NIAP: View Active Technical Decisions

»»

View Active Technical Decisions

Technical Decisions (TDs) are issued to correct errors or clarify Security Functional Requirements (SFRs) and Assurance Activities within NIAP-approved Protection Profiles (PPs). Technical Decisions are effective upon publication and must be incorporated into all current and future evaluations. Current evaluations include all evaluations except those for which a complete Check-Out package has been submitted to NIAP for final validation team review.

In the rare case that a TD is issued which includes new SFRs or AAs, NIAP will make the determination for when products in evaluation must comply and include an effective date in the TD.

Item	Title	Protection Profiles	References	Publication Date
TD0539	Incorrect selection trigger in FTA_CIN_EXT.1 in MOD_VI_V1.0	MOD_VI_V1.0	FTA_CIN_EXT.1, SD for Video/Display Module	2020.07.11
TD0538	NIT Technical Decision for Outdated link to allowed-with list	CPP_ND_V2.1, CPP_ND_V2.2E	Section 2	2020.07.13
TD0537	NIT Technical Decision for Incorrect reference to FCS_TLSC_EXT.2.3	CPP_ND_V2.2E	FIA_X509_EXT.2.2	2020.07.13
TD0536	NIT Technical Decision for Update Verification Inconsistency	CPP_ND_V2.1, CPP_ND_V2.2E	AGD_OPE.1, ND SDv2.1, ND SDv2.2	2020.07.13
TD0535	NIT Technical Decision for Clarification about digital signature algorithms for FTP_TUD.1	CPP_ND_V2.1	FTP_TUD.1	2020.07.13
TD0534	NIT Technical Decision for Firewall IPv4 & IPv6 testing by default	CPP_FW_V2.0E, MOD_CPP_FW_v1.3	FW SDv2.0e, FW MOD SDv1.3	2020.07.13
TD0533	NIT Technical Decision for FTP_ITC.1 with signed downloads	CPP_ND_V2.1	FTP_ITC.1	2020.07.13
TD0532	NIT Technical Decision for Use of seeds with higher entropy	CPP_ND_V2.1	FCS_RGB_EXT.1.2	2020.07.13
TD0531	NIT Technical Decision for Challenge-Response for Authentication	CPP_ND_V2.1	FCS_SSHS_EXT.1	2020.07.13
TD0530	NIT Technical Decision for FCS_TLSC_EXT.1.1 5e test clarification	CPP_ND_V2.1	FCS_TLSC_EXT.1.1, ND SDv2.1	2020.07.13
TD0529	NIT Technical Decision for OCSP and Authority Information Access extension	CPP_ND_V2.1	FIA_X509_EXT.1/Rev , FIA_X509_EXT.2, ND SD v2.1	2020.07.13
TD0528	NIT Technical Decision for Missing EAs for FCS_NTP_EXT.1.4	CPP_ND_V2.1, CPP_ND_V2.2E	FCS_NTP_EXT.1.4, ND SD v2.1, ND SD v2.2	2020.07.13
TD0527	Updates to Certificate Revocation Testing (FIA_X509_EXT.1)	CPP_ND_V2.2E	FIA_X509_EXT.1/REV, FIA_X509_EXT.1/ITT	2020.07.01
TD0526	Updates to Certificate Revocation (FIA_X509_EXT.1)	PP_BASE_VIRTUALIZATION_V1.0	FIA_X509_EXT.1	2020.07.01
TD0525	Updates to Certificate Revocation (FIA_X509_EXT.1)	PP_OS_V4.2.1	FIA_X509_EXT.1	2020.07.01
TD0524	Updates to Certificate Revocation (FIA_X509_EXT.1)	PP_MDM_V4.0	FIA_X509_EXT.1	2020.07.01
TD0523	Updates to Certificate Revocation (FIA_X509_EXT.1)	PP_MD_V3.1	FIA_X509_EXT.1	2020.07.01
TD0522	Updates to Certificate Revocation (FIA_X509_EXT.1)	PP_CA_V2.1	FIA_X509_EXT.1	2020.07.01
TD0521	Updates to Certificate Revocation (FIA_X509_EXT.1)	PP_APP_v1.3	FIA_X509_EXT.1	2020.07.01
TD0520	VPN Gateway SFR Rationale	MOD_VPNGW_v1.0	Sections 5.3 and 5.4	2020.06.19
TD0519	Linux symbolic links and FMT_CFG_EXT.1	PP_APP_v1.3	FMT_CFG_EXT.1.2	2020.06.18
TD0518	Typographical error in Dependency Table	PP_PSD_V4.0	FPT_STM.1	2020.06.15
TD0517	WLAN Client Corrections for X509 and TLSC	PP_WLAN_CLI_EP_V1.0	FIA_X509_EXT.2.2, FCS_TLSC_EXT.1.3/WLAN	2020.06.19
TD0516	Behavior on Receiving TLS Certificate Request, FDP_TEP_EXT.1	MOD_STIP_V1.0	FDP_TEP_EXT.1	2020.06.17
