NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0091:  Modification of High-Security Use Case in MDF PP v2.0

Publication Date
2016.06.08

Protection Profiles
PP_MD_v2.0

Other References
PP_MD_v2.0, FCS_TLSC_EXT.2.6

Issue Description

The FCS_TLSC_EXT.2.6 requirement essentially limits the mobile devices to using TLS 1.2. Because TLS 1.2 does not support SHA-1, and because SHA-1 is used broadly throughout the Internet, the requirement makes it ineffective to browse the web.

Resolution

FCS_TLSC_EXT.2.6 is no longer required to meet Use Case #2 (“Enterprise-owned device for specialized, high-security use”), as detailed in section G.2 of the Protection Profile for Mobile Devices v2.0.

Justification

See issue description.

 
 
Site Map              Contact Us              Home