TD0730: Clarification on Trusted Update sources for VVoIP Applications
The VVoIP PP-Module does not accurately describe how it modifies FPT_TUD_EXT.1 when App PP is the Base-PP.
FPT_TUD_EXT.1 in Section 5.2.1 in MOD_VVOIP_V1.0 is modified as follows, with strikethrough representing deletions and underline representing additions:
FPT_TUD_EXT.1 Trusted Update
This PP-Module does not modify this SFR as it is defined in the App PP. However, note that this PP-Module expects that either the call control server or a separate file server managed by the organization to function as the source of TOE software/firmware updates. A vendor provided source should only be used if a call control server or separate file server cannot be configured. The evaluator shall ensure that the test environment is configured appropriately.
The App PP evaluation activities for FPT_TUD_EXT.1 in Section 188.8.131.52 in MOD_VVOIP_V1.0-SD are updated as follows:
There is no change to the EAs specified for this SFR in the App PP. Note however that the following additional configuration steps are may be necessary when relying on a call control server or dedicated file server in order for this testing to be performed:
· The evaluator shall deploy a call control server or dedicated file server in the TOE’s operational environment
· The evaluator shall load valid and invalid candidate updates to the call control server or dedicated file server
· The evaluator shall configure the TOE or its operational environment (whichever is selected to implement the security functions) to use the call control server or dedicated file server as its source for software/firmware updates
See issue description.