TD0515	Use Android APK manifest in test	PP_APP_v1.3	FDP_DEC_EXT.1	2020.06.08
TD0514	Correction to MOD_VI FDP_APC_EXT.1 Test 3 Step 6	MOD_VI_V1.0	FDP_APC_EXT.1,	2020.05.18
TD0513	CA Certificate loading	PKG_TLS_V1.1	FCS_TLSC_EXT.1.3	2020.05.26
TD0512	Group CAKs for establishing multiple MKA connections is not mandated	PP_NDCPP_MACSEC_EP_V1.2	FMT_SMF.1	2020.03.26
TD0511	VPN GW Conformance Claim to allow for a PP-Module	MOD_VPNGW_v1.0		2020.03.06
TD0510	Obtaining random bytes for iOS/macOS	PP_APP_v1.3	FCS_RBG_EXT.1	2020.03.03
TD0509	Correction to MACsec Audit	PP_NDCPP_MACSEC_EP_V1.2	FAU_GEN.1	2020.03.02
TD0508	Conformance Claim to allow for a PP-Module	MOD_VPN_CLI_V2.1		2020.02.28
TD0507	Clarification on USB plug type	MOD_KM_V1.0	FDP_ACP_EXT.1	2020.03.03
TD0506	Missing Steps to disconnect and reconnect display	MOD_VI_V1.0	FDP_ACP_EXT.1	2020.02.28
TD0499	Testing with pinned certificates	PKG_TLS_V1.1	FCS_TLSC_EXT.1.2	2020.02.04
TD0498	Application Software PP Security Objectives and Requirements Rationale	PP_APP_v1.3	Section 4.3 and Section 5.2	2020.01.31
TD0496	GPOS PP adds allow-with statement for VPN Client V2.1	PP_OS_V4.2.1	Conformance Claims	2020.01.29
TD0495	FIA_X509_EXT.1.2 Test Clarification	PP_APP_v1.3	FIA_X509_EXT.1.2	2020.01.29
TD0494	Removal of Mandatory SSH Ciphersuite for HCD	PP_HCD_V1.0	FCS_SSH_EXT.1.7	2020.02.20
TD0493	X.509v3 certificates when using digital signatures for Boot Integrity	PP_OS_V4.2.1	FPT_TST_EXT.1.1	2020.03.04
TD0492	TLS-EAP Ciphers and TLS versions for WLAN Client	PP_WLAN_CLI_EP_V1.0	FCS_TLSC_EXT.1.1/WLAN, TLSC_EXT.1.6/WLAN	2020.01.22
TD0491	Update to FMT_SMF_EXT.4 Test 2	MOD_MDM_AGENT_V1.0	FMT_SMF_EXT.4	2020.01.15
TD0489	Update to FCS_COP.1 in MOD_FEEM	MOD_FEEM_V1.0	FCS_COP.1(5); FCS_COP.1(7)	2020.01.30
TD0488	Selectable ciphers for FCS_COP.1(5)	EP_VVOIP_V1.0	FCS_COP.1(5)	2020.01.21
TD0487	Correction to Typo in FCS_MACSEC_EXT.4	PP_NDCPP_MACSEC_EP_V1.2	FCS_MACSEC_EXT.4.4	2020.01.02
TD0486	Removal of PP-Module for VPN Clients from allowed with list	PP_APP_v1.3	Section 2, FDP_DAR_EXT.1	2019.12.17
TD0485	PP-Configuration for Application Software and Virtual Private Network (VPN) Clients not allowed	MOD_VPN_CLI_V2.1		2019.12.17
TD0484	NIT Technical Decision for Interactive sessions in FTA_SSL_EXT.1 & FTA_SSL.3	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FTA_SSL_EXT.1, FTA_SSL.3	2019.12.18
TD0483	NIT Technical Decision for Applicability of FPT_APW_EXT.1	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FPT_APW_EXT.1	2019.12.18
TD0482	NIT Technical Decision for Identification of usage of cryptographic schemes	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	ND SDv2.0e, FW SDv2.0e, ND SDv2.1, FCS_CKM.2	2019.12.18
TD0481	NIT Technical Decision for FCS_(D)TLSC_EXT.X.2 IP addresses in reference identifiers	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	ND SDv2.0, ND SDv2.1, FW SDv2.0e, FAU_GEN.1	2019.12.18
TD0480	NIT Technical Decision for Granularity of audit events	CPP_ND_V2.0E, CPP_ND_V2.1	FIA_AFL.1 (NDcPP), section 2.3.1.3 (ND SD)	2019.12.18
TD0479	FMT_SMF.1(1) Reliance on MDF Evals	PP_MDM_V4.0	FMT_SMF.1(1)	2020.02.21
TD0478	NIT Technical Decision for Application Notes for FIA_X509_EXT.1 iterations	CPP_FW_v2.0, CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FIA_X509_EXT.1/Rev, FIA_X509_EXT.1/ITT	2019.12.18
TD0477	NIT Technical Decision for Clarifying FPT_TUD_EXT.1 Trusted Update	CPP_ND_V2.0E, CPP_ND_V2.1	ND SD V2.0E, ND SD V2.1, FPT_TUD_EXT.1, Tests section	2019.12.18
