The wording of this requirement could lead one to conclude that an MDM Agent is a valid component of an MDM distributed TOE, which was not the intent.

Evaluation Activities for FCO_CPC_EXT.1 in MDM_PP_V4.0 are modified as follows (additions in bold):

Test 2 is updated as follows:

The evaluator shall confirm that after enablement, an IT entity can communicate only with the components that it has been enabled for. This includes testing that the enabled communication is successful for the enabled component pair, and that communication remains unsuccessful with any other component for which communication is possible but has not been explicitly enabled.

Some TOEs may set up the registration channel before the enablement step is carried out, but in such a case the channel must not allow communications until after the enablement step has been completed.

Test 3 is updated as follows:

The evaluator shall separately disable each TOE component in turn and ensure that the other TOE components cannot then communicate with the disabled component, whether by attempting to initiate communications with the disabled component or by responding to communication attempts from the disabled component. In situations where one component acts as the "Gatekeeper" for all other components, the test would involve disabling the components in turn on the Gatekeeper and ensuring that the TOE no longer communicates with disabled components.

See issue justification