Archived TD0114: NIT Technical Decision for Re-Use of FIPS test results in NDcPP and FWcPP
The Network Interpretations Team (NIT) has issued a technical decision regarding the re-use of FIPS test results in the NDcPP v1.0 and FW cPP v1.0.
To align with the NIT interpretation #25, NIAP supports the interpretation written below. For further information, please see the NIT interpretation at:
While the FCS_COP requirements map to the algorithm testing requirements as defined by the NIST Validation System documents, given that this is a cPP and not a national PP, it would not be appropriate to point to national standards, such as FIPS 140-2, as a validation requirement.
While FIPS algorithm certificates are evidence that the tests required in the evaluation activities have been successfully demonstrated, the decision to accept FIPS algorithm certificates (and indeed location of algorithm certificate listing within any report not specified in CEM) is the purview of each national scheme.
For NIAP evaluations, please refer to Policy #5: Applicability and Relationship of NIST Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Validation Program (CMVP) to NIAP’s Common Criteria Evaluation and Validation Scheme (CCEVS).
See Issue Description.