TD0475	NIT Technical Decision for Separate traffic consideration for SSH rekey	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FCS_SSHC_EXT.1.1, FCS_SSHS_EXT.1.1, ND SD V2.0E, ND SD V2.1	2019.12.18
TD0474	Removal of Mandatory Cipher Suite in FCS_TLS_EXT.1	PP_HCD_V1.0	FCS_TLS_EXT.1	2019.12.04
TD0473	Support for Client or Server TOEs in FCS_HTTPS_EXT	PP_APP_v1.3	FCS_HTTPS_EXT.1	2020.01.21
TD0472	File Encryption SFR Rationale and Consistency of TOE Type added	MOD_FE_V1.0	Section 5.3, Section 6.1.1	2019.12.04
TD0470	Wireless Network Restrictions	PP_WLAN_CLI_EP_V1.0	FMT_SMF_EXT.1.1/WLAN; FTA_WSE_EXT.1.1	2020.01.22
TD0469	Modification of test activity for FCS_TLSS_EXT.1.1 test 4.1	PKG_TLS_V1.1	FCS_TLSS_EXT.1.1	2019.11.20
TD0468	Bluetooth pairing vs connection	PP_MD_V3.1	FIA_BLT_EXT.3.1	2019.11.22
TD0466	Selectable Key Sizes for AES Data Encryption/Decryption	PP_NDCPP_MACSEC_EP_V1.2	FCS_COP.1.1	2019.11.15
TD0465	Configuration Storage for .NET Apps	PP_APP_v1.3	FMT_MEC_EXT.1	2019.11.08
TD0464	FIT Technical Decision for FPT_PWR_EXT.1 compliant power saving states	CPP_FDE_EE_V2.0E	FPT_PWR_EXT.1	2019.11.05
TD0463	Clarification for FPT_TUD_EXT	PP_OS_V4.2.1	FPT_TUD_EXT.1.1, FPT_TUD_EXT.2.1	2019.11.12
TD0461	Security Audit for Distributed TOEs	PP_MDM_V4.0	Section 6.2.2, Bullet 2	2020.01.08
TD0460	FIT Technical Decision for FPT_PWR_EXT.1 non-compliant power saving states	CPP_FDE_EE_V2.0E	FPT_PWR_EXT.1, FDE EE SD v2.0E	2019.10.18
TD0459	RadSec Pre-Shared Key Clarification	PP_NDCPP_APP_AUTHSVR_EP_V1.0	FCS_RADSEC_EXT.1.4	2019.10.25
TD0458	FIT Technical Decision for FPT_KYP_EXT.1 evaluation activities	CPP_FDE_AA_V2.0E, CPP_FDE_EE_V2.0E	FPT_KYP_EXT.1, FDE AA SD v2.0E, FDE EE SD v2.0E	2019.10.18
TD0457	Typographical error in FPT_FLS.1.1	EP_ESC_V1.0	FPT_FLS.1	2019.10.04
TD0456	Removal of Low-level Crypto Failure Audit in WLAN AS EP	PP_WLAN_AS_EP_V1.0	FAU_GEN.1	2019.10.09
TD0455	NIST SP800-133 keygen methods for FAK/FEK Generation	MOD_FE_V1.0	FDP_AUT_EXT.2.9, FCS_CKM_EXT.2.1	2019.10.18
TD0454	Test for displaying real-time connection status of VVoIP endpoints in FMT_SMF.1.1	EP_ESC_V1.0	FMT_SMF.1	2019.09.23
TD0453	NIT Technical Decision for Clarify authentication methods SSH clients can use to authenticate SSH se	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FCS_SSHC_EXT.1.9	2019.09.16
TD0451	NIT Technical Decision for ITT Comm UUID Reference Identifier	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FCS_TLSS_EXT.1.2 and FCS_TLSS_EXT.2.2	2019.09.16
TD0450	NIT Technical Decision for RSA-based ciphers and the Server Key Exchange message	CPP_ND_V2.0E, CPP_ND_V2.1	FCS_TLSS_EXT..3, FCS_DTLSS_EXT..4, ND SD v2.1, ND SD v2.0E	2019.09.16
TD0447	NIT Technical Decision for Using 'diffie-hellman-group-exchange-sha256' in FCS_SSHC/S_EXT.1.7	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FCS_SSHC_EXT.1.7, FCS_SSHS_EXT.1.7	2019.09.16
TD0446	Missing selections for SSH	PP_SSH_EP_v1.0	FCS_SSHC_EXT.1.3, FCS_SSHC_EXT.1.5, FCS_SSHS_EXT.1.3, FCS_SSHS_EXT.1.5	2019.10.18
TD0445	User Modifiable File Definition	PP_APP_v1.3	FPT_AEX_EXT.1.4	2019.10.09
TD0444	IPsec selections	PP_APP_v1.3	FTP_DIT_EXT.1, FIA_X509_EXT.2	2019.08.30
TD0443	FPT_VDP_EXT.1 Clarification for Assurance Activity	PP_BASE_VIRTUALIZATION_V1.0	FPT_VDP_EXT.1	2019.08.21
TD0442	Updated TLS Ciphersuites for TLS Package	PKG_TLS_V1.1	FCS_TLSC_EXT.1.1, FCS_TLSS_EXT.1.1, FCS_DTLSC_EXT.1.1, FCS_DTLSS_EXT.1.1	2019.08.21
TD0441	Updated TLS Ciphersuites for OS PP	PP_OS_V4.2.1	FCS_TLSC_EXT.1.1, FCS_TLSS_EXT.1.1, FCS_DTLSC_EXT.1.1, FCS_DTLSS_EXT.1.1	2019.08.21
