NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0473:  Support for Client or Server TOEs in FCS_HTTPS_EXT

Publication Date
2020.01.21

Protection Profiles
PP_APP_v1.3

Other References
FCS_HTTPS_EXT.1

Issue Description

FCS_HTTPS_EXT.1, as currently written, appears to only apply to TLSC implementations. It does not support TLSS implementations, and it does not take into accounts the fact that mutual authentication for TLS is selectable, so clients are not required to present a certificate.

Resolution

FCS_HTTPS_EXT.1 is rewritten as follows:

FCS_HTTPS_EXT.1/Client HTTPS Protocol

This selection-based component depends upon selection in FTP_DIT_EXT.1.1.

FCS_HTTPS_EXT.1.1/Client The application shall implement the HTTPS protocol that complies with RFC 2818.

Evaluation Activity

TSS

The evaluator shall examine the TSS and determine that enough detail is provided to explain how the implementation complies with RFC 2818.


Guidance
None.
Tests
The evaluator shall attempt to establish an HTTPS connection with a webserver, observe the traffic with a packet analyzer, and verify that the connection succeeds and that the traffic is identified as TLS or HTTPS.

FCS_HTTPS_EXT.1.2/Client The application shall implement HTTPS using TLS as defined in the TLS package.

Evaluation Activity

TSS
None.
Guidance
None.
Tests
Other tests are performed in conjunction with the TLS package.

FCS_HTTPS_EXT.1.3/Client The application shall [selection: not establish the application-initiated connection, notify the user and not establish the user-initiated connection , notify the user and request authorization to establish the user-initiated connection ] if the peer certificate is deemed invalid.

Application Note: Validity is determined by the certificate path, the expiration date, and the revocation status in accordance with RFC 5280.

Evaluation Activity

TSS
None.
Guidance
None.
Tests
Certificate validity shall be tested in accordance with testing performed for FIA_X509_EXT.1, and the evaluator shall perform the following test:

  • Test 1: The evaluator shall demonstrate that using a certificate without a valid certification path results in the selected action in the SFR. If "notify the user" isselected in the SFR, then the evaluator shall also determine that the user isnotified of the certificate validation failure. Using the administrative guidance, the evaluator shall then load a certificate or certificates to the Trust Anchor Database needed to validate the certificate to be used in the function, and demonstrate that the function succeeds. The evaluator then shall delete one of the certificates, and show that again, using a certificate without a valid certification path results in the selected action in the SFR, and if "notify the user" was selected in the SFR, the user is notified of the validation failure.

FCS_HTTPS_EXT.1/Server HTTPS Protocol

This selection-based component depends upon selection in FTP_DIT_EXT.1.1.

FCS_HTTPS_EXT.1.1/Server The application shall implement the HTTPS protocol that complies with RFC 2818.

Evaluation Activity

TSS

The evaluator shall examine the TSS and determine that enough detail is provided to explain how the implementation complies with RFC 2818.


Guidance
None.
Tests
The evaluator shall attempt to establish an HTTPS connection to the TOE using a client, observe the traffic with a packet analyzer, and verify that the connection succeeds and that the traffic is identified as TLS or HTTPS.

FCS_HTTPS_EXT.1.2/Server The application shall implement HTTPS using TLS as defined in the TLS package.

Evaluation Activity

TSS
None.
Guidance
None.
Tests
Other tests are performed in conjunction with the TLS package.

A new SFR, FCS_HTTPS_EXT.2, is added as follows:

FCS_HTTPS_EXT.2 HTTPS Protocol with Mutual Authentication

This selection-based component depends upon selection in FTP_DIT_EXT.1.1.

FCS_HTTPS_EXT.2.1 The application shall [selection: not establish the connection, establish or not establish the connection based on an administrative or user setting] if the peer certificate is deemed invalid.

Application Note: Validity is determined by the certificate path, the expiration date, and the revocation status in accordance with RFC 5280.

TSS
None.
Guidance
None.
Tests
Certificate validity shall be tested in accordance with testing performed for FIA_X509_EXT.1, and the evaluator shall perform the following test:

  • Test 1: The evaluator shall demonstrate that using a certificate without a valid certification path results in the selected action in the SFR. Using the administrative guidance, the evaluator shall then load a certificate or certificates to the Trust Anchor Database needed to validate the certificate to be used in the function, and demonstrate that the function succeeds. The evaluator then shall delete one of the certificates, and show that again, using a certificate without a valid certification path results in the selected action in the SFR.

In the Application Note for FTP_DIT_EXT.1, the paragraph that refers to HTTPS is rewritten as follows:

If encrypt all transmitted is selected, HTTPS is selected, and the TOE acts as a client, FCS_HTTPS_EXT.1/Client is required. If encrypt all transmitted is selected, HTTPS is selected, and the TOE acts as a server, FCS_HTTPS_EXT.1/Server is required. If the TOE acts as a server and if mutual authentication is selected in the TLS Package, then FCS_HTTPS_EXT.2 is also required..

 

 

Justification

See issue description.

 
 
Site Map              Contact Us              Home