NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0114:  NIT Technical Decision for Re-Use of FIPS test results in NDcPP and FWcPP

Publication Date
2016.10.06

Protection Profiles
CPP_FW_V1.0, CPP_ND_V1.0

Other References
FCS_COP.1

Issue Description

The Network Interpretations Team (NIT) has issued a technical decision regarding the re-use of FIPS test results in the NDcPP v1.0 and FW cPP v1.0.

Resolution

To align with the NIT interpretation #25, NIAP supports the interpretation written below.  For further information, please see the NIT interpretation at:

https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI25.pdf.

While the FCS_COP requirements map to the algorithm testing requirements as defined by the NIST Validation System documents, given that this is a cPP and not a national PP, it would not be appropriate to point to national standards, such as FIPS 140-2, as a validation requirement.

While FIPS algorithm certificates are evidence that the tests required in the evaluation activities have been successfully demonstrated, the decision to accept FIPS algorithm certificates (and indeed location of algorithm certificate listing within any report not specified in CEM) is the purview of each national scheme.

For NIAP evaluations, please refer to Policy #5:  Applicability and Relationship of NIST Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Validation Program (CMVP) to NIAP’s Common Criteria Evaluation and Validation Scheme (CCEVS).

Justification

See Issue Description.

 
 
Site Map              Contact Us              Home