Archived TD0374: GCM ciphersuite
FCS_TLSC_EXT.1.1 in the GP OS PP 4.2 includes an option "TLS_RSA_WITH_AES_256_CBC_SHA384 as defined in RFC 5288". However, RFC 5288 is about AES-GCM cipher suites, so specifying an AES_CBC cipher suite is incorrect.
08/21/2019 - superseded by TD0441.
05/01/2019 - Updated to also apply to GPOS PP v4.2.1.
The fourth option in the FCS_TLSC_EXT.1.1 cipher suite selection is changed to:
See issue description.