The NIT has issued a technical decision for FCS_SSHS_EXT.1.5 SFR and AA discrepancy

The NIT partially disagrees with the issue described in the Issue section. The test should be kept as-is. The following test objective definition shall be added to the definition of Test 2 for FCS_SSHS_EXT.1.5 to enhance clarity:

Test objective: The purpose of this negative test is to verify that the server rejects authentication attempts of clients that present a public key that does not match public key(s) associated by the TOE with the identity of the client (i.e. the public keys are unknown to the server). To demonstrate correct functionality it is sufficient to determine that an SSH connection was not established after using a valid username and an unknown key of supported type.

For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201836.pdf

See issue description