TD0469: Modification of test activity for FCS_TLSS_EXT.1.1 test 4.1
Publication Date
2019.11.20
Protection Profiles
PKG_TLS_V1.1
Other References
FCS_TLSS_EXT.1.1
Issue Description
In the TLS package 1.1, requirement FCS_TLSS_EXT.1.1 test 4.1 response for a non-supported TLS version is to respond with the highest version capable. The responding Server does not offer an explicit rejection message. “If a TLS server receives a ClientHello containing a version number greater than the highest version supported by the server, it MUST reply according to the highest version supported by the server.” Resolution
Test 4.1 for FCS_TLSS_EXT.1.1 is removed from TLS package 1.1. Justification
See issue description. |