NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0646:  Function 23 Allow Invalid Certs

Publication Date
2022.07.06

Protection Profiles
PP_MDF_V3.2

Other References
FMT_SMF_EXT.1

Issue Description

In MDF V3.2, FMT_SMF_EXT.1 Function #23 is incorrectly identified as mandatory in the Table 7 Management Functions, conflicting with the conditional test case in the Test Evaluation Activities.

Resolution

PP_MDF_V3.2 is modified as follows, with strikethrough denoting deletion and underline denoting addition:

In Table 7 under FMT_SMF_EXT.1, the entry for Function 23 is modified as follows:

#

Management Function

Impl.

User

Only

Admin

Admin

Only

23

23. configure whether to allow/disallow establishment of [assignment: configurable trusted channel in FTP_ITC_EXT.1.1/FDP_UPC_EXT.1.1/APPS]a trusted channel if the peer/server certificate is deemed invalid.

MO

O

O

O

The Application Note is also updated for Function 23:

Function 23 must be included in the ST if the function is configurable on the TOE for any of the trusted channels either mandated or selected in FTP_ITC_EXT.1.1 or FDP_UPC_EXT.1.1/APPS. For function 23, tThe configuration can be different depending on the specific trusted channel(s) and they must be filled in for the assignment.

Justification

Consistency with similar requirements

 
 
Site Map              Contact Us              Home