TD0440	Assurance Activities for FIA_UAU.2	EP_ESC_V1.0	FIA_UAU.2/TC, FIA_UAU.2/VVoIP	2019.08.20
TD0439	EAP-TLS Revocation Checking	PP_WLAN_CLI_EP_V1.0	FIA_X509_EXT.1, FAU_GEN.1	2019.08.29
TD0438	TST and TUD on the MDM Agent	PP_MDM_V4.0	FPT_TST_EXT.1, FPT_TUD_EXT.1	2019.08.21
TD0437	Supported Configuration Mechanism	PP_APP_v1.3	FMT_MEC_EXT.1.1	2019.07.23
TD0435	Alternative to SELinux for FPT_AEX_EXT.1.3	PP_APP_v1.2, PP_APP_v1.3	FPT_AEX_EXT.1.3	2019.07.26
TD0434	Windows Desktop Applications Test	PP_APP_v1.2, PP_APP_v1.3	FDP_DEC_EXT.1.1	2019.07.22
TD0432	Corrections to FIA_AFL_EXT.1	PP_BASE_VIRTUALIZATION_V1.0	FIA_AFL_EXT.1	2019.07.16
TD0431	Modification to Cipher Suites for TLS	PP_BASE_VIRTUALIZATION_V1.0	FAU_GEN.1, FCS_IPSEC_EXT.1.15, FCS_TLSC_EXT.1, FCS_TLSC_EXT.2, FCS_TLSS_EXT.1, FCS_TLSS_EXT.2	2019.07.30
TD0430	Optional Logging of Power and Fan Status	EP_ESC_V1.0	FAU_GEN.1/Log	2019.06.27
TD0429	AAs for FMT_MTD.1/SystemTime	EP_SBC_V1.1	FMT_MTD.1/SystemTime	2019.06.21
TD0428	FCS_SRTP_EXT.1 Test Activity	EP_VVOIP_V1.0	FCS_SRTP_EXT.1	2019.06.25
TD0427	Reliable Time Source	PP_APP_v1.2, PP_APP_v1.3	A.Platform	2019.06.11
TD0426	Correction of Inconsistency with RFC7748	PP_MD_V3.1	FCS_CKM.1	2019.06.24
TD0425	NIT Technical Decision for Cut-and-paste Error for Guidance AA	CPP_ND_V2.0E, CPP_ND_V2.1	ND SD V2.0e, ND SD V2.1, FTA_SSL.3	2019.05.31
TD0424	NIT Technical Decision for NDcPP v2.1 Clarification - FCS_SSHC/S_EXT1.5	CPP_ND_V2.1	ND SD V2.1, FCS_SSHC_EXT.1.5, FCS_SSHS_EXT.1.5	2019.05.31
TD0423	NIT Technical Decision for Clarification about application of RfI#201726rev2	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	ND SD V2.0E, FW SD V2.0E, ND SD V2.1	2019.05.31
TD0422	FCS_SRTP_EXT.1 Test 2	EP_SBC_V1.1	FCS_SRTP_EXT.1	2019.05.16
TD0421	Removal of Combiners from PSS PP	PP_PSS_V3.0	Annex B	2019.07.19
TD0420	Conflict in FCS_SSHC_EXT.1.1 and FCS_SSHS_EXT.1.1	PP_SSH_EP_v1.0	FCS_SSHC_EXT.1.1, FCS_SSHS_EXT.1.1	2019.05.10
TD0419	FAU_GEN.1 Audit for FMT_SMF.1	EP_ESC_V1.0	FAU_GEN.1	2019.05.02
TD0418	Clarifications for ESC EP	EP_ESC_V1.0	FAU_STG.1/VVR, FAU_STG_EXT.1, FMT_SMF.1, FTP_ITC.1	2019.05.03
TD0417	Updates to FDP_IFF.1 and FIA_UAU.2	EP_ESC_V1.0	FDP_IFF.1, FIA_UAU.2.1/TC, FIA_UAU.2/VVoIP	2019.04.30
TD0416	Correction to FCS_RBG_EXT.1 Test Activity	PP_APP_v1.3	FCS_RBG_EXT.1.1	2019.04.24
TD0415	Trusted Update Test 4 Conditional	PP_CA_V2.1	FPT_TUD_EXT.1	2019.04.04
TD0414	FTP_ITC_EXT1. Tests 1 and 2	PP_APP_EMAILCLIENT_EP_v2.0	FTP_ITC_EXT.1	2019.04.04
TD0413	Conformance Claim to allow for a PP-Module	PP_MD_V3.1		2019.03.22
TD0412	NIT Technical Decision for FCS_SSHS_EXT.1.5 SFR and AA discrepancy	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FCS_SSHS_EXT.1.5, ND SD V2.0e, ND SD V2.1	2019.03.22
TD0411	NIT Technical Decision for FCS_SSHC_EXT.1.5, Test 1 - Server and client side seem to be confused	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FCS_SSHC_EXT.1.5, ND SD V2.0E, ND SD V2.1	2019.03.22
TD0410	NIT technical decision for Redundant assurance activities associated with FAU_GEN.1	CPP_ND_V1.0, CPP_ND_V2.0E, CPP_ND_V2.1	FAU_GEN.1, ND SD V1.0, ND SD V2.0e, ND SD V2.1	2019.03.22
TD0409	NIT decision for Applicability of FIA_AFL.1 to key-based SSH authentication	CPP_ND_V2.0E, CPP_ND_V2.1	FIA_AFL.1, ND SD v2.0e, ND SD v2.1	2019.03.22
TD0408	NIT Technical Decision for local vs. remote administrator accounts	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FIA_AFL.1, FIA_UAU_EXT.2, FMT_SMF.1	2019.03.22
