| Level of Detail |
about Hardware and Firmware |
PD-0002 |
| |
Acceptability of IKE Authentication as "Single Use" In Firewall PPs |
PD-0105 |
| Is an Access Control Decision made at the beginning of a session |
acceptable ? |
PD-0025 |
| Is Intermingling Multiple PPs in One Document |
Acceptable ? |
PD-0034 |
| Can |
Access Control Attributes Determine Users In A Role? |
PD-0012 |
| Is an |
Access Control Decision made at the beginning of a session acceptable? |
PD-0025 |
| Meaning of " |
access control and/or information flow control SFPs" in FPT_SEP |
PD-0065 |
| For the Controlled |
Access Protection Profile (CAPP), must all events be pre-selectable? Post-selectable? |
PD-0067 |
| Custom |
Access Control Language for FDP_IFC and FDP_IFF |
PD-0096 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) |
Access System Protection Profile for Basic Robustness Environments |
PD-0141 |
| Medium Robustness Traffic Filtering PP: Administrator |
accounts |
PD-0134 |
| Does ISO 9001 Certification imply that |
ACM _CAP.2 has been met? |
PD-0092 |
| Handling Audit Section Text: |
Actions vs. Information To Be Recorded |
PD-0031 |
| Auditing "Subject Identity" for |
Actions Not Taken by TSP Subjects |
PD-0064 |
| |
Actions /Information Required of the Developer and Evaluator When Performing ADV_RCR Work |
PD-0110 |
| Information Flow Policies with No |
Active Decision |
PD-0098 |
| STs |
Adding Requirements to Protection Profiles |
PD-0087 |
| Effect of |
Addition of Environmental Assumptions on PP Compliance |
PD-0055 |
| |
Administrator -entered Code Used To Meet SFRs |
PD-0126 |
| Medium Robustness Traffic Filtering PP: |
Administrator accounts |
PD-0134 |
| Meeting the |
ADO _DEL.3 Requirement |
PD-0114 |
| How Should Libraries Be Handled Relative to the |
ADV _FSP.1 work units of the CEM? |
PD-0050 |
| Are All Aspects of the TSFI Documented in |
ADV _FSP.2? |
PD-0077 |
| Actions/Information Required of the Developer and Evaluator When Performing |
ADV _RCR Work |
PD-0110 |
| Format of the |
ADV _IMP Implementation Representation |
PD-0121 |
| Specifying the "number of times" in FIA_ |
AFL .1.1 |
PD-0068 |
| Situations Where |
AGD _USR May Be Vacuously Satisfied |
PD-0106 |
| Clarification of |
Alert requirement in Basic Robustness Anti-Virus PP |
PD-0130 |
| Typographical error in the |
ALFWPP -MED with respect to FDP_IFF.1(1) and FDP_IFF.1(2) |
PD-0026 |
| Third Party Authentication is permitted by the |
ALFWPP -MR |
PD-0115 |
| For the Controlled Access Protection Profile (CAPP), must |
all events be pre-selectable? Post-selectable? |
PD-0067 |
| Are |
All Aspects of the TSFI Documented in ADV_FSP.2? |
PD-0077 |
| Testing |
All Claimed Platforms |
PD-0104 |
| |
Allocation of Requirements in a PP to the Environment |
PD-0019 |
| Site Visit - |
Alternative Evaluation Methodology |
PD-0094 |
| Dependency Correctness for |
AMA _CAT.1 |
PD-0032 |
| |
Ambiguities Resulting From Choosing More Than One Selection In An Assignment |
PD-0037 |
| TSF Representations Split |
Among Documents |
PD-0013 |
| Claiming compliance to FPT_ |
AMT .1 |
PD-0069 |
| Developer Vulnerability |
Analysis |
PD-0088 |
| Compliance with IDS |
Analyzer PP Export Requirements |
PD-0127 |
| Clarification of Alert requirement in Basic Robustness |
Anti -Virus PP |
PD-0130 |
| SOF Claims for PPs without |
any Permutational or Probabilistic Mechanisms |
PD-0048 |
| NIAP Requirements for PP Registration Information for |
APE _INT.1 |
PD-0015 |
| Evidence for |
APE Assurance Requirements |
PD-0016 |
| Parsing of |
APE _OBJ.1.3C |
PD-0017 |
| What evidence is required by |
APE _REQ.1.4C? |
PD-0044 |
| |
Applicability of FIA_UAU.7 Application Note in CAPP v1.d |
PD-0119 |
| Usage of the Term "Loopback Network" in the |
Application Level Firewall PP |
PD-0018 |
| Redundancy between Overview Material and |
Application Notes in a PP |
PD-0028 |
| Can |
application notes contain requirements? |
PD-0039 |
| Applicability of FIA_UAU.7 |
Application Note in CAPP v1.d |
PD-0119 |
| Satisfaction of Requirements by |
Applications Running on Untrusted Products |
PD-0004 |
| Clarify CCEVS Policy for |
Applying NIAP Interpretations |
PD-0103 |
| What is an |
appropriate TOE Reference? |
PD-0054 |
| What SOF Claim is |
appropriate when there are no probabilistic or permutational mechanisms |
PD-0086 |
| |
Are All Aspects of the TSFI Documented in ADV_FSP.2? |
PD-0077 |
| What SOF Claim is appropriate when there |
are no probabilistic or permutational mechanisms |
PD-0086 |
| CIMC PP Compliance for Iterated Requirements that |
are Satisfied by the IT Environment |
PD-0102 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local |
Area Network (WLAN) Client for Basic Robustness Environments Protection Profile |
PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local |
Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments |
PD-0141 |
| Can User Identity Be Listed |
As An Attribute for FIA_ATD.1? |
PD-0042 |
| Acceptability of IKE Authentication |
as "Single Use" In Firewall PPs |
PD-0105 |
| Defining Protocols |
as Internal or External Interfaces |
PD-0123 |
| Are All |
Aspects of the TSFI Documented in ADV_FSP.2? |
PD-0077 |
| Ambiguities Resulting From Choosing More Than One Selection In An |
Assignment |
PD-0037 |
| Empty |
Assignment Operation |
PD-0072 |
| Effect of Addition of Environmental |
Assumptions on PP Compliance |
PD-0055 |
| |
Assumptions in the IDS PP v1.4 |
PD-0118 |
| Choice of functional components not limited by choice of |
assurance components |
PD-0007 |
| Evidence for APE |
Assurance Requirements |
PD-0016 |
| Level of Detail Necessary for |
Assurance Requirements on Third Party Products |
PD-0101 |
