TD0254: Algorithms in FCS_SMIME_EXT.1.4
The FCS_SMIME_EXT.1.4 SFR implies that the TOE must support the mandatory sha256withRSAEncryption and an additional algorithm and no other algorithms. However, the Application Note does not indicate that any other algorithm is required but the sha256withRSAEncryption.
FCS_SMIME_EXT.1.4 is replaced as follows:
FCS_SMIME_EXT.1.4 The email client shall present the signatureAlgorithm field with the following sha256withRSAEncryption and [selection:
no other algorithms
] as part of the S/MIME protocol.
Test 6 of FCS_SMIME_EXT.1 is replaced as follows:
See issue description.