TD0407	NIT Technical Decision for handling Certification of Cloud Deployments	CPP_ND_V2.0E, CPP_ND_V2.1		2019.03.22
TD0406	FDP_IFF.1.5 Tests 1 and 2	EP_VVOIP_V1.0	FDP_IFF.1.5	2019.03.13
TD0405	FIA_SASL_EXT.1 Testing	PP_APP_EMAILCLIENT_EP_v2.0	FIA_SASL_EXT.1	2019.03.20
TD0404	Cryptographic selections and updates for use with App PP v1.3	MOD_VPN_CLI_V2.1	FCS_CKM.1, FCS_CKM.2.1, FCS_CKM_EXT.1, FCS_COP.1, FIA_X509_EXT.2, FTP_DIT_EXT.1, FCS_IPSEC_EXT.1.8	2019.08.30
TD0402	NIT Technical Decision for RSA-based FCS_CKM.2 Selection	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FCS_CKM.2, ND SD V2.0E, ND SD V2.1	2019.02.24
TD0401	NIT Technical Decision for Reliance on external servers to meet SFRs	CPP_ND_V2.0E, CPP_ND_V2.1	FTP_ITC.1	2019.02.24
TD0400	NIT Technical Decision for FCS_CKM.2 and elliptic curve-based key establishment	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FCS_CKM.1, FCS_CKM.2	2019.02.24
TD0399	NIT Technical Decision for Manual installation of CRL (FIA_X509_EXT.2)	CPP_ND_V2.0E, CPP_ND_V2.1	FIA_X509_EXT.2, ND SD V2.0E, ND SD V2.1	2019.02.24
TD0398	NIT Technical Decision for FCS_SSH*EXT.1.1 RFCs for AES-CTR	CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1	FCS_SSHC_EXT.1.1, FCS_SSHS_EXT.1.1	2019.02.24
TD0397	NIT Technical Decision for Fixing AES-CTR Mode Tests	CPP_ND_V2.0E, CPP_ND_V2.1	FCS_COP.1/DataEncryption, ND SD V2.0E, ND SD V2.1	2019.02.24
TD0396	NIT Technical Decision for FCS_TLSC_EXT.1.1, Test 2	CPP_ND_V2.0E, CPP_ND_V2.1	FCS_DTLSC_EXT.1.1, FCS_DTLSC_EXT.2.1, FCS_TLSC_EXT.1.1, FCS_TLSC_EXT.2.1, ND SD V2.0E, ND SD V2.1	2019.02.24
TD0395	NIT Technical Decision for Different Handling of TLS1.1 and TLS1.2	CPP_ND_V2.0E, CPP_ND_V2.1	FCS_TLSS_EXT.2.4, FCS_TLSS_EXT.2.5, ND SD V2.0E, ND SD V2.1	2019.02.24
TD0394	NIT Technical Decision for Audit of Management Activities related to Cryptographic Keys	CPP_FW_V2.0E, CPP_ND_V2.0E	FAU_GEN.1, ND SD v2.0E	2019.02.24
TD0393	Require FTP_TRP.1(b) only for printing	PP_HCD_V1.0	FTP_TRP.1(b)	2019.02.26
TD0387	VPN Client Required SFR for GPOS as Base PP	MOD_VPN_CLI_V2.1	Section 5.1.1	2019.01.29
TD0386	Platform-Provided Verification of Update	PP_OS_V4.2, PP_OS_V4.2.1	FPT_TUD_EXT.1.2	2019.02.07
TD0385	FTP_DIT_EXT.1 Assurance Activity Clarification	MOD_VPN_CLI_V2.1, PP_APP_v1.2	FTP_DIT_EXT.1	2019.01.08
TD0381	FCS_SMIME_EXT.1 Test 3	PP_APP_EMAILCLIENT_EP_v2.0	FCS_SMIME_EXT.1.1	2018.12.27
TD0379	Updated FCS_IPSEC_EXT.1.11 Tests for VPN Client	MOD_VPN_CLI_V2.1	FCS_IPSEC_EXT.1.11	2018.12.20
TD0378	TOE/TOE Platform Selection in FCS_IPSEC_EXT.1 SFRs	MOD_VPN_CLI_V2.1	FCS_IPSEC_EXT.1.12, FCS_IPSEC_EXT.1.13	2018.12.13
TD0376	Audit record entry for FMT_SMF.1 in FAU_GEN.1.2/VOIP	EP_VVOIP_V1.0	FAU_GEN.1.2/VVOIP	2018.11.29
TD0375	FMT_MOF.1(4) selection	PP_CA_V2.1	FMT_MOF.1	2018.11.27
TD0372	Auditing in VVOIP	EP_VVOIP_V1.0	FAU_GEN.1/VVOIP, FAU_STG_EXT.1	2018.11.27
TD0371	Section F.2 [Use Case 2]	PP_MD_V3.1		2018.11.21
TD0369	Long-term trusted channel key material	PP_MD_V3.1	FCS_STG_EXT.2.1, FCS_STG_EXT.2.2, FCS_STG_EXT.3.1	2018.10.17
TD0367	Trusted Updates	EP_VVOIP_V1.0	FPT_TUD_EXT.1	2018.10.12
TD0366	Flexibility in Password Conditioning in FCS_COP.1(5)	PP_MD_V3.1	FCS_COP.1.1(5), FCS_CKM_EXT.3.2	2018.10.12
TD0365	FCS_CKM_EXT.4 selections	PP_OS_V4.2, PP_OS_V4.2.1	FCS_CKM_EXT.4	2018.10.12
TD0363	Access Banner and applicability to programmatic interfaces	PP_BASE_VIRTUALIZATION_V1.0	FTA_TAB.1	2018.10.05
