SSH Extended Package (deprecated) is referenced in multiple places. These references should be replaced with the superseding "SSH Functional Package". Also, the conformance claim needs to be updated to include the SSH package.

The following update is made to MOD_FEEM_V1.0 Section 2 (Conformance Claims), with green highlighted underlines denoting additions:

Package Claims

This PP-Module is TLS Package Version 1.1 Conformant.

This PP-Module is SSH Package Version 1.0 Conformant.

The following updates are made to FTP_DIT_EXT.1.1 in MOD_FEEM_V1.0, with red highlighted strikethroughs denoting deletions and green highlighted underlines denoting additions:

FTP_DIT_EXT.1.1

The TSF shall [selection:

- encrypt all transmitted [selection: sensitive data, data] with [selection: HTTPS in

accordance with FCS_HTTPS_EXT.1 (from [AppPP]), TLS as defined in the TLS

Package, DTLS as defined in the TLS Package, SSH as conforming to the Extended Functional

Package for Secure Shell] ,

- invoke platform-provided functionality to encrypt all transmitted sensitive data with

[selection: HTTPS, TLS, DTLS, SSH] ,

- invoke platform-provided functionality to encrypt all transmitted data with [selection:

HTTPS, TLS, DTLS, SSH]

] between itself and another trusted IT product.

Application Note: This SFR is modified from its definition in the Base-PP by removing the

first selection (where the application does not transmit any data or sensitive data). By

definition, a TOE that conforms to this PP-Module must have the ability to transmit sensitive

data to another trusted IT product.

...

If encrypt all transmitted is selected and SSH is selected, the TSF is required to be validated

against the Extended Functional Package for Secure Shell.

...

The following update is made to FTP_ITT.1.1 in MOD_FEEM_V1.0, with red highlighted strikethroughs denoting deletions and green highlighted underlines denoting additions:

FPT_ITT.1.1

The TSF shall protect TSF data from [disclosure, modification] when it is transmitted between

separate parts of the TOE through the use of [selection: IPsec as defined in the PP-Module

for VPN Client, HTTPS in accordance with FCS_HTTPS_EXT.1 (from [AppPP]), TLS as

defined in the Package for Transport Layer Security, SSH as defined in the Extended Functional

Package for Secure Shell].

The following update is made to FTP_TRP.1.1 in MOD_FEEM_V1.0, with red highlighted strikethroughs denoting deletions and green highlighted underlines denoting additions:

FTP_TRP.1.1

The TSF shall be capable of using [selection: IPsec as defined in the PP-Module for VPN

Client, HTTPS in accordance with FCS_HTTPS_EXT.1 (from [AppPP]), TLS as defined in

the Package for Transport Layer Security, SSH as defined in the Extended Functional Package for

Secure Shell] to provide a communication path between itself and authorized remote

administrators that is logically distinct from other communication paths and provides assured

identification of its end points and protection of the communicated data from [modification,

disclosure].

The conformance claims section and applicable SFRs need to be updated to use the SSH Functional Package