TD0736: Number of elements for iterations of FCS_HTTPS_EXT.1
Publication Date
2023.05.16
Protection Profiles
PP_APP_v1.4
Other References
FCS_HTTPS_EXT.1.3/Server
Issue Description
FCS_HTTPS_EXT.1/Client and FCS_HTTPS_EXT.1/Server are iterations of the same extended SFR, but have a different number of elements. TD0709, which was issued to correct this, creates an internal inconsistency because the SFR selections it added do not match the selections available in FCS_HTTPS_EXT.2.1 in PP_APP_V1.4. Resolution
TD0709 is archived and replaced with the following: FCS_HTTPS_EXT.1/Server in PP_APP_V1.4 is modified to include the following third element and corresponding evaluation activities: FCS_HTTPS_EXT.1.3/Server The application shall [selection: not establish the connection, establish or not establish the connection based on an administrative or user setting] if the peer certificate is deemed invalid. TSS None. Guidance None. Tests Other tests are performed in conjunction with the TLS Functional Package, FCS_HTTPS_EXT.2 (dependent on selections in FTP_DIT_EXT.1), and FIA_X509_EXT.1. Justification
Iterated extended SFRs must be based on the same extended component definition. |