TD0682: Addressing Ambiguity in FCS_SSHS_EXT.1 Tests
In FCS_SSHS_EXT.1, the test AA says: "The evaluator shall repeat Test 1 and Test 2 from FCS_SSH_EXT.1.4 for each of the authentication mechanisms supported by the TOE."
Given that FCS_SSHS_EXT.1 is focused on the TOE SSH server delivering claimed host keys to a non-TOE client, the test AA should not require the evaluator to redo FCS_SSH_EXT.1.4 test 1 (bulk cipher encryption confirmation) and test 2 (ability to disconnect a session).
TD0666 is archived and replaced with the following modifications to Appendix B.1 in PKG_SSH_V1.0 for FCS_SSHS_EXT.1 tests, with strikethroughs denoting deletions and underlines denoting additions:
The evaluator shall repeat Test 1 and Test 2 from FCS_SSH_EXT.1.4 for each of the authentication mechanisms supported by the TOE. perform the following tests:
Test 1: The evaluator shall use a suitable SSH Client to connect to the TOE and examine the list of server host key algorithms in the SSH_MSG_KEXINIT packet sent from the server to the client to determine that only the configured server authentication methods for the TOE were offered by the server.
Test 2: The evaluator shall test for a successful configuration setting of each server authentication method as follows. The evaluator shall initiate a SSH session using the authentication method configured and verify that the session is successfully established. Repeat this process for each independently configurable server authentication method supported by the server.
Test 3: Next tThe evaluator shall configure the remote peer to only allow an authentication mechanism that is not included in the ST selection. The evaluator shall attempt to connect to the TOE and observe that the attempt fails TOE sends a disconnect message.
See issue description.