TD0362	"Failure of the randomization process" audit	MOD_VPN_CLI_V2.1	FCS_RBG_EXT.1, FIA_PSK_EXT.1	2018.10.03
TD0360	AD Server configuration in FMT_MOF_EXT.1	EP_CV_V1.0, EP_SV_V1.0, PP_BASE_VIRTUALIZATION_V1.0	FMT_MOF_EXT.1.2, FIA_UAU.5.1	2018.09.28
TD0355	FCS_CKM.1/VPN for IKE authentication	MOD_VPN_CLI_V2.1	FCS_CKM.1/VPN	2018.09.20
TD0353	Guidance for Certificate Profiles	PP_CA_V2.1	FDP_CER_EXT.1.1	2018.09.18
TD0352	Added key destruction options	PP_APP_EMAILCLIENT_EP_v2.0	FCS_CKM_EXT.4	2018.09.18
TD0351	Additional methods for DEK formation	PP_MD_V3.1	FCS_CKM_EXT.2.1	2018.09.20
TD0349	Update to FPT_MCD_EXT.1.2	PP_APP_WEBBROWSER_EP_v2.0	FPT_MCD_EXT.1.2	2018.08.31
TD0348	FCS_TLSS_EXT.2.4 for TLS 1.2 or higher	PP_CA_V2.1	FCS_TLSS_EXT.2.4	2018.08.28
TD0347	Update of Use Case 2 in MDF PP	PP_MD_V3.1	Section F.2 [Use Case 2]	2018.08.23
TD0346	Revision of FMT_SMF_EXT.2 in MDF PP	PP_MD_V3.1	FMT_SMF_EXT.2	2018.08.23
TD0343	NIT Technical Decision for Updating FCS_IPSEC_EXT.1.14 Tests	CPP_FW_V2.0E, CPP_ND_V2.0E	ND SD V2.0, FCS_IPSEC_EXT.1.14	2018.08.02
TD0342	NIT Technical Decision for TLS and DTLS Server Tests	CPP_ND_V2.0E	ND SD V2.0, FCS_DTLSS_EXT.1, FCS_DTLSS_EXT.2, FCS_TLSS_EXT.1, FCS_TLSS_EXT.2	2018.08.02
TD0341	NIT Technical Decision for TLS wildcard checking	CPP_ND_V2.0E	ND SD V2.0, FCS_TLSC_EXT.1.2, FCS_TLSC_EXT.2.2, FCS_DTLSC_EXT.1.2, FCS_DTLSC_EXT.2.2,	2018.08.02
TD0340	NIT Technical Decision for Handling of the basicConstraints extension in CA and leaf certificates	CPP_FW_V2.0E, CPP_ND_V2.0E	FIA_X509_EXT.1.1	2018.08.02
TD0339	NIT Technical Decision for Making password-based authentication optional in FCS_SSHS_EXT.1.2	CPP_FW_V2.0E, CPP_ND_V2.0E	ND SD V2.0, FCS_SSHS_EXT.1.2	2018.08.02
TD0338	NIT Technical Decision for Access Banner Verification	CPP_ND_V2.0E	ND SD V2.0, FTA_TAB.1	2018.08.02
TD0337	NIT Technical Decision for Selections in FCS_SSH*_EXT.1.6	CPP_FW_V2.0E, CPP_ND_V2.0E	ND SD V2.0, FCS_SSHC_EXT.1, FCS_SSHS_EXT.1	2018.08.02
TD0336	NIT Technical Decision for Audit requirements for FCS_SSH*_EXT.1.8	CPP_ND_V2.0E	ND SD V2.0, FCS_SSHC_EXT.1.8, FCS_SSHS_EXT.1.8	2018.08.01
TD0335	NIT Technical Decision for FCS_DTLS Mandatory Cipher Suites	CPP_FW_V2.0E, CPP_ND_V2.0E	FCS_DTLSC_EXT.1.1, FCS_DTLSC_EXT.2.1, FCS_DTLSS_EXT.1.1, FCS_DTLSS_EXT.2.1, FCS_TLSC_EXT.1.1, FCS_TLSC_EXT.2.1, FCS_TLSS_EXT.1.1, FCS_TLSS_EXT.2.1	2018.08.01
TD0334	NIT Technical Decision for Testing SSH when password-based authentication is not supported	CPP_ND_V2.0E	ND SD V2.0, FCS_SSHC_EXT.1.9	2018.08.01
TD0333	NIT Technical Decision for Applicability of FIA_X509_EXT.3	CPP_FW_V2.0E, CPP_ND_V2.0E	ND SD V2.0, FIA_X509_EXT	2018.08.01
TD0332	Support for RSA SHA2 host keys	PP_SSH_EP_v1.0	FCS_SSHC_EXT.1.4, FCS_SSHS_EXT.1.4	2018.06.08
TD0331	SSH Rekey Testing	PP_SSH_EP_v1.0	FCS_SSHS_EXT.1.7, FCS_SSHC_EXT.1.7	2018.06.01
TD0330	Curve25519 scheme moved to optional and FFC scheme using DH Group 14 added	MOD_VPN_CLI_V2.1	FCS_CKM.1.1	2018.06.01
TD0328	Split Knowledge Procedures distinction	PP_CA_V2.1	FPT_SKY_EXT.1	2018.06.07
TD0325	Inline mode for Signature-based IPS policies	EP_IPS_V2.11	IPS_SBD_EXT.1.5	2018.05.21
TD0324	NIT Technical Decision for Correction of section numbers in SD Table 1	CPP_ND_V2.0E	Table 1	2018.05.18
TD0323	NIT Technical Decision for DTLS server testing - Empty Certificate Authorities list	CPP_ND_V2.0E	ND SD V2.0, FCS_DTLSS_EXT.2.7, FCS_DTLSS_EXT.2.8	2018.05.18
TD0322	NIT Technical Decision for TLS server testing - Empty Certificate Authorities list	CPP_ND_V2.0E	ND SD V.1.0, ND SD V2.0, FCS_TLSS_EXT.2.4, FCS_TLSS_EXT.2.5	2018.05.18