| Can User Identity Be Listed As An Attribute for FIA_ |
ATD .1? |
PD-0042 |
| Necessity For A Test Plan to Specifically Satisfy The Requirements for |
ATE _FUN.1.2C |
PD-0014 |
| Exhaustiveness of |
ATE _IND Testing |
PD-0056 |
| Exempting sensitive |
attribute data items from capture in the audit log |
PD-0009 |
| |
Attribute Inheritance/Modification Rules Need To Be Included In Policy |
PD-0011 |
| Can User Identity Be Listed As An |
Attribute for FIA_ATD.1? |
PD-0042 |
| Can Access Control |
Attributes Determine Users In A Role? |
PD-0012 |
| Initialization of Default Values of Security |
Attributes |
PD-0030 |
| Exempting sensitive attribute data items from capture in the |
audit log |
PD-0009 |
| Site-Configurable Prevention Of |
Audit Loss |
PD-0010 |
| Conformance with a PP with respect to Level of |
Audit |
PD-0024 |
| Handling |
Audit Section Text: Actions vs. Information To Be Recorded |
PD-0031 |
| Can the lists of |
Audit Events and Audit Information be Combined into a single Table? |
PD-0035 |
| Can the lists of Audit Events and |
Audit Information be Combined into a single Table? |
PD-0035 |
| Is It Necessary To Repeat The List Of |
Audit Information in FAU_GEN.1 |
PD-0057 |
| IDSSPP v1.4: Compliance with the Selective |
Audit Requirement |
PD-0116 |
| |
Audit Pre-Selection in the CIMC PP |
PD-0125 |
| Deletion of the oldest |
audit events when audit storage space is exhausted |
PD-0129 |
| Deletion of the oldest audit events when |
audit storage space is exhausted |
PD-0129 |
| Create Object |
Audit Event and CAPP Compliance |
PD-0131 |
| In FAU_SEL.1, What Is Meant By "the set of |
audited events"? |
PD-0066 |
| |
Auditing "Subject Identity" for Actions Not Taken by TSP Subjects |
PD-0064 |
| Acceptability of IKE |
Authentication as "Single Use" In Firewall PPs |
PD-0105 |
| Third Party |
Authentication is permitted by the ALFWPP-MR |
PD-0115 |
| Warning |
Banner Must Be Human Readable Text |
PD-0040 |
| Clarification of Alert requirement in |
Basic Robustness Anti-Virus PP |
PD-0130 |
| on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for |
Basic Robustness Environments Protection Profile [Clarification |
PD-0140 |
| consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for |
Basic Robustness Environments [on conformance to |
PD-0141 |
| Does ISO 9001 Certification imply that ACM_CAP.2 has |
been met? |
PD-0092 |
| Is an Access Control Decision made at the |
beginning of a session acceptable? |
PD-0025 |
| Redundancy |
between Overview Material and Application Notes in a PP |
PD-0028 |
| Distinction |
between Internal and External Networks in a Firewall PP |
PD-0036 |
| Can There Be A Single |
Blanket Description Of Error Messages in an FSP? |
PD-0052 |
| Description of Logical and Physical |
Boundaries |
PD-0122 |
| Does ISO 9001 Certification imply that ACM_ |
CAP .2 has been met? |
PD-0092 |
| For the Controlled Access Protection Profile ( |
CAPP ), must all events be pre-selectable? Post-selectable? |
PD-0067 |
| Applicability of FIA_UAU.7 Application Note in |
CAPP v1.d |
PD-0119 |
| Create Object Audit Event and |
CAPP Compliance |
PD-0131 |
| Exempting sensitive attribute data items from |
capture in the audit log |
PD-0009 |
| Dependency Correctness for AMA_ |
CAT .1 |
PD-0032 |
| Can a product claim conformance to an earlier version of the |
CC ? |
PD-0070 |
| |
CC V3 PP Conformance Type Consistency |
PD-0137 |
| |
CC V3 Conformance Type for Existing CC V2 PPs |
PD-0139 |
| CC V3 Conformance Type for Existing |
CC V2 PPs |
PD-0139 |
| Clarify |
CCEVS Policy for Applying NIAP Interpretations |
PD-0103 |
| Using |
CCv 2.x PPs with CCv3.1 STs: Handling of FPT_SEP and FPT_RVM |
PD-0136 |
| Using CCv2.x PPs with |
CCv 3.1 STs: Handling of FPT_SEP and FPT_RVM |
PD-0136 |
| When should monitoring of the public domain for new 'obvious vulnerabilities' |
cease ? |
PD-0008 |
| How Should Libraries Be Handled Relative to the ADV_FSP.1 work units of the |
CEM ? |
PD-0050 |
| Does ISO 9001 |
Certification imply that ACM_CAP.2 has been met? |
PD-0092 |
| FTP_ITC.1.3 Specifies The Functions For Which A Trusted |
Channel Is Provided |
PD-0108 |
| |
Choice of functional components not limited by choice of assurance components |
PD-0007 |
| Choice of functional components not limited by |
choice of assurance components |
PD-0007 |
| Ambiguities Resulting From |
Choosing More Than One Selection In An Assignment |
PD-0037 |
| |
CIMC PP Compliance for Iterated Requirements that are Satisfied by the IT Environment |
PD-0102 |
| Audit Pre-Selection in the |
CIMC PP |
PD-0125 |
| Can a product |
claim conformance to an earlier version of the CC? |
PD-0070 |
| What SOF |
Claim is appropriate when there are no probabilistic or permutational mechanisms |
PD-0086 |
| Can a non-hardware TOE |
claim conformance with FPT_SEP.1? |
PD-0112 |
| Testing All |
Claimed Platforms |
PD-0104 |
| |
Claiming compliance to FPT_AMT.1 |
PD-0069 |
| Evaluation of TOE |
claiming compatibility with multiple IT environments |
PD-0084 |
| SOF |
Claims for PPs without any Permutational or Probabilistic Mechanisms |
PD-0048 |
| |
Clarification of Alert requirement in Basic Robustness Anti-Virus PP |
PD-0130 |
| |
Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client |
PD-0140 |
| |
Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access |
PD-0141 |
| |
Clarify CCEVS Policy for Applying NIAP Interpretations |
PD-0103 |
| |
Clarify the Definitive Source of International Interps |
PD-0111 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) |
Client for Basic Robustness Environments Protection Profile |
PD-0140 |
| Administrator-entered |
Code Used To Meet SFRs |
PD-0126 |
