TD0393: Require FTP_TRP.1(b) only for printing
HCDPP allows for one or more of the following functions defined in section 184.108.40.206: printing, scanning, copying. HCDPP also contains FTP_TRP.1(b) which requires the existence of a remote, non-administrative interface to the device regardless of the devices functionality. FTP_TRP.1(b) is an issue for department-level copy-only and scan-only devices containing a control panel, which don't have a need for a remote, non-administrative interface.
The following changes are made to HCDPP v1.0 to remove the requirement for remote non-administrative access and allow copy-only and scan-only devices to be evaluated against this PP:
220.127.116.11 Required Uses
24 The Required Uses that shall be present in a conforming HCD are:
i. Printing: converting an electronic document to hardcopy form, or
— and —
— and —
28 In other words, a conforming HCD must support at least one of the Required Uses scanning, printing, or copying, and must support the Required Uses network communications and administration.
Section 18.104.22.168 Conditionally Mandatory Uses
29 Conditionally Mandatory Uses that may be present in a conforming HCD are:
30 PSTN faxing: sending and receiving documents over the public switched telephone network (PSTN) using standard facsimile protocols
33 To conform, the HCD must meet requirements associated with these functions if they are present in the TOE. If the TOE supports remote non-administrative functionality but this requirement is not included, then the functionality must be disabled in the evaluated configuration.
77 Note that a User can be a human user or an external IT entity. Also, a Normal User can be a Local User or a Network User as described in Section 1.3.3.
4.13.3 FTP_TRP.1(b) Trusted path (for non-Administrators)
Move the entire section to a new B.3 Network Communications
A.1 User Definitions
Definition for U.NORMAL: A User who has been identified and authenticated and does not have an administrative role. A Normal User can be a Local User or a Network User as described in Section 1.3.3.
Remote, non-administrative user access to the device is not required anywhere except for this SFR. The concepts of Local and Network Users are mentioned and used in Section 1 but are not incorporated into the U.NORMAL definition in Section 2.1 and A.1. The use cases for copying and scanning specifically apply to Local Users only.