Archived TD0031: ANSI X9.31 Reference in FCS_CKM.1(2) in VPN GW EP
PP_ND_VPN_GW_EP_V.1.1, requirement FCS_CKM.1(2) , PP_ND_V1.1
The FCS_CKM.1 (2) SFR states:
The TSF shall generate asymmetric cryptographic keys used for IKE peer authentication in accordance with a:
ANSI X9.31-1998, Appendix A.2.4 requires the use of what is commonly known as the “ANSI X9.31 RNG.” The ANSI X9.31 RNG is a general-purpose random number generator that requires the use of DES and is not an allowed selection in FCS_RBG_EXT.1.
Change the reference for ANSI X9.31-1998 in the selection from "Appendix A.2.4" to "Section 4.1."
This reference was corrected in FCS_CKM.1(1) in the MDF PP 2.0; for the ANSI X9.31-1998 option in the selection, "Appendix A.2.4" was replaced with "Section 4.1".