NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0169:  NIT Technical Decision for Compliance to RFC5759 and RFC5280 for using CRLs

Publication Date
2017.04.04

Protection Profiles
CPP_FW_V1.0, CPP_ND_V1.0

Other References
FIA_X509_EXT.1.1

Issue Description

The Network Interpretations Team (NIT) has issued a technical decision regarding compliance to RFC5759 and RFC5280 for using CRLs.

 

Resolution

The paragraph:

"The TSF shall validate the revocation status of the certificate using [selection: the Online Certificate Status Protocol (OCSP) as specified in RFC 2560, a Certificate Revocation List (CRL) as specified in RFC 5759]."

in FIA_X509_EXT.1.1 shall be modified as follows:

"The TSF shall validate the revocation status of the certificate using [selection: the Online Certificate Status Protocol (OCSP) as specified in RFC 2560, a Certificate Revocation List (CRL) as specified in RFC 5280 Section 6.3, Certificate Revocation List (CRL) as specified in RFC 5759 Section 5]."

For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI08rev2.pdf. 

 

Justification

See issue description.

 
 
Site Map              Contact Us              Home