NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0082:  Removal of Auditing of SSH Rekey in FAU_GEN.1(1)

Publication Date

Protection Profiles

Other References

Issue Description

In FAU_GEN.1(1) there is a requirement to audit successful SSH re-key. FCS_SSHS_EXT.1 requires rekey after 2^28 packets. While rekeying after 2^28 packets is an SSH RFC requirement and is valid and can be tested, auditing of SSH rekeys is not required in the RFC and is pretty low-level compared to SSH session establishment or termination.


In Table 1, "Successful SSH re-key." should be removed from the Auditable Events column for FCS_SSHS_EXT.1.


This level of auditing is not deemed necessary, and the most popular SSH implementation does not support it.

Site Map              Contact Us              Home