NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0268:  FMT_MEC_EXT.1 Clarification

Publication Date
2017.12.15

Protection Profiles
PP_APP_v1.2

Other References
FMT_MEC_EXT.1

Issue Description

In PP_APP_v1.2, the intent of FMT_MEC_EXT.1 is to enable enterprise management of the configuration of application software running on client systems, and provide visibility into configuration settings that would be manipulated by users. However, it is not meant to apply to sensitive data.

 

Resolution

PP_APP_v1.2:

The Application note for FMT_MEC_EXT.1 is modified as follows:

Application Note: Configuration options that are stored remotely are not subject to this requirement. Sensitive Data is generally not considered part of configuration options and should be stored according to FDP_DAR_EXT.1 or FCS_STO_EXT.1.

Justification

See issue description.

 
 
Site Map              Contact Us              Home