Archived TD0161: FTP_ITC.1(2) - Test 2 Not Required
Requiring Test 2 of FTP_ITC.1(2) within VoIP PP v1.3 is no longer common industry practice, and the requirement was dropped from VVoIP EP v1.0.
Test 2 for FTP_ITC.1(2) does not need to be performed.
Test 2: The following test is repeated for each supported certificate signing algorithm supported. The evaluator shall verify that the TSF will only use a certificate that contains the Client Authentication purpose in the extendedKeyUsage field and verify that a connection is established. The evaluator will then verify that the TSF rejects an otherwise valid client certificate that lacks the Client Authentication purpose in the extendedKeyUsage field and a connection is not established Ideally, the two certficates should be identical except for the extendedKeyUsage field.
FCS_TLS_EXT and FIA_X509_EXT requirements within VoIP PP v1.3 securely establishes a communication channel.