![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
Index by PD Effective Date
Quickfinder:
Index:
| Number | Title | Flags |
|---|---|---|
| PD-0155 | CC inconsistencies/issues with the 2600 PP | New |
| PD-0154 | Time Changes | New |
| PD-0153 | Automatic Update Mechanisms | New |
| PD-0152 | Internal Inconsistency within the IDS System PP regarding FPT_STM | |
| PD-0151 | Acceptable Demonstrable Assurance for the IDS System PP v1.7 (BR) | |
| PD-0150 | FTA_SSL.1 and 2 SFRs in the Firewall, Traffic Filter Firewall, VPN, and IDS MR PPs | |
| PD-0149 | Clarification of FMT_MOF.1(3) for TFWPP and VPNPPs | |
| PD-0148 | Excluded Functionality and Policy 13 | |
| PD-0147 | CCEVS Policy #15 Applicability to Flash Drives | |
| PD-0146 | Remote Administration and Cryptographic Functionality in the TFWPP | |
| PD-0145 | Enabling/Disabling of Verification of Cryptographic Key Testing in WLAN PP | |
| PD-0144 | Corrections to formatting and typographic errors in the WLAN Access System PPs | |
| PD-0143 | Meeting FDP_ACF.1 in the DBMS PP | |
| PD-0142 | Meeting FTA_TAH_EXP.1 in the DBMS PP | |
| PD-0141 | Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments | |
| PD-0140 | Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile | |
| PD-0139 | CC V3 Conformance Type for Existing CC V2 PPs | |
| PD-0138 | Sharing of Peripherals with Memory under the Peripheral Sharing PP | |
| PD-0137 | CC V3 PP Conformance Type Consistency | |
| PD-0136 | Using CCv2.x PPs with CCv3.1 STs: Handling of FPT_SEP and FPT_RVM | |
| PD-0135 | "Overwriting" in the Context of Non-Disk Memory (Medium Robustness Profiles) | |
| PD-0134 | Medium Robustness Traffic Filtering PP: Administrator accounts | |
| PD-0133 | Level of Detail in SFRs | |
| PD-0132 | Terminating Sessions in lieu of Locking Sessions | |
| PD-0131 | Create Object Audit Event and CAPP Compliance | |
| PD-0130 | Clarification of Alert requirement in Basic Robustness Anti-Virus PP | |
| PD-0129 | Deletion of the oldest audit events when audit storage space is exhausted | |
| PD-0128 | Information in Test Results for Manual Tests | |
| PD-0127 | Compliance with IDS Analyzer PP Export Requirements | |
| PD-0126 | Administrator-entered Code Used To Meet SFRs | |
| PD-0125 | Audit Pre-Selection in the CIMC PP | |
| PD-0124 | Depth of Protocol or Interface Examination | |
| PD-0123 | Defining Protocols as Internal or External Interfaces | |
| PD-0122 | Description of Logical and Physical Boundaries | |
| PD-0121 | Format of the ADV_IMP Implementation Representation | |
| PD-0120 | Parameter Validation Testing | |
| PD-0119 | Applicability of FIA_UAU.7 Application Note in CAPP v1.d | |
| PD-0118 | Assumptions in the IDS PP v1.4 | |
| PD-0117 | PP conformance Using an Underlying Evaluated Product | |
| PD-0116 | IDSSPP v1.4: Compliance with the Selective Audit Requirement | |
| PD-0115 | Third Party Authentication is permitted by the ALFWPP-MR | |
| PD-0114 | Meeting the ADO_DEL.3 Requirement | |
| PD-0113 | Use of Third-party Security Mechanisms in TOE Evaluations | |
| PD-0112 | Can a non-hardware TOE claim conformance with FPT_SEP.1? | |
| PD-0111 | Clarify the Definitive Source of International Interps | |
| PD-0110 | Actions/Information Required of the Developer and Evaluator When Performing ADV_RCR Work | |
| PD-0109 | Multiple Hardware Models with Different SFRs in One Security Target | |
| PD-0108 | FTP_ITC.1.3 Specifies The Functions For Which A Trusted Channel Is Provided | |
| PD-0107 | IDSSPP v1.4: FPT_STM.1 Must Be Met by the TOE | |
| PD-0106 | Situations Where AGD_USR May Be Vacuously Satisfied | |
| PD-0105 | Acceptability of IKE Authentication as "Single Use" In Firewall PPs | |
| PD-0104 | Testing All Claimed Platforms | |