| Can the lists of Audit Events and Audit Information be |
Combined into a single Table? |
PD-0035 |
| Evaluation of TOE claiming |
compatibility with multiple IT environments |
PD-0084 |
| Reflecting |
Compliance With Multiple PPs |
PD-0047 |
| Effect of Addition of Environmental Assumptions on PP |
Compliance |
PD-0055 |
| Claiming |
compliance to FPT_AMT.1 |
PD-0069 |
| PP |
compliance with portion of TOE SFR in Environment |
PD-0082 |
| |
Compliance with IDS System PP Export Requirements |
PD-0097 |
| CIMC PP |
Compliance for Iterated Requirements that are Satisfied by the IT Environment |
PD-0102 |
| IDSSPP v1.4: |
Compliance with the Selective Audit Requirement |
PD-0116 |
| |
Compliance with IDS Analyzer PP Export Requirements |
PD-0127 |
| Create Object Audit Event and CAPP |
Compliance |
PD-0131 |
| Choice of functional |
components not limited by choice of assurance components |
PD-0007 |
| Choice of functional components not limited by choice of assurance |
components |
PD-0007 |
| Does One Reference or Transcribe Requirements When Including |
Components in a PP/ST? |
PD-0060 |
| Questions |
Concerning the Peripheral Sharing Switch PP |
PD-0093 |
| Partial Conformance to a PP/ |
Conditional Requirements in a PP |
PD-0073 |
| Site- |
Configurable Prevention Of Audit Loss |
PD-0010 |
| Draft Documents and |
Configuration Control |
PD-0003 |
| |
Conformance with a PP with respect to Level of Audit |
PD-0024 |
| Can a product claim |
conformance to an earlier version of the CC? |
PD-0070 |
| Partial |
Conformance to a PP/Conditional Requirements in a PP |
PD-0073 |
| Can a non-hardware TOE claim |
conformance with FPT_SEP.1? |
PD-0112 |
| PP |
conformance Using an Underlying Evaluated Product |
PD-0117 |
| CC V3 PP |
Conformance Type Consistency |
PD-0137 |
| CC V3 |
Conformance Type for Existing CC V2 PPs |
PD-0139 |
| Clarification on |
conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic |
PD-0140 |
| Clarification on |
conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection |
PD-0141 |
| CC V3 PP Conformance Type |
Consistency |
PD-0137 |
| Clarification on conformance to |
consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness |
PD-0140 |
| Clarification on conformance to |
consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for |
PD-0141 |
| Can application notes |
contain requirements? |
PD-0039 |
| "Overwriting" in the |
Context of Non-Disk Memory (Medium Robustness Profiles) |
PD-0135 |
| Draft Documents and Configuration |
Control |
PD-0003 |
| Can Access |
Control Attributes Determine Users In A Role? |
PD-0012 |
| Is an Access |
Control Decision made at the beginning of a session acceptable? |
PD-0025 |
| Meaning of "access |
control and/or information flow control SFPs" in FPT_SEP |
PD-0065 |
| Meaning of "access control and/or information flow |
control SFPs" in FPT_SEP |
PD-0065 |
| Custom Access |
Control Language for FDP_IFC and FDP_IFF |
PD-0096 |
| For the |
Controlled Access Protection Profile (CAPP), must all events be pre-selectable? Post-selectable? |
PD-0067 |
| Dependency |
Correctness for AMA_CAT.1 |
PD-0032 |
| |
Create Object Audit Event and CAPP Compliance |
PD-0131 |
| |
Custom Access Control Language for FDP_IFC and FDP_IFF |
PD-0096 |
| Applicability of FIA_UAU.7 Application Note in CAPP v1. |
d |
PD-0119 |
| Exempting sensitive attribute |
data items from capture in the audit log |
PD-0009 |
| |
Dealing with Errors in a PP |
PD-0074 |
| Is an Access Control |
Decision made at the beginning of a session acceptable? |
PD-0025 |
| Information Flow Policies with No Active |
Decision |
PD-0098 |
| Design |
Decomposition for Physical Security |
PD-0023 |
| Initialization of |
Default Values of Security Attributes |
PD-0030 |
| Where should the TOE Security Policy be |
defined ? |
PD-0027 |
| |
Defining Protocols as Internal or External Interfaces |
PD-0123 |
| |
Definition of Security Relevant |
PD-0005 |
| Clarify the |
Definitive Source of International Interps |
PD-0111 |
| Meeting the ADO_ |
DEL .3 Requirement |
PD-0114 |
| |
Deletion of the oldest audit events when audit storage space is exhausted |
PD-0129 |
| |
Delivery and Installation Guidance for Vendor-Installed Modules |
PD-0029 |
| |
Dependencies of Requirements on the IT Environment |
PD-0091 |
| |
Dependency Correctness for AMA_CAT.1 |
PD-0032 |
| |
Depth of Protocol or Interface Examination |
PD-0124 |
| Identification and |
Description of TSF Interfaces |
PD-0049 |
| Can There Be A Single Blanket |
Description Of Error Messages in an FSP? |
PD-0052 |
| |
Description of Logical and Physical Boundaries |
PD-0122 |
| |
Design Decomposition for Physical Security |
PD-0023 |
| Level of |
Detail about Hardware and Firmware |
PD-0002 |
| Level of |
Detail Necessary for Assurance Requirements on Third Party Products |
PD-0101 |
| Level of |
Detail in SFRs |
PD-0133 |
| Can Access Control Attributes |
Determine Users In A Role? |
PD-0012 |
| |
Developer Vulnerability Analysis |
PD-0088 |
| Actions/Information Required of the |
Developer and Evaluator When Performing ADV_RCR Work |
PD-0110 |
| Multiple Hardware Models with |
Different SFRs in One Security Target |
PD-0109 |
| "Overwriting" in the Context of Non- |
Disk Memory (Medium Robustness Profiles) |
PD-0135 |
| |
Distinction between Internal and External Networks in a Firewall PP |
PD-0036 |
| Is Intermingling Multiple PPs in One |
Document Acceptable? |
PD-0034 |
| Are All Aspects of the TSFI |
Documented in ADV_FSP.2? |
PD-0077 |
| Draft |
Documents and Configuration Control |
PD-0003 |
| TSF Representations Split Among |
Documents |
PD-0013 |
| |
Does One Reference or Transcribe Requirements When Including Components in a PP/ST? |
