NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0197:  Resolve conflict between elements of FCS_TLSS_EXT.1 regarding selecting TLS

Publication Date

Protection Profiles

Other References

Issue Description

Conflict exists between two elements of FCS_TLSS_EXT.1 where FCS_TLSS_EXT.1.1 allows TLS 1.0. while FCS_TLSS_EXT.1.2 forbids TLS 1.0.


Application Note for FCS_TLSS_EXT.1.1 is modified to include the following statement:

In a future version of this PP TLS 1.0 will be removed and TLS v1.2 will be required for all TOEs.


FCS_TLSS_EXT.1.2 is modified to remove TLS 1.0 from outside the selection.

FCS_TLSS_EXT.1.2 The TSF shall deny connections from clients requesting SSL 1.0, SSL 2.0, SSL 3.0, and [selection: TLS 1.0, TLS 1.1, no other TLS versions].




Since customers will likely be transitioning from TLS 1.0 to TLS 1.2 for a while, TLS 1.0 will remain as a selection/option.

Site Map              Contact Us              Home