TD0572: NiT Technical Decision for Restricting FTP_ITC.1 to only IP address identifiers
The NiT has issued a technical decision for Restricting FTP_ITC.1 to only IP address identifiers.
DNS resolution is not mandatory to support FTP_ITC.1. There are no resolution mandates or requirements in RFC 6125.
The use of the dnsName identifiers in X.509 certificates must be supported by TOEs that claim FCS_DTLSC_EXT or FCS_TLSC_EXT when associated with FTP_ITC.1. Inability to parse dnsName identifiers shall be considered a failure to meet these requirements.
For further information, please see the NiT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201918rev3.pdf
See issue description.