TD0777: Clarification to Selections for Auditable Events for FCS_SSH_EXT.1
Publication Date
2023.08.23
Protection Profiles
PKG_SSH_V1.0
Other References
Section 3.1, Table 1
Issue Description
Per PKG_SSH_v1.0 Section 3.1 Table 1: Auditable Events for Mandatory Requirements. The first row defines the requirement "FCS_SSH_EXT.1" in column 1. In column 2 (Auditable Events) a selection is required. This selection includes "None". In column 3 (Additional Audit Record Contents) a selection is also required and includes "None" as an option. In addition, column 3 also requires "Reason For Failure". If the selections in Row 1 are "None", the additional audit record content requirement of "Reason for Failure" cannot be met as currently written. Clarification on, or removal of "Reason for Failure" is requested. Resolution
Section 3.1 of PKG_SSH_V1.0 is modified as follows, with green highlighted and underlined text indicating additions and red highlighted text with strikethrough indicating deletions:
The auditable events specified in this Package are included in a Security Target if the incorporating PP, cPP, or PP-Module supports audit event reporting through FAU_GEN.1 and all other criteria in the incorporating PP or PP-Module are met.
Application Note: "None" can be selected in column 3 if, and only if, it is also selected in column 2.
Justification
See issue description. |