NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0412:  NIT Technical Decision for FCS_SSHS_EXT.1.5 SFR and AA discrepancy

Publication Date
2019.03.22

Protection Profiles
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1

Other References
FCS_SSHS_EXT.1.5, ND SD V2.0e, ND SD V2.1

Issue Description

The NIT has issued a technical decision for FCS_SSHS_EXT.1.5 SFR and AA discrepancy

Resolution

The NIT partially disagrees with the issue described in the Issue section. The test should be kept as-is. The following test objective definition shall be added to the definition of Test 2 for FCS_SSHS_EXT.1.5 to enhance clarity:


Test objective: The purpose of this negative test is to verify that the server rejects authentication attempts of clients that present a public key that does not match public key(s) associated by the TOE with the identity of the client (i.e. the public keys are unknown to the server). To demonstrate correct functionality it is sufficient to determine that an SSH connection was not established after using a valid username and an unknown key of supported type.

For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201836.pdf

Justification

See issue description

 
 
Site Map              Contact Us              Home