NIT Technical Decision for TLS Server and Key Agreement Parameters.

In SDNDv2.2, FCS_TLSS_EXT.1.3 TSS Assurance Activity shall be replaced as follows:

If using ECDHE and/or DHE ciphers, the evaluator shall verify that the TSS lists all EC Diffie-Hellman curves and/or Diffie-Hellman groups used in the key establishment by the TOE when acting as a TLS Server. For example, if the TOE supports TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher and Diffie-Hellman parameters with size 2048 bits, then list Diffie-Hellman Group 14.

For further information, please see NIT Interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRFI202107.pdf

See Issue Description.