TD0321	Protection of NTP communications	CPP_FW_V2.0E, CPP_ND_V2.0E	FTP_ITC.1, FPT_STM_EXT.1	2018.05.21
TD0320	TLS ciphers in ESM PPs	PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1	FCS_TLS_EXT.1.1	2018.05.03
TD0315	Clarification of test for FCS_CKM.2.1(3)	PP_WLAN_AS_EP_V1.0	FCS_CKM.2.1(3)	2018.05.03
TD0314	Modifications to support Selection Based requirements	EP_WIDS_V1.0	FAU_SAA.1.2, FAU_GEN.1.1/WIDS, FAU_GEN.2.1//WIDS, FMT_SMF.1/WIDS	2018.04.26
TD0306	Update to FAU_WID_EXT.2.1 and FAU_WID_EXT.2.2	EP_WIDS_V1.0	FAU_WID_EXT.2.1, FAU_WID_EXT.2.2	2018.05.22
TD0305	Handling of TLS connections with and without mutual authentication	PP_APP_v1.2, PP_MD_V3.1, PP_MDM_V3.0, PP_OS_V4.1	FCS_TLSC_EXT.2.1, FCS_TLSC_EXT.1.4, FCS_TLSC_EXT.4.1	2018.04.04
TD0304	Update to FCS_TLSC_EXT.1.2	PP_APP_v1.2, PP_MD_V3.1, PP_MDM_V3.0, PP_OS_V4.1	FCS_TLSC_EXT.1.2	2018.04.04
TD0303	IKEv1 and support for XAUTH	MOD_VPN_CLI_V2.1	FCS_IPSEC_EXT.1.5	2018.03.29
TD0302	Update to FAU_ARP.1	EP_SBC_V1.1	FAU_ARP.1	2018.03.29
TD0301	Updates to Administrator Management and Biometric Authenication	PP_MD_V3.1	FMT_SMF_EXT.3, FIA_BMG_EXT.1.1	2018.04.04
TD0299	Update to FCS_CKM.4 Assurance Activities	PP_HCD_V1.0	FCS_CKM.4	2018.03.16
TD0298	Update to FDP_IFF.1 Assurance Activities	PP_PSS_V3.0	FDP_IFF.1.5(2)	2018.03.09
TD0294	Correction of TLS SFRs in CA PP ver 2.1	PP_CA_V2.1	FCS_TLSC_EXT.2, FCS_TLSS_EXT.1, FCS_TLSS_EXT.2	2018.04.18
TD0291	NIT technical decision for DH14 and FCS_CKM.1	CPP_FW_V1.0, CPP_FW_v2.0, CPP_FW_V2.0E, CPP_ND_V1.0, CPP_ND_V2.0, CPP_ND_V2.0E	FCS_CKM.1.1, ND SD V1.0, ND SD V2.0	2018.02.03
TD0290	NIT technical decision for physical interruption of trusted path/channel.	CPP_ND_V1.0, CPP_ND_V2.0, CPP_ND_V2.0E	FTP_ITC.1, FTP_TRP.1, FPT_ITT.1, ND SD V1.0, ND SD V2.0	2018.02.03
TD0289	NIT technical decision for FCS_TLSC_EXT.x.1 Test 5e	CPP_ND_V1.0, CPP_ND_V2.0, CPP_ND_V2.0E	FCS_TLSC_EXT.1.1, FCS_TLSC_EXT.2.1, FCS_DTLSC_EXT.1.1 (only ND SD V2.0), FCS_DTLSC_EXT.2.1 (only ND SD V2.0)	2018.02.03
TD0287	FAU_STG.4 Testing	PP_CA_V2.1	FAU_STG.4	2018.01.25
TD0286	Audit Events for FPT_RCV.1	PP_CA_V2.1	FPT_RCV.1	2018.01.25
TD0284	Tests for FCS_SRTP_EXT.1	EP_SBC_V1.1	FCS_SRTP_EXT.1	2018.01.18
TD0282	Test Activities added for Key Distribution and Key Generation	PP_WLAN_AS_EP_V1.0	FCS_CKM.1(2). FCS_CKM.2(3)	2018.01.19
TD0281	NIT Technical Decision for Testing both thresholds for SSH rekey	CPP_ND_V1.0, CPP_ND_V2.0, CPP_ND_V2.0E	FCS_SSHC_EXT.1.8, FCS_SSHS_EXT.1.8, ND SD V1.0, ND SD V2.0	2018.01.05
TD0279	Ciphersuites for SRTP	EP_SBC_V1.1, EP_VVOIP_V1.0	FCS_SRTP_EXT.1.2	2018.01.03
TD0278	Clarification of Role for Managing Manual Certificate Requests	PP_CA_V2.1	FMT_MOF.1(1); FMT_MOF.1(3)	2017.12.21
TD0277	Pre-Shared Key Composition	PP_WLAN_AS_EP_V1.0	FIA_PSK_EXT.1	2017.12.20
TD0276	X.509 Code Signing on TOE Updates	PP_CA_V2.1	FIA_X509_EXT.2.1	2017.12.19
TD0275	Corrections to FAU_WID_EXT.2.1 and FAU_WID_EXT.3.1	EP_WIDS_V1.0	FAU_WID_EXT.2.1, FAU_WID_EXT.3.1	2017.12.20
TD0273	Rekey after CAK expiration	PP_NDCPP_MACSEC_EP_V1.2	FCS_MACSEC_EXT.4	2017.12.20
TD0271	RADsec as alternative to IPsec	PP_WLAN_AS_EP_V1.0	FTP_ITC.1	2018.04.26
TD0266	Password/passphrase min vs max value for FCS_CKM_EXT.5.1	PP_APP_EMAILCLIENT_EP_v2.0	FCS_CKM_EXT.5.1	2017.12.08
TD0264	Clarification of Auditable Events for FPT_RDM_EXT.1	PP_BASE_VIRTUALIZATION_V1.0	PP_BASE_VIRTUALIZATION_V1.0, FPT_RDM_EXT.1	2017.12.07
TD0261	Destruction of CSPs in flash	PP_HCD_V1.0	FCS_CKM.4	2017.11.14
