NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0051:  Android Implementation of TLS in App PP v1.1

Publication Date

Protection Profiles

Other References
PP_APP_v1.1, requirement FIA_X509_EXT.1

Issue Description

There is an inconsistency between Protection Profile for Application Software Version 1.1 (PP_APP_v1.1) and Protection Profile for Mobile Device Fundamentals Version 2.0 (PP_MD_v2.0) for Android. The Android implementation of TLS does not provide certificate revocation checking.


Bullet 4 of FIA_X509_EXT.1.1 should be rewritten as follows:

The application shall validate the revocation status of the certificate using [selection: the Online Certificate Status Protocol (OCSP) as specified in RFC 2560, a Certificate Revocation List (CRL) as specified in RFC 5759, none].


The application note should be rewritten as follows:

Application Note: FIA_X509_EXT.1.1 lists the rules for validating certificates. The ST author shall select whether revocation status is verified using OCSP, CRLs, or not at all. The ST author can select “none” only when a mobile application provides countermeasures to the threat of a compromised server certificate that are at least as effective as certificate revocation checking. In particular, the developer will ask NIAP to re-examine the developer’s countermeasures for a compromised server certificate and the developer will respond to any concerns with the countermeasures. FIA_X509_EXT.2 requires that certificates are used for HTTPS, TLS and DTLS; this use requires that the extendedKeyUsage rules are verified.


The Android implementation of TLS may not support certificate revocation checking; this change allows a mobile application developer to deal with the lack of revocation checking in the Android implementation of TLS.

Site Map              Contact Us              Home