PD-0060 |
| What |
Does It Mean To Provide A Mechanism To Support A Function? |
PD-0076 |
| |
Does FDP_RIP.2 imply hardware must be in the TOE? |
PD-0081 |
| |
Does ISO 9001 Certification imply that ACM_CAP.2 has been met? |
PD-0092 |
| When should monitoring of the public |
domain for new 'obvious vulnerabilities' cease? |
PD-0008 |
| |
Draft Documents and Configuration Control |
PD-0003 |
| Referencing |
Draft External Specifications in a Protection Profile |
PD-0033 |
| Use of Unevaluated Hardware |
during Testing? |
PD-0080 |
| Test Evidence that must be provided at |
EAL 2 |
PD-0022 |
| |
EAL 2 Testing Requirements |
PD-0058 |
| How Much Testing Is Required At |
EAL 2? |
PD-0059 |
| Can a product claim conformance to an |
earlier version of the CC? |
PD-0070 |
| |
Effect of Addition of Environmental Assumptions on PP Compliance |
PD-0055 |
| |
Empty Assignment Operation |
PD-0072 |
| User in the Loop for Policy |
Enforcement |
PD-0095 |
| Administrator- |
entered Code Used To Meet SFRs |
PD-0126 |
| Can non-TSF |
entities be included in the TOE by an ST? |
PD-0043 |
| Can Sorting and Searching Tools be Provided in the |
Environment |
PD-0006 |
| Allocation of Requirements in a PP to the |
Environment |
PD-0019 |
| PP compliance with portion of TOE SFR in |
Environment |
PD-0082 |
| Dependencies of Requirements on the IT |
Environment |
PD-0091 |
| FIA_UID.2, FIA_UAU.2, and FPT_STM.1 Requirements: On the IT |
Environment ? |
PD-0099 |
| CIMC PP Compliance for Iterated Requirements that are Satisfied by the IT |
Environment |
PD-0102 |
| Effect of Addition of |
Environmental Assumptions on PP Compliance |
PD-0055 |
| Evaluation of TOE claiming compatibility with multiple IT |
environments |
PD-0084 |
| to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness |
Environments Protection Profile [on conformance |
PD-0140 |
| noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness |
Environments [consistency issues |
PD-0141 |
| Typographical |
error in the ALFWPP-MED with respect to FDP_IFF.1(1) and FDP_IFF.1(2) |
PD-0026 |
| Must Only Security Relevant |
Error Messages Be Provided In An FSP? |
PD-0051 |
| Can There Be A Single Blanket Description Of |
Error Messages in an FSP? |
PD-0052 |
| Dealing with |
Errors in a PP |
PD-0074 |
| Use of an Intelligent Printer (PCL) in an |
Evaluated Product |
PD-0041 |
| PP conformance Using an Underlying |
Evaluated Product |
PD-0117 |
| |
Evaluation of TOE claiming compatibility with multiple IT environments |
PD-0084 |
| Site Visit - Alternative |
Evaluation Methodology |
PD-0094 |
| When can |
evaluation evidence be reused? |
PD-0100 |
| Use of Third-party Security Mechanisms in TOE |
Evaluations |
PD-0113 |
| Actions/Information Required of the Developer and |
Evaluator When Performing ADV_RCR Work |
PD-0110 |
| Create Object Audit |
Event and CAPP Compliance |
PD-0131 |
| Can the lists of Audit |
Events and Audit Information be Combined into a single Table? |
PD-0035 |
| In FAU_SEL.1, What Is Meant By "the set of audited |
events "? |
PD-0066 |
| For the Controlled Access Protection Profile (CAPP), must all |
events be pre-selectable? Post-selectable? |
PD-0067 |
| Deletion of the oldest audit |
events when audit storage space is exhausted |
PD-0129 |
| |
Evidence for APE Assurance Requirements |
PD-0016 |
| Test |
Evidence that must be provided at EAL2 |
PD-0022 |
| What |
evidence is required by APE_REQ.1.4C? |
PD-0044 |
| When can evaluation |
evidence be reused? |
PD-0100 |
| Depth of Protocol or Interface |
Examination |
PD-0124 |
| |
Exclusion or Inclusion of an Operating System in the TOE? |
PD-0046 |
| |
Exempting sensitive attribute data items from capture in the audit log |
PD-0009 |
| Deletion of the oldest audit events when audit storage space is |
exhausted |
PD-0129 |
| |
Exhaustiveness of ATE_IND Testing |
PD-0056 |
| CC V3 Conformance Type for |
Existing CC V2 PPs |
PD-0139 |
| How to Handle |
Explicitly Specified Requirements? |
PD-0085 |
| Compliance with IDS System PP |
Export Requirements |
PD-0097 |
| Compliance with IDS Analyzer PP |
Export Requirements |
PD-0127 |
| Referencing Draft |
External Specifications in a Protection Profile |
PD-0033 |
| Distinction between Internal and |
External Networks in a Firewall PP |
PD-0036 |
| Defining Protocols as Internal or |
External Interfaces |
PD-0123 |
| Is It Necessary To Repeat The List Of Audit Information in |
FAU _GEN.1 |
PD-0057 |
| In |
FAU _SEL.1, What Is Meant By "the set of audited events"? |
PD-0066 |
| Meaning of Resources in |
FDP _RIP.2 |
PD-0001 |
| Typographical error in the ALFWPP-MED with respect to |
FDP _IFF.1(1) and FDP_IFF.1(2) |
PD-0026 |
| Typographical error in the ALFWPP-MED with respect to FDP_IFF.1(1) and |
FDP _IFF.1(2) |
PD-0026 |
| Does |
FDP _RIP.2 imply hardware must be in the TOE? |
PD-0081 |
| Custom Access Control Language for |
FDP _IFC and FDP_IFF |
PD-0096 |
| Custom Access Control Language for FDP_IFC and |
FDP _IFF |
PD-0096 |
| Can User Identity Be Listed As An Attribute for |
FIA _ATD.1? |
PD-0042 |
| Specifying the "number of times" in |
FIA _AFL.1.1 |
PD-0068 |
| |
FIA _UID.2, FIA_UAU.2, and FPT_STM.1 Requirements: On the IT Environment? |
PD-0099 |
| FIA_UID.2, |
FIA _UAU.2, and FPT_STM.1 Requirements: On the IT Environment? |
PD-0099 |
| Applicability of |
FIA _UAU.7 Application Note in CAPP v1.d |
PD-0119 |
| Medium Robustness Traffic |
Filtering PP: Administrator accounts |
PD-0134 |
| Usage of the Term "Loopback Network" in the Application Level |
Firewall PP |
PD-0018 |
| Distinction between Internal and External Networks in a |
Firewall PP |
PD-0036 |
| Acceptability of IKE Authentication as "Single Use" In |
