NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0281:  NIT Technical Decision for Testing both thresholds for SSH rekey

Publication Date
2018.01.05

Protection Profiles
CPP_ND_V1.0, CPP_ND_V2.0, CPP_ND_V2.0E

Other References
FCS_SSHC_EXT.1.8, FCS_SSHS_EXT.1.8, ND SD V1.0, ND SD V2.0

Issue Description

The Network Interpretations Team (NIT) has issued a technical decision regarding Testing both thresholds for SSH rekey.

Resolution

To align with NIT interpretation # 201717 the following changes shall be implemented:

The intention of FCS_SSHC_EXT.1.8 and FCS_SSHS_EXT.1.8 SFRs is to ensure that the TOE implements both thresholds. The NIT also acknowledges that it is possible that hardware limitation may prevent reaching data transfer threshold in less than one hour. In cases where data transfer threshold could not be reached due to hardware limitations it is acceptable to omit testing of this (SSH rekeying based on data transfer threshold) threshold if both the following conditions are met:
a. An argument is present in the TSS section describing this hardware-based limitation and
b. All hardware components that are the basis of such argument are definitively identified in the ST. For example, if specific Ethernet Controller or WiFi radio chip is the root cause of such limitation, these chips must be identified.

Additionally, there is an additional limitation on the validity of certification, where any hardware change of the components identified in the argument will invalidate certification. This limitation should be clearly identified as part of certified product listing.

For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfi201717.pdf.

Justification

As stated in the 'Resolution' section above, the NIT confirms that the intention of FCS_SSHC_EXT.1.8 and FCS_SSHS_EXT.1.8 is that both thresholds are implemented and tested. But in particular case when the threshold cannot be met due to hardware limitations, it is reasonable that testing could be omitted for this threshold. It is not expected that a check is implemented for a threshold that cannot be reached by the TOE.

 
 
Site Map              Contact Us              Home