TD0487: Correction to Typo in FCS_MACSEC_EXT.4
Publication Date
2020.01.02
Protection Profiles
PP_NDCPP_MACSEC_EP_V1.2
Other References
FCS_MACSEC_EXT.4.4
Issue Description
There appears to be a typo in SFR FCS_MACSEC_EXT.4.4 - The TSF shall associate Connectivity Association Key Names (CKNs) with CAKs that are defined by the key derivation function using the CAK as input data (per 802.1X, section 9.8.1). IEEE 802.1X-2010, section 9.8.1 describes generating the SAK (not the CAK) using the key derivation function using the CAK as input data. Resolution
FCS_MACSEC_EXT.4.4 is corrected as shown below, with strikethrough denoting deletions and underline denoting additions: The TSF shall associate Connectivity Association Key Name (CKN) with CAKs Security Association Key (SAK)s that are defined by the key derivation function using the CAK as input data (per 802.1X, section 9.8.1). Justification
See issue description. |