Firewall PPs |
PD-0105 |
| Level of Detail about Hardware and |
Firmware |
PD-0002 |
| Meaning of "access control and/or information |
flow control SFPs" in FPT_SEP |
PD-0065 |
| Information |
Flow Policies with No Active Decision |
PD-0098 |
| |
Format of the ADV_IMP Implementation Representation |
PD-0121 |
| Meaning of "access control and/or information flow control SFPs" in |
FPT _SEP |
PD-0065 |
| Claiming compliance to |
FPT _AMT.1 |
PD-0069 |
| FIA_UID.2, FIA_UAU.2, and |
FPT _STM.1 Requirements: On the IT Environment? |
PD-0099 |
| IDSSPP v1.4: |
FPT _STM.1 Must Be Met by the TOE |
PD-0107 |
| Can a non-hardware TOE claim conformance with |
FPT _SEP.1? |
PD-0112 |
| Using CCv2.x PPs with CCv3.1 STs: Handling of |
FPT _SEP and FPT_RVM |
PD-0136 |
| Using CCv2.x PPs with CCv3.1 STs: Handling of FPT_SEP and |
FPT _RVM |
PD-0136 |
| How Should Libraries Be Handled Relative to the ADV_ |
FSP .1 work units of the CEM? |
PD-0050 |
| Must Only Security Relevant Error Messages Be Provided In An |
FSP ? |
PD-0051 |
| Can There Be A Single Blanket Description Of Error Messages in an |
FSP ? |
PD-0052 |
| Are All Aspects of the TSFI Documented in ADV_ |
FSP .2? |
PD-0077 |
| |
FTP _ITC.1.3 Specifies The Functions For Which A Trusted Channel Is Provided |
PD-0108 |
| Necessity For A Test Plan to Specifically Satisfy The Requirements for ATE_ |
FUN .1.2C |
PD-0014 |
| What Does It Mean To Provide A Mechanism To Support A |
Function ? |
PD-0076 |
| Choice of |
functional components not limited by choice of assurance components |
PD-0007 |
| Identification of Operations on Security |
Functional Requirements |
PD-0071 |
| Management of |
Functions with No Specific Requirements |
PD-0020 |
| FTP_ITC.1.3 Specifies The |
Functions For Which A Trusted Channel Is Provided |
PD-0108 |
| Is It Necessary To Repeat The List Of Audit Information in FAU_ |
GEN .1 |
PD-0057 |
| Clarification on conformance to consistency issues noted in the U.S. |
Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile |
PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. |
Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments |
PD-0141 |
| Delivery and Installation |
Guidance for Vendor-Installed Modules |
PD-0029 |
| How to |
Handle Explicitly Specified Requirements? |
PD-0085 |
| How Should Libraries Be |
Handled Relative to the ADV_FSP.1 work units of the CEM? |
PD-0050 |
| |
Handling Audit Section Text: Actions vs. Information To Be Recorded |
PD-0031 |
| |
Handling of Interpretations |
PD-0079 |
| Using CCv2.x PPs with CCv3.1 STs: |
Handling of FPT_SEP and FPT_RVM |
PD-0136 |
| Level of Detail about |
Hardware and Firmware |
PD-0002 |
| Use of Unevaluated |
Hardware during Testing? |
PD-0080 |
| Does FDP_RIP.2 imply |
hardware must be in the TOE? |
PD-0081 |
| Multiple |
Hardware Models with Different SFRs in One Security Target |
PD-0109 |
| Can a non- |
hardware TOE claim conformance with FPT_SEP.1? |
PD-0112 |
| Does ISO 9001 Certification imply that ACM_CAP.2 |
has been met? |
PD-0092 |
| Identification of Interfaces in |
HLD |
PD-0075 |
| |
How Should Libraries Be Handled Relative to the ADV_FSP.1 work units of the CEM? |
PD-0050 |
| |
How Much Testing Is Required At EAL2? |
PD-0059 |
| |
How to Handle Explicitly Specified Requirements? |
PD-0085 |
| Warning Banner Must Be |
Human Readable Text |
PD-0040 |
| Missing Methodology for NIAP |
I -0385 (Identification Of Standards) |
PD-0021 |
| Missing Methodology for NIAP I-0385 ( |
Identification Of Standards) |
PD-0021 |
| |
Identification and Description of TSF Interfaces |
PD-0049 |
| |
Identification of Operations on Security Functional Requirements |
PD-0071 |
| |
Identification of Interfaces in HLD |
PD-0075 |
| |
Identification of Standards |
PD-0083 |
| Can User |
Identity Be Listed As An Attribute for FIA_ATD.1? |
PD-0042 |
| Auditing "Subject |
Identity " for Actions Not Taken by TSP Subjects |
PD-0064 |
| Compliance with |
IDS System PP Export Requirements |
PD-0097 |
| Assumptions in the |
IDS PP v1.4 |
PD-0118 |
| Compliance with |
IDS Analyzer PP Export Requirements |
PD-0127 |
| |
IDSSPP v1.4: FPT_STM.1 Must Be Met by the TOE |
PD-0107 |
| |
IDSSPP v1.4: Compliance with the Selective Audit Requirement |
PD-0116 |
| Custom Access Control Language for FDP_ |
IFC and FDP_IFF |
PD-0096 |
| Typographical error in the ALFWPP-MED with respect to FDP_ |
IFF .1(1) and FDP_IFF.1(2) |
PD-0026 |
| Typographical error in the ALFWPP-MED with respect to FDP_IFF.1(1) and FDP_ |
IFF .1(2) |
PD-0026 |
| Custom Access Control Language for FDP_IFC and FDP_ |
IFF |
PD-0096 |
| Acceptability of |
IKE Authentication as "Single Use" In Firewall PPs |
PD-0105 |
| Format of the ADV_ |
IMP Implementation Representation |
PD-0121 |
| Format of the ADV_IMP |
Implementation Representation |
PD-0121 |
| Does FDP_RIP.2 |
imply hardware must be in the TOE? |
PD-0081 |
| Does ISO 9001 Certification |
imply that ACM_CAP.2 has been met? |
PD-0092 |
| Attribute Inheritance/Modification Rules Need To Be |
Included In Policy |
PD-0011 |
| Can non-TSF entities be |
included in the TOE by an ST? |
PD-0043 |
| Does One Reference or Transcribe Requirements When |
Including Components in a PP/ST? |
PD-0060 |
| Exclusion or |
Inclusion of an Operating System in the TOE? |
PD-0046 |
| |
Incorporation of interpretations into a PP |
PD-0078 |
| Exhaustiveness of ATE_ |
IND Testing |
PD-0056 |
| NIAP Requirements for PP Registration |
Information for APE_INT.1 |
PD-0015 |
| Handling Audit Section Text: Actions vs. |
Information To Be Recorded |
PD-0031 |
| Can the lists of Audit Events and Audit |
Information be Combined into a single Table? |
PD-0035 |
