TD0635: NIT Technical Decision for TLS Server and Key Agreement Parameters
Publication Date
2022.03.21
Protection Profiles
CPP_ND_V2.2E
Other References
FCS_TLSS_EXT.1.3, NDSD v2.2
Issue Description
NIT Technical Decision for TLS Server and Key Agreement Parameters. Resolution
In SDNDv2.2, FCS_TLSS_EXT.1.3 TSS Assurance Activity shall be replaced as follows: If using ECDHE and/or DHE ciphers, the evaluator shall verify that the TSS lists all EC Diffie-Hellman curves and/or Diffie-Hellman groups used in the key establishment by the TOE when acting as a TLS Server. For example, if the TOE supports TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher and Diffie-Hellman parameters with size 2048 bits, then list Diffie-Hellman Group 14.
For further information, please see NIT Interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRFI202107.pdf Justification
See Issue Description. |