| PD-0103 | Clarify CCEVS Policy for Applying NIAP Interpretations | |
| PD-0102 | CIMC PP Compliance for Iterated Requirements that are Satisfied by the IT Environment | |
| PD-0101 | Level of Detail Necessary for Assurance Requirements on Third Party Products | |
| PD-0100 | When can evaluation evidence be reused? | |
| PD-0099 | FIA_UID.2, FIA_UAU.2, and FPT_STM.1 Requirements: On the IT Environment? | |
| PD-0098 | Information Flow Policies with No Active Decision | |
| PD-0097 | Compliance with IDS System PP Export Requirements | |
| PD-0096 | Custom Access Control Language for FDP_IFC and FDP_IFF | |
| PD-0095 | User in the Loop for Policy Enforcement | |
| PD-0094 | Site Visit - Alternative Evaluation Methodology | |
| PD-0093 | Questions Concerning the Peripheral Sharing Switch PP | |
| PD-0092 | Does ISO 9001 Certification imply that ACM_CAP.2 has been met? | |
| PD-0091 | Dependencies of Requirements on the IT Environment | |
| PD-0090 | TOE Labels | |
| PD-0089 | Specifying Mechanism in PP Objectives | |
| PD-0088 | Developer Vulnerability Analysis | |
| PD-0087 | STs Adding Requirements to Protection Profiles | |
| PD-0086 | What SOF Claim is appropriate when there are no probabilistic or permutational mechanisms | |
| PD-0085 | How to Handle Explicitly Specified Requirements? | |
| PD-0084 | Evaluation of TOE claiming compatibility with multiple IT environments | |
| PD-0083 | Identification of Standards | |
| PD-0082 | PP compliance with portion of TOE SFR in Environment | |
| PD-0081 | Does FDP_RIP.2 imply hardware must be in the TOE? | |
| PD-0080 | Use of Unevaluated Hardware during Testing? | |
| PD-0079 | Handling of Interpretations | |
| PD-0078 | Incorporation of interpretations into a PP | |
| PD-0077 | Are All Aspects of the TSFI Documented in ADV_FSP.2? | |
| PD-0076 | What Does It Mean To Provide A Mechanism To Support A Function? | |
| PD-0075 | Identification of Interfaces in HLD | |
| PD-0074 | Dealing with Errors in a PP | |
| PD-0073 | Partial Conformance to a PP/Conditional Requirements in a PP | |
| PD-0072 | Empty Assignment Operation | |
| PD-0071 | Identification of Operations on Security Functional Requirements | |
| PD-0070 | Can a product claim conformance to an earlier version of the CC? | |
| PD-0069 | Claiming compliance to FPT_AMT.1 | |
| PD-0068 | Specifying the "number of times" in FIA_AFL.1.1 | |
| PD-0067 | For the Controlled Access Protection Profile (CAPP), must all events be pre-selectable? Post-selectable? | |
| PD-0066 | In FAU_SEL.1, What Is Meant By "the set of audited events"? | |
| PD-0065 | Meaning of "access control and/or information flow control SFPs" in FPT_SEP | |
| PD-0064 | Auditing "Subject Identity" for Actions Not Taken by TSP Subjects | |
| PD-0063 | What Information Must Be Provided in the TSS Rationale? | |
| PD-0062 | What Must Be Tested for an ST Running On Multiple Platforms? | |
| PD-0061 | Security Targets for a Software TOE that runs on Multiple Platforms | |
| PD-0060 | Does One Reference or Transcribe Requirements When Including Components in a PP/ST? | |
| PD-0059 | How Much Testing Is Required At EAL2? | |
| PD-0058 | EAL2 Testing Requirements | |
| PD-0057 | Is It Necessary To Repeat The List Of Audit Information in FAU_GEN.1 | |
| PD-0056 | Exhaustiveness of ATE_IND Testing | |
| PD-0055 | Effect of Addition of Environmental Assumptions on PP Compliance | |
| PD-0054 | What is an appropriate TOE Reference? | |
| PD-0053 | Issues Related to Software Only TOEs | |
| PD-0052 | Can There Be A Single Blanket Description Of Error Messages in an FSP? | |
| PD-0051 | Must Only Security Relevant Error Messages Be Provided In An FSP? | |
| PD-0050 | How Should Libraries Be Handled Relative to the ADV_FSP.1 work units of the CEM? | |
