TD0505: Clarification of revocation testing under RFC6066
TOEs that accept certificate chains containing intermediate CAs and use OCSP stapling (RFC 6066) for revocation cannot perform part of Test 3, which tests revocation of a node certificate and an intermediate CA certificate, “if intermediate CA certificates are supported.” Because RFC 6066 only supports checking of the server/node certificate, testing of intermediate CA revocation cannot be performed, as it is not supported by OCSP stapling as specified in this RFC.
FIA_X509_EXT.1.1 is modified as follows, with strikethrough indicating deletion and underline indicating addition:
FIA_X509_EXT.1.1 The application shall [selection: invoked platform-provided functionality , implement functionality ] to validate certificates in accordance with the following rules:
- RFC 5280 certificate validation and certificate path validation.
- The certificate path must terminate with a trusted CA certificate.
- The application shall validate a certificate path by ensuring the presence of the basicConstraints extension and that the CA flag is set to TRUE for all CA certificates.
- The application shall validate the revocation status of the certificate using [selection: the Online Certificate Status Protocol (OCSP) as specified in RFC 2560 , a Certificate Revocation List (CRL) as specified in RFC 5280 Section 6.3 , a Certificate Revocation List (CRL) as specified in RFC 5759 , an OCSP TLS Status Request Extension (i.e., OCSP stapling) as specified in RFC 6066, OCSP TLS Multi-Certificate Status Request Extension (i.e.,OCSP Multi-stapling) as specified in RFC 6961] .
- The application shall validate the extendedKeyUsage field according to the following rules:
- Certificates used for trusted updates and executable code integrity verification shall have the Code Signing purpose (id-kp 3 with OID 126.96.36.199.188.8.131.52.3) in the extendedKeyUsage field.
Application Note: FIA_X509_EXT.1.1 lists the rules for validating certificates. The ST author shall select whether revocation status is verified using OCSP or CRLs. FIA_X509_EXT.2
Regardless of the selection of implement functionality or invoke platform-provided functionality, the validation is expected to end in a trusted root CA certificate in a root store managed by the platform.
Test 3 is modified as follows, with underline indicating addition:
Test 3: The evaluator shall test that the TOE can properly handle revoked certificates-–conditional on whether CRL, OCSP, or OCSP Stapling or OCSP Multi-stapling is selected; if multiple methods are selected, then the following tests shall be performed for each method:
- The evaluator shall test revocation of the node certificate.
- The evaluator shall also test revocation of an intermediate CA certificate (i.e. the intermediate CA certificate should be revoked by the root CA), if intermediate CA certificates are supported. If OCSP stapling per RFC6066 is the only supported revocation method, this test is omitted.
The evaluator shall ensure that a valid certificate is used, and that the validation function succeeds. The evaluator then attempts the test with a certificate that has been revoked (for each method chosen in the selection) to ensure when the certificate is no longer valid that the validation function fails.
See issue description.