TD0729: Self-contradictory test requirement
Publication Date
2023.04.03
Protection Profiles
PKG_TLS_v2.0
Other References
FCS_TLSS_EXT.6
Issue Description
FCS_TLSS_EXT.6 Test 34 in PKG_TLS_V2.0 is self-contradictory because it asks for a known reaction to be observed for data it is supposed to ignore. The intent of the test was to determine data that would result in an observable response and then attempt to send it as early data. Resolution
FCS_TLSS_EXT.6 Test 34 in PKG_TLS_V2.0 is replaced as follows, with strikethroughs denoting deletions and bold lettering denoting additions: The evaluator shall establish a valid TLS 1.3 session with the TOE and send the data as application data after the finished messages have been verified, and observe the response. The evaluator shall then configure the TOE to clear the response and initiate a resumed session (as for FCS_TLSS_EXT.5 Test 31) with a test TLS 1.3 client attempting to provide the same data in early data Justification
See issue description. |