TD0571: NiT Technical Decision for Guidance on how to handle FIA_AFL.1
The NiT has issued a technical decision for Guidance on how to handle FIA_AFL.1.
1. FIA_UAU_EXT.2.1 applies solely to how the administrator logs in at the local console. Passwords were made selection based to allow TOEs that have difficulty determining whether an incoming connection is local or remote to provide a mechanism to prevent administrative lockout. As FIA_AFL.1 is a mandatory SFR, it is expected that the TOE provides at least one remote password-based authentication mechanism using credentials managed by the TOE.
2. FIA_PMG_EXT.1, FIA_AFL.1, and FMT_SMF.1 are all mandatory SFRs that the TOE will need to meet.
For further information, please see the NiT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI202012.pdf
See issue description.