NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0403:  Conditional Testing with TLS Session IDs

Publication Date

Protection Profiles

Other References

Issue Description

For the App PP, TD0131 makes FCS_TLSS_EXT.1.1 Test 4.5 conditional based on whether the TOE supports session IDs. A similar issue exists in the Base Virtualization PP for FCS_TLSS_EXT.1. Test 4, Bullet #4.


07/30/2019: This TD has been archived and superseded by TD0431.


For FCS_TLSS_EXT.1.1 and FCS_TLSS_EXT.2.1, Test 4 Bullet #4 is modified as follows per the underlined text:

[conditional] After generating a fatal alert by sending a Finished message from the client before the client sends a ChangeCipherSpec message, send a Client Hello with the session identifier from the previous test, and verify that the server denies the connection. This test is not required for applications with a TLS implementation that does not support session IDs.


See issue description

Site Map              Contact Us              Home