TD0709: Number of elements for iterations of FCS_HTTPS_EXT.1
FCS_HTTPS_EXT.1/Client and FCS_HTTPS_EXT.1/Server are iterations of the same extended SFR, but have a different number of elements.
FCS_HTTPS_EXT.1/Server in PP_APP_V1.4 is modified to include the following third element and corresponding evaluation activities:
FCS_HTTPS_EXT.1.3/Server The application shall [selection: not process peer certificates, [selection: not establish the user and not establish the application-initiated connection, notify the user and not establish user-initiated connection, notify the user and request authorization to establish the user-initiated connection]] if the peer certificate is deemed invalid.
Other tests are performed in conjunction with the TLS Functional Package, FCS_HTTPS_EXT.2 (dependent on selections in FTP_DIT_EXT.1), and FIA_X509_EXT.1.
Iterated extended SFRs must be based on the same extended component definition.