| Is It Necessary To Repeat The List Of Audit |
Information in FAU_GEN.1 |
PD-0057 |
| What |
Information Must Be Provided in the TSS Rationale? |
PD-0063 |
| Meaning of "access control and/or |
information flow control SFPs" in FPT_SEP |
PD-0065 |
| |
Information Flow Policies with No Active Decision |
PD-0098 |
| Actions/ |
Information Required of the Developer and Evaluator When Performing ADV_RCR Work |
PD-0110 |
| |
Information in Test Results for Manual Tests |
PD-0128 |
| Attribute |
Inheritance /Modification Rules Need To Be Included In Policy |
PD-0011 |
| |
Initialization of Default Values of Security Attributes |
PD-0030 |
| Delivery and |
Installation Guidance for Vendor-Installed Modules |
PD-0029 |
| Delivery and Installation Guidance for Vendor- |
Installed Modules |
PD-0029 |
| NIAP Requirements for PP Registration Information for APE_ |
INT .1 |
PD-0015 |
| Use of an |
Intelligent Printer (PCL) in an Evaluated Product |
PD-0041 |
| Depth of Protocol or |
Interface Examination |
PD-0124 |
| Identification and Description of TSF |
Interfaces |
PD-0049 |
| Identification of |
Interfaces in HLD |
PD-0075 |
| Defining Protocols as Internal or External |
Interfaces |
PD-0123 |
| Is |
Intermingling Multiple PPs in One Document Acceptable? |
PD-0034 |
| Distinction between |
Internal and External Networks in a Firewall PP |
PD-0036 |
| Defining Protocols as |
Internal or External Interfaces |
PD-0123 |
| Clarify the Definitive Source of |
International Interps |
PD-0111 |
| Incorporation of |
interpretations into a PP |
PD-0078 |
| Handling of |
Interpretations |
PD-0079 |
| Clarify CCEVS Policy for Applying NIAP |
Interpretations |
PD-0103 |
| Clarify the Definitive Source of International |
Interps |
PD-0111 |
| Can the lists of Audit Events and Audit Information be Combined |
into a single Table? |
PD-0035 |
| Incorporation of interpretations |
into a PP |
PD-0078 |
| Does |
ISO 9001 Certification imply that ACM_CAP.2 has been met? |
PD-0092 |
| |
Issues Related to Software Only TOEs |
PD-0053 |
| Clarification on conformance to consistency |
issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection |
PD-0140 |
| Clarification on conformance to consistency |
issues noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic |
PD-0141 |
| Is |
It Necessary To Repeat The List Of Audit Information in FAU_GEN.1 |
PD-0057 |
| What Does |
It Mean To Provide A Mechanism To Support A Function? |
PD-0076 |
| Evaluation of TOE claiming compatibility with multiple |
IT environments |
PD-0084 |
| Dependencies of Requirements on the |
IT Environment |
PD-0091 |
| FIA_UID.2, FIA_UAU.2, and FPT_STM.1 Requirements: On the |
IT Environment? |
PD-0099 |
| CIMC PP Compliance for Iterated Requirements that are Satisfied by the |
IT Environment |
PD-0102 |
| FTP_ |
ITC .1.3 Specifies The Functions For Which A Trusted Channel Is Provided |
PD-0108 |
| Exempting sensitive attribute data |
items from capture in the audit log |
PD-0009 |
| CIMC PP Compliance for |
Iterated Requirements that are Satisfied by the IT Environment |
PD-0102 |
| TOE |
Labels |
PD-0090 |
| Custom Access Control |
Language for FDP_IFC and FDP_IFF |
PD-0096 |
| |
Level of Detail about Hardware and Firmware |
PD-0002 |
| Usage of the Term "Loopback Network" in the Application |
Level Firewall PP |
PD-0018 |
| Conformance with a PP with respect to |
Level of Audit |
PD-0024 |
| |
Level of Detail Necessary for Assurance Requirements on Third Party Products |
PD-0101 |
| |
Level of Detail in SFRs |
PD-0133 |
| How Should |
Libraries Be Handled Relative to the ADV_FSP.1 work units of the CEM? |
PD-0050 |
| Terminating Sessions in |
lieu of Locking Sessions |
PD-0132 |
| Choice of functional components not |
limited by choice of assurance components |
PD-0007 |
| Is It Necessary To Repeat The |
List Of Audit Information in FAU_GEN.1 |
PD-0057 |
| Can User Identity Be |
Listed As An Attribute for FIA_ATD.1? |
PD-0042 |
| Can the |
lists of Audit Events and Audit Information be Combined into a single Table? |
PD-0035 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless |
Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile |
PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless |
Local Area Network (WLAN) Access System Protection Profile for Basic Robustness Environments |
PD-0141 |
| Terminating Sessions in lieu of |
Locking Sessions |
PD-0132 |
| Exempting sensitive attribute data items from capture in the audit |
log |
PD-0009 |
| Description of |
Logical and Physical Boundaries |
PD-0122 |
| User in the |
Loop for Policy Enforcement |
PD-0095 |
| Usage of the Term " |
Loopback Network" in the Application Level Firewall PP |
PD-0018 |
| Site-Configurable Prevention Of Audit |
Loss |
PD-0010 |
| |
Management of Functions with No Specific Requirements |
PD-0020 |
| Information in Test Results for |
Manual Tests |
PD-0128 |
| Redundancy between Overview |
Material and Application Notes in a PP |
PD-0028 |
| Situations Where AGD_USR |
May Be Vacuously Satisfied |
PD-0106 |
| What Does It |
Mean To Provide A Mechanism To Support A Function? |
PD-0076 |
| |
Meaning of Resources in FDP_RIP.2 |
PD-0001 |
| |
Meaning of "access control and/or information flow control SFPs" in FPT_SEP |
PD-0065 |
| In FAU_SEL.1, What Is |
Meant By "the set of audited events"? |
PD-0066 |
| What Does It Mean To Provide A |
Mechanism To Support A Function? |
PD-0076 |
| Specifying |
Mechanism in PP Objectives |
PD-0089 |
| SOF Claims for PPs without any Permutational or Probabilistic |
Mechanisms |
PD-0048 |
| What SOF Claim is appropriate when there are no probabilistic or permutational |
mechanisms |
PD-0086 |