| PD-0049 | Identification and Description of TSF Interfaces | |
| PD-0048 | SOF Claims for PPs without any Permutational or Probabilistic Mechanisms | |
| PD-0047 | Reflecting Compliance With Multiple PPs | |
| PD-0046 | Exclusion or Inclusion of an Operating System in the TOE? | |
| PD-0045 | Where can policy be specified in a PP? | |
| PD-0044 | What evidence is required by APE_REQ.1.4C? | |
| PD-0043 | Can non-TSF entities be included in the TOE by an ST? | |
| PD-0042 | Can User Identity Be Listed As An Attribute for FIA_ATD.1? | |
| PD-0041 | Use of an Intelligent Printer (PCL) in an Evaluated Product | |
| PD-0040 | Warning Banner Must Be Human Readable Text | |
| PD-0039 | Can application notes contain requirements? | |
| PD-0038 | Must Sublists In An SFR Be Numbered? | |
| PD-0037 | Ambiguities Resulting From Choosing More Than One Selection In An Assignment | |
| PD-0036 | Distinction between Internal and External Networks in a Firewall PP | |
| PD-0035 | Can the lists of Audit Events and Audit Information be Combined into a single Table? | |
| PD-0034 | Is Intermingling Multiple PPs in One Document Acceptable? | |
| PD-0033 | Referencing Draft External Specifications in a Protection Profile | |
| PD-0032 | Dependency Correctness for AMA_CAT.1 | |
| PD-0031 | Handling Audit Section Text: Actions vs. Information To Be Recorded | |
| PD-0030 | Initialization of Default Values of Security Attributes | |
| PD-0029 | Delivery and Installation Guidance for Vendor-Installed Modules | |
| PD-0028 | Redundancy between Overview Material and Application Notes in a PP | |
| PD-0027 | Where should the TOE Security Policy be defined? | |
| PD-0026 | Typographical error in the ALFWPP-MED with respect to FDP_IFF.1(1) and FDP_IFF.1(2) | |
| PD-0025 | Is an Access Control Decision made at the beginning of a session acceptable? | |
| PD-0024 | Conformance with a PP with respect to Level of Audit | |
| PD-0023 | Design Decomposition for Physical Security | |
| PD-0022 | Test Evidence that must be provided at EAL2 | |
| PD-0021 | Missing Methodology for NIAP I-0385 (Identification Of Standards) | |
| PD-0020 | Management of Functions with No Specific Requirements | |
| PD-0019 | Allocation of Requirements in a PP to the Environment | |
| PD-0018 | Usage of the Term "Loopback Network" in the Application Level Firewall PP | |
| PD-0017 | Parsing of APE_OBJ.1.3C | |
| PD-0016 | Evidence for APE Assurance Requirements | |
| PD-0015 | NIAP Requirements for PP Registration Information for APE_INT.1 | |
| PD-0014 | Necessity For A Test Plan to Specifically Satisfy The Requirements for ATE_FUN.1.2C | |
| PD-0013 | TSF Representations Split Among Documents | |
| PD-0012 | Can Access Control Attributes Determine Users In A Role? | |
| PD-0011 | Attribute Inheritance/Modification Rules Need To Be Included In Policy | |
| PD-0010 | Site-Configurable Prevention Of Audit Loss | |
| PD-0009 | Exempting sensitive attribute data items from capture in the audit log | |
| PD-0008 | When should monitoring of the public domain for new 'obvious vulnerabilities' cease? | |
| PD-0007 | Choice of functional components not limited by choice of assurance components | |
| PD-0006 | Can Sorting and Searching Tools be Provided in the Environment | |
| PD-0005 | Definition of Security Relevant | |
| PD-0004 | Satisfaction of Requirements by Applications Running on Untrusted Products | |
| PD-0003 | Draft Documents and Configuration Control | |
| PD-0002 | Level of Detail about Hardware and Firmware | |
| PD-0001 | Meaning of Resources in FDP_RIP.2 | |
Return to Index Selection Page
Database indices generated on 2010-01-27. Flagging of new/changes were done against the latest configuration managed version dated before 2009-10-01.