The NIT has issued a technical decision for DTLS - clarification of Application Note 63

The modified Application Note 63 does contradict the introductory text for DTLSC and DTLSS in chapter B.3.1.1 as well as precedents set by earlier technical resolutions like RfI#201905. The NIT position is that protocol level mutual authentication is an optional requirement with (D)TLS.

Therefore, the last paragraph in Application Note 63 for FCS_DTLSC_EXT.1.1 shall be modified as follows:

"FCS_DTLSC_EXT.1 without FCS_DTLSC_EXT.2 should be claimed if the TOE transmits application-layer data to an external server using a trusted channel provided by DTLS. FCS_DTLSC_EXT.1 together with FCS_DTLSC_EXT.2 should be claimed if the TOE implements protocol-level mutual authentication using X.509v3 certificates with DTLS. "

For further information, please see the NIT interpretation at:

https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI202009.pdf

See issue description.