NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0165:  NIT Technical Decision for Sending the ServerKeyExchange message when using RSA

Publication Date
2017.03.24

Protection Profiles
CPP_ND_V1.0

Other References
FCS_TLSC_EXT.1.1, FCS_TLSC_EXT.2.1, ND SD V1.0

Issue Description

The Network Interpretations Team (NIT) has issued a technical decision regarding sending the ServerKeyExchange message when using RSA.

Resolution

To align with NIT interpretation # 201665, the following changes are made to ND SD V1.0.

Test 5d for FCS_TLSC_EXT.1.1 and FCS_TLSC_EXT.2.1 shall be modified as follows:

"Modify the signature block in the Server’s Key Exchange handshake message, and verify that the client rejects the connection after receiving the Server Key Exchange message. This test does not apply to cipher suites using RSA key exchange. If a TOE only supports RSA key exchange in conjunction with TLS then this test shall be omitted."

For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201665. 

Justification

See issue description.

 
 
Site Map              Contact Us              Home