TD0718: Format changes for MOD_VVoIP_V1.0
Publication Date
2023.01.23
Protection Profiles
MOD_VVOIP_V1.0
Other References
FDP_IFF.1.2, FTP_ITC.1/Control, FTP_ITC.1.1/Media
Issue Description
Multiple SFRs in MOD_VVOIP_V1.0 have inconsistencies with CC Part 2. Resolution
MOD_VVOIP_V1.0 is updated as follows, with green highlight indicating format changes (addition or removal of bold):
FDP_IFF.1.2 is updated as follows:
FDP_IFF.1.2 The TSF shall permit an information flow between a controlled subject and controlled information via a controlled operation if the following rules hold: [ · The TOE is [selection: registered with a VVoIP call control server, acting as a VVoIP call control server when using P2P], · A call has been established with a telephony device (VVoIP endpoint), · The TOE is in the off-hook state, · The TOE is not in the mute state, · [selection: The TOE is not in the hold state, no other rules]].
FTP_ITC.1.1/Control and FTP_ITC.1.2/Control are updated as follows:
FTP_ITC.1.1/Control The TSF shall be capable of using [selection: Session Initiation Protocl (SIP), H.323] to provide a trusted communication channel between itself and a VVoIP call control server that is logically distinct from other communication channels and provides assured identification of its end points and protection of the channel data from disclosure and detection of modification of the channel data. Application Note: Both the SIP and H.323 protocols rely on TLS. This SFR defines the application layer protocol used to secure call control functions. FTP_ITC.1.2/Control The TSF shall permit [the TSF, the VVoIP call control server] to initiate communication via the trusted channel.
FTP_ITC.1.1/Media is updated as follows:
FTP_ITC.1.1/Media The TSF shall be capable of using [selection: SRTP, H.235/H.323] to provide a trusted communication channel between itself and another VVoIP endpoint or other telephony device that is logically distinct from other communication channels and provides assured identification of its end points and protection of the channel data from disclosure and detection of modification of the channel data. Justification
Corrections required to complete certification report. |