TD0478: NIT Technical Decision for Application Notes for FIA_X509_EXT.1 iterations
CPP_FW_v2.0, CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
The NIT has issued a technical decision for Application Notes for FIA_X509_EXT.1 iterations
03/17/2020: This TD also applies to FW2.0E (Application notes 50 and 61 respectively).
Application Note 48(V2.1; corresponding Application Note 49 in V2.0e)
The Application Notes 40(V2.1)/V39(V2.0e) and 48(V2.1)/49(V2.0e) shall be modified as follows.
The audit event “Unsuccessful attempt to validate a certificate” for [FIA_X509_EXT.1/ITT, FIA_X509_EXT.1/Rev] requires the Additional Audit Record Contents of “Reason for failure (of certificate validation).” An error message telling the Security Administrator that ‘something is wrong with the certificate’ is not considered as presenting sufficient information about the ‘reason for failure’, because basic information to resolve the issue is missing from the audit record. The log message should inform the Security Administrator at least about the type of error (e.g. that there is a ‘Trust issue’ with the certificate, e.g. due to failed path validation, in contrast to the use of an ‘expired certificate’). The level of detail that needs to be provided to enable the Security Administrator to fix issues based on the information in audit events usually depends on the complexity of the underlying use case. In simple scenarios with only one underlying root cause a single error message might be sufficient whereas in more complex scenarios the granularity of error messages should be higher. The NDcPP only specifies a general guidance on the subject to avoid specifying requirements which are not implementation independent.
FIA_X509_EXT.1/ITT shall be used for Application Note 40(V2.1)/V39(V2.0e) and FIA_X509_EXT.1/Rev shall be used for 48(V2.1)/49(V2.0e).
For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRFI201838.pdf