TD0562: Test activity for Public Key Algorithms
The test activity for FCS_SSH_EXT.1.5 is incorrect.
The assurance activity for FCS_SSH_EXT.1.5 is replaced as follows:
The evaluator shall check the description of the implementation of this protocol in the TSS to ensure that optional characteristics are specified, and the public key algorithms supported are specified as well. The evaluator shall check the TSS to ensure that the public key algorithms specified are identical to those listed for this component. The evaluator shall also check the operational guidance to ensure that it contains instructions on configuring the TOE so that SSH conforms to the description in the TSS (for instance, the set of algorithms advertised by the TOE may have to be restricted to meet the requirements).
The evaluator shall also perform the following test:
The evaluator shall establish a SSH connection using each of the public key algorithms specified by the requirement. It is sufficient to observe (on the wire) the successful negotiation of the algorithm to satisfy the intent of the test.
Test in FCS_SSH_EXT.1.4 did not specify testing for "public key" algorithms.