TD0562: Test activity for Public Key Algorithms
Publication Date
2021.01.27
Protection Profiles
PP_HCD_V1.0
Other References
FCS_SSH_EXT.1.5
Issue Description
The test activity for FCS_SSH_EXT.1.5 is incorrect. Resolution
The assurance activity for FCS_SSH_EXT.1.5 is replaced as follows: TSS: The evaluator shall check the description of the implementation of this protocol in the TSS to ensure that optional characteristics are specified, and the public key algorithms supported are specified as well. The evaluator shall check the TSS to ensure that the public key algorithms specified are identical to those listed for this component. The evaluator shall also check the operational guidance to ensure that it contains instructions on configuring the TOE so that SSH conforms to the description in the TSS (for instance, the set of algorithms advertised by the TOE may have to be restricted to meet the requirements). Test: The evaluator shall also perform the following test: The evaluator shall establish a SSH connection using each of the public key algorithms specified by the requirement. It is sufficient to observe (on the wire) the successful negotiation of the algorithm to satisfy the intent of the test. Justification
Test in FCS_SSH_EXT.1.4 did not specify testing for "public key" algorithms. |