The SSH software shall implement the SSH protocol that complies with RFCs 4251, 4252, 4253,
4254 and
[
Application Note: The ST author selects which of the additional RFCs to which
conformance is being claimed. An SSH product can implement additional RFCs, but only those
listed in the selection can be claimed as conformant under common criteria.
The RFC selections for this requirement need to be consistent with selections in
later elements of this Extended Package (e.g., cryptographic algorithms permitted).
RFC 4253 indicates that certain cryptographic algorithms are "REQUIRED". This means that from the
IETF's perspective the implementation must include support, not that the algorithms must
be enabled for use. Ensuring that algorithms indicated as "REQUIRED" but not listed
in later elements of this Extended Package is out of scope for the assurance activity
for this requirement.
If client is selected, then the ST must include the requirements from
FCS_SSHC_EXT.1.
If server is selected, then the ST must include the requirements from
FCS_SSHS_EXT.1.