| Use of Third-party Security |
Mechanisms in TOE Evaluations |
PD-0113 |
| Typographical error in the ALFWPP- |
MED with respect to FDP_IFF.1(1) and FDP_IFF.1(2) |
PD-0026 |
| |
Medium Robustness Traffic Filtering PP: Administrator accounts |
PD-0134 |
| "Overwriting" in the Context of Non-Disk Memory ( |
Medium Robustness Profiles) |
PD-0135 |
| Administrator-entered Code Used To |
Meet SFRs |
PD-0126 |
| |
Meeting the ADO_DEL.3 Requirement |
PD-0114 |
| "Overwriting" in the Context of Non-Disk |
Memory (Medium Robustness Profiles) |
PD-0135 |
| Sharing of Peripherals with |
Memory under the Peripheral Sharing PP |
PD-0138 |
| Must Only Security Relevant Error |
Messages Be Provided In An FSP? |
PD-0051 |
| Can There Be A Single Blanket Description Of Error |
Messages in an FSP? |
PD-0052 |
| Does ISO 9001 Certification imply that ACM_CAP.2 has been |
met ? |
PD-0092 |
| IDSSPP v1.4: FPT_STM.1 Must Be |
Met by the TOE |
PD-0107 |
| Missing |
Methodology for NIAP I-0385 (Identification Of Standards) |
PD-0021 |
| Site Visit - Alternative Evaluation |
Methodology |
PD-0094 |
| |
Missing Methodology for NIAP I-0385 (Identification Of Standards) |
PD-0021 |
| Multiple Hardware |
Models with Different SFRs in One Security Target |
PD-0109 |
| Attribute Inheritance/ |
Modification Rules Need To Be Included In Policy |
PD-0011 |
| Delivery and Installation Guidance for Vendor-Installed |
Modules |
PD-0029 |
| When should |
monitoring of the public domain for new 'obvious vulnerabilities' cease? |
PD-0008 |
| Ambiguities Resulting From Choosing |
More Than One Selection In An Assignment |
PD-0037 |
| Third Party Authentication is permitted by the ALFWPP- |
MR |
PD-0115 |
| How |
Much Testing Is Required At EAL2? |
PD-0059 |
| Is Intermingling |
Multiple PPs in One Document Acceptable? |
PD-0034 |
| Reflecting Compliance With |
Multiple PPs |
PD-0047 |
| Security Targets for a Software TOE that runs on |
Multiple Platforms |
PD-0061 |
| What Must Be Tested for an ST Running On |
Multiple Platforms? |
PD-0062 |
| Evaluation of TOE claiming compatibility with |
multiple IT environments |
PD-0084 |
| |
Multiple Hardware Models with Different SFRs in One Security Target |
PD-0109 |
| Is It |
Necessary To Repeat The List Of Audit Information in FAU_GEN.1 |
PD-0057 |
| Level of Detail |
Necessary for Assurance Requirements on Third Party Products |
PD-0101 |
| |
Necessity For A Test Plan to Specifically Satisfy The Requirements for ATE_FUN.1.2C |
PD-0014 |
| Attribute Inheritance/Modification Rules |
Need To Be Included In Policy |
PD-0011 |
| Usage of the Term "Loopback |
Network " in the Application Level Firewall PP |
PD-0018 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area |
Network (WLAN) Client for Basic Robustness Environments Protection Profile |
PD-0140 |
| Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area |
Network (WLAN) Access System Protection Profile for Basic Robustness Environments |
PD-0141 |
| Distinction between Internal and External |
Networks in a Firewall PP |
PD-0036 |
| When should monitoring of the public domain for |
new 'obvious vulnerabilities' cease? |
PD-0008 |
| |
NIAP Requirements for PP Registration Information for APE_INT.1 |
PD-0015 |
| Missing Methodology for |
NIAP I-0385 (Identification Of Standards) |
PD-0021 |
| Clarify CCEVS Policy for Applying |
NIAP Interpretations |
PD-0103 |
| Management of Functions with |
No Specific Requirements |
PD-0020 |
| What SOF Claim is appropriate when there are |
no probabilistic or permutational mechanisms |
PD-0086 |
| Information Flow Policies with |
No Active Decision |
PD-0098 |
| Can |
non -TSF entities be included in the TOE by an ST? |
PD-0043 |
| Can a |
non -hardware TOE claim conformance with FPT_SEP.1? |
PD-0112 |
| "Overwriting" in the Context of |
Non -Disk Memory (Medium Robustness Profiles) |
PD-0135 |
| Choice of functional components |
not limited by choice of assurance components |
PD-0007 |
| Auditing "Subject Identity" for Actions |
Not Taken by TSP Subjects |
PD-0064 |
| Applicability of FIA_UAU.7 Application |
Note in CAPP v1.d |
PD-0119 |
| Clarification on conformance to consistency issues |
noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection |
PD-0140 |
| Clarification on conformance to consistency issues |
noted in the U.S. Government Wireless Local Area Network (WLAN) Access System Protection Profile for Basic Robustness |
PD-0141 |
| Redundancy between Overview Material and Application |
Notes in a PP |
PD-0028 |
| Can application |
notes contain requirements? |
PD-0039 |
| Specifying the " |
number of times" in FIA_AFL.1.1 |
PD-0068 |
| Must Sublists In An SFR Be |
Numbered ? |
PD-0038 |
| Parsing of APE_ |
OBJ .1.3C |
PD-0017 |
| Create |
Object Audit Event and CAPP Compliance |
PD-0131 |
| Specifying Mechanism in PP |
Objectives |
PD-0089 |
| When should monitoring of the public domain for new ' |
obvious vulnerabilities' cease? |
PD-0008 |
| Deletion of the |
oldest audit events when audit storage space is exhausted |
PD-0129 |
| Is Intermingling Multiple PPs in |
One Document Acceptable? |
PD-0034 |
| Ambiguities Resulting From Choosing More Than |
One Selection In An Assignment |
PD-0037 |
| Does |
One Reference or Transcribe Requirements When Including Components in a PP/ST? |
PD-0060 |
| Multiple Hardware Models with Different SFRs in |
One Security Target |
PD-0109 |
| Must |
Only Security Relevant Error Messages Be Provided In An FSP? |
PD-0051 |
| Issues Related to Software |
Only TOEs |
PD-0053 |
| Exclusion or Inclusion of an |
Operating System in the TOE? |
PD-0046 |
| Empty Assignment |
Operation |
PD-0072 |
| Identification of |
Operations on Security Functional Requirements |
