TD0411: NIT Technical Decision for FCS_SSHC_EXT.1.5, Test 1 - Server and client side seem to be confused
Publication Date
2019.03.22
Protection Profiles
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
Other References
FCS_SSHC_EXT.1.5, ND SD V2.0E, ND SD V2.1
Issue Description
The NIT has issued a technical decision for FCS_SSHC_EXT.1.5, Test 1 - Server and client side seem to be confused Resolution
The NIT acknowledges the issue described in the Issue section but does not regard a rewrite of the test requirement as necessary. The following test objective definition shall be added to the definition of Test 1 for FCS_SSHC_EXT.1.5 to enhance clarity: Test objective: The purpose of this positive test is to check the authentication of the server by the client (when establishing the transport layer connection), and not for checking generation of the authentication message from the client (in the User Authentication Protocol). The evaluator is therefore intended to establish sufficient separate SSH connections (with an appropriately configured server) to cause the TOE to demonstrate use of all public key algorithms claimed in FCS_SSHC_EXT.1.5 in the ST.
For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201832.pdf Justification
See issue description |