PD-0071 |
| Redundancy between |
Overview Material and Application Notes in a PP |
PD-0028 |
| " |
Overwriting " in the Context of Non-Disk Memory (Medium Robustness Profiles) |
PD-0135 |
| |
Parameter Validation Testing |
PD-0120 |
| |
Parsing of APE_OBJ.1.3C |
PD-0017 |
| |
Partial Conformance to a PP/Conditional Requirements in a PP |
PD-0073 |
| Level of Detail Necessary for Assurance Requirements on Third |
Party Products |
PD-0101 |
| Use of Third- |
party Security Mechanisms in TOE Evaluations |
PD-0113 |
| Third |
Party Authentication is permitted by the ALFWPP-MR |
PD-0115 |
| Use of an Intelligent Printer ( |
PCL ) in an Evaluated Product |
PD-0041 |
| Actions/Information Required of the Developer and Evaluator When |
Performing ADV_RCR Work |
PD-0110 |
| Questions Concerning the |
Peripheral Sharing Switch PP |
PD-0093 |
| Sharing of Peripherals with Memory under the |
Peripheral Sharing PP |
PD-0138 |
| Sharing of |
Peripherals with Memory under the Peripheral Sharing PP |
PD-0138 |
| Third Party Authentication is |
permitted by the ALFWPP-MR |
PD-0115 |
| SOF Claims for PPs without any |
Permutational or Probabilistic Mechanisms |
PD-0048 |
| What SOF Claim is appropriate when there are no probabilistic or |
permutational mechanisms |
PD-0086 |
| Design Decomposition for |
Physical Security |
PD-0023 |
| Description of Logical and |
Physical Boundaries |
PD-0122 |
| Necessity For A Test |
Plan to Specifically Satisfy The Requirements for ATE_FUN.1.2C |
PD-0014 |
| Security Targets for a Software TOE that runs on Multiple |
Platforms |
PD-0061 |
| What Must Be Tested for an ST Running On Multiple |
Platforms ? |
PD-0062 |
| Testing All Claimed |
Platforms |
PD-0104 |
| Information Flow |
Policies with No Active Decision |
PD-0098 |
| Attribute Inheritance/Modification Rules Need To Be Included In |
Policy |
PD-0011 |
| Where should the TOE Security |
Policy be defined? |
PD-0027 |
| Where can |
policy be specified in a PP? |
PD-0045 |
| User in the Loop for |
Policy Enforcement |
PD-0095 |
| Clarify CCEVS |
Policy for Applying NIAP Interpretations |
PD-0103 |
| PP compliance with |
portion of TOE SFR in Environment |
PD-0082 |
| For the Controlled Access Protection Profile (CAPP), must all events be pre-selectable? |
Post -selectable? |
PD-0067 |
| NIAP Requirements for |
PP Registration Information for APE_INT.1 |
PD-0015 |
| Usage of the Term "Loopback Network" in the Application Level Firewall |
PP |
PD-0018 |
| Allocation of Requirements in a |
PP to the Environment |
PD-0019 |
| Conformance with a |
PP with respect to Level of Audit |
PD-0024 |
| Redundancy between Overview Material and Application Notes in a |
PP |
PD-0028 |
| Distinction between Internal and External Networks in a Firewall |
PP |
PD-0036 |
| Where can policy be specified in a |
PP ? |
PD-0045 |
| Effect of Addition of Environmental Assumptions on |
PP Compliance |
PD-0055 |
| Does One Reference or Transcribe Requirements When Including Components in a |
PP /ST? |
PD-0060 |
| Partial Conformance to a |
PP /Conditional Requirements in a PP |
PD-0073 |
| Partial Conformance to a PP/Conditional Requirements in a |
PP |
PD-0073 |
| Dealing with Errors in a |
PP |
PD-0074 |
| Incorporation of interpretations into a |
PP |
PD-0078 |
| |
PP compliance with portion of TOE SFR in Environment |
PD-0082 |
| Specifying Mechanism in |
PP Objectives |
PD-0089 |
| Questions Concerning the Peripheral Sharing Switch |
PP |
PD-0093 |
| Compliance with IDS System |
PP Export Requirements |
PD-0097 |
| CIMC |
PP Compliance for Iterated Requirements that are Satisfied by the IT Environment |
PD-0102 |
| |
PP conformance Using an Underlying Evaluated Product |
PD-0117 |
| Assumptions in the IDS |
PP v1.4 |
PD-0118 |
| Audit Pre-Selection in the CIMC |
PP |
PD-0125 |
| Compliance with IDS Analyzer |
PP Export Requirements |
PD-0127 |
| Clarification of Alert requirement in Basic Robustness Anti-Virus |
PP |
PD-0130 |
| Medium Robustness Traffic Filtering |
PP : Administrator accounts |
PD-0134 |
| CC V3 |
PP Conformance Type Consistency |
PD-0137 |
| Sharing of Peripherals with Memory under the Peripheral Sharing |
PP |
PD-0138 |
| Is Intermingling Multiple |
PPs in One Document Acceptable? |
PD-0034 |
| Reflecting Compliance With Multiple |
PPs |
PD-0047 |
| SOF Claims for |
PPs without any Permutational or Probabilistic Mechanisms |
PD-0048 |
| Acceptability of IKE Authentication as "Single Use" In Firewall |
PPs |
PD-0105 |
| Using CCv2.x |
PPs with CCv3.1 STs: Handling of FPT_SEP and FPT_RVM |
PD-0136 |
| CC V3 Conformance Type for Existing CC V2 |
PPs |
PD-0139 |
| For the Controlled Access Protection Profile (CAPP), must all events be |
pre -selectable? Post-selectable? |
PD-0067 |
| Audit |
Pre -Selection in the CIMC PP |
PD-0125 |
| Site-Configurable |
Prevention Of Audit Loss |
PD-0010 |
| Use of an Intelligent |
Printer (PCL) in an Evaluated Product |
PD-0041 |
| SOF Claims for PPs without any Permutational or |
Probabilistic Mechanisms |
PD-0048 |
| What SOF Claim is appropriate when there are no |
probabilistic or permutational mechanisms |
PD-0086 |
| Use of an Intelligent Printer (PCL) in an Evaluated |
Product |
PD-0041 |
| Can a |
product claim conformance to an earlier version of the CC? |
PD-0070 |
| PP conformance Using an Underlying Evaluated |
Product |
PD-0117 |
| Satisfaction of Requirements by Applications Running on Untrusted |
Products |
PD-0004 |
| Level of Detail Necessary for Assurance Requirements on Third Party |
Products |
PD-0101 |
| Referencing Draft External Specifications in a Protection |
Profile &n |
![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}