TD0259	NIT Technical Decision for Support for X509 ssh rsa authentication IAW RFC 6187	CPP_FW_v2.0, CPP_FW_V2.0E, CPP_ND_V2.0, CPP_ND_V2.0E	FCS_SSHC_EXT.1.5/FCS_SSHS_EXT.1.5	2017.11.13
TD0257	NIT Technical Decision for Updating FCS_DTLSC_EXT.x.2/FCS_TLSC_EXT.x.2 Tests 1-4	CPP_ND_V1.0, CPP_ND_V2.0, CPP_ND_V2.0E	ND SD V1.0, ND SD V2.0, FCS_DTLSC_EXT.1.2/FCS_DTLSC_EXT.2.2 Tests 1-4 (ND SD V2.0), FCS_TLSC_EXT.1.2/FCS_TLSC_EXT.2.2, Tests 1-4 (ND SD V1.0, ND SD V2.0)	2017.11.13
TD0256	NIT Technical Decision for Handling of TLS connections with and without mutual authentication	CPP_ND_V1.0, CPP_ND_V2.0, CPP_ND_V2.0E	ND SD V1.0, ND SD V2.0, FCS_DTLSC_EXT.2.5 (ND SD V2.0), FCS_TLSC_EXT.2 (ND SD V1.0, ND SD V2.0)	2017.11.13
TD0254	Algorithms in FCS_SMIME_EXT.1.4	PP_APP_EMAILCLIENT_EP_v2.0	FCS_SMIME_EXT.1.4	2017.11.08
TD0253	Assurance Activities for Key Transport	PP_HCD_V1.0	FCS_COP.1.1(i)	2017.11.08
TD0251	FMT_MOF.1.1 - Added Assignment	PP_PSS_V3.0	FMT_MOF.1.1; PP_PSS_V3.0	2017.10.26
TD0250	Hypercall Controls - FPT_HCL_EXT.1 Clarification	PP_BASE_VIRTUALIZATION_V1.0	FPT_HCL_EXT.1	2017.11.14
TD0249	Applicability of FTP_ITC_EXT.1	PP_BASE_VIRTUALIZATION_V1.0	FTP_ITC_EXT.1.1	2017.11.14
TD0247	FPT_VDP_EXT.1 Clarification for Assurance Activity	PP_BASE_VIRTUALIZATION_V1.0	FPT_VDP_EXT.1	2017.11.29
TD0245	Updates to FTP_ITC and FTP_TRP for ESM PPs	PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1	FTP_ITC.1, FTP_TRP.1	2017.10.03
TD0244	FCS_TLSC_EXT - TLS Client Curves Allowed	PP_APP_v1.2, PP_MD_V3.1, PP_OS_V4.1, PP_WLAN_CLI_EP_V1.0	FCS_TLSC_EXT.2.1, FCS_TLSC_EXT.4.1, FCS_TLSC_EXT.1.4, FCS_TLSC_EXT.2/WLAN	2017.11.16
TD0240	FCS_COP.1.1(1) Platform provided crypto for encryption/decryption	PP_SSH_EP_v1.0	FCS_COP.1.1(1)	2017.11.27
TD0230	ALC Assurance Activities for Server Virtualization and Base Virtualization PPs	PP_BASE_VIRTUALIZATION_V1.0, PP_SV_V1.1	ALC_CMC.1, ALC_CMS.1	2017.09.06
TD0228	NIT Technical Decision for CA certificates - basicConstraints validation	CPP_FW_V1.0, CPP_ND_V1.0, CPP_ND_V2.0, CPP_ND_V2.0E	ND SD V1.0, ND SD V2.0, FIA_X509_EXT.1.2	2018.06.15
TD0222	Use of RF Jammer for DoS testing in WIDS EP	EP_WIDS_V1.0	FAU_WID_EXT.3	2017.07.27
TD0219	NIAP Endorsement of Errata for HCD PP v1.0	PP_HCD_V1.0		2017.07.07
TD0211	FPT_TUD_EXT.1 - VVoIP Endpoints Optional	EP_ESC_V1.0	FPT_TUD_EXT.1	2017.06.13
TD0206	Testing for Non-Existence of Disconnected Virtual Devices	PP_BASE_VIRTUALIZATION_V1.0	FPT_DVD_EXT.1	2017.05.05
TD0194	Update to Audit of FTP_ITC_EXT.1/WLAN	PP_WLAN_CLI_EP_V1.0	FAU_GEN.1, FTP_ITC_EXT.1/WLAN	2017.04.11
TD0190	FPT_FLS.1(2)/SelfTest Failure with Preservation of Secure State and Modular Network Devices	PP_NDCPP_MACSEC_EP_V1.2	FPT_FLS.1(2)/SelfTest	2017.04.11
TD0176	FDP_DSK_EXT.1.2 - SED Testing	PP_HCD_V1.0	FDP_DSK_EXT.1.2	2017.04.11
TD0174	Optional Ciphersuites for TLS	PP_APP_v1.2, PP_MD_v3.0, PP_NDCPP_APP_AUTHSVR_EP_V1.0	FCS_TLSC_EXT.1.1, FCS_EAP-TLS_EXT.1.1,	2017.04.10
TD0171	Testing for RADIUS EAP responses and EAP-TLS protocols	PP_NDCPP_APP_AUTHSVR_EP_V1.0	FCS_RADIUS_EXT.1, FCS_EAP-TLS_EXT.1	2017.04.06
TD0157	FCS_IPSEC_EXT.1.1 - Testing SPDs	PP_HCD_V1.0	FCS_IPSEC_EXT.1.1	2017.06.15
TD0144	FDP_RIP.1.1 - Purge Memory and Restore Factory Defaults Optional	PP_PSS_V3.0	FDP_RIP.1.1	2017.02.06
TD0139	Clarification of testing for FDP_RIP_EXT.2	PP_BASE_VIRTUALIZATION_V1.0	FDP_RIP_EXT.2	2017.01.19
TD0137	FIA_X509_EXT.2.1 - IPsec Optional Selection	EP_ESC_V1.0	FIA_X509_EXT.2.1;	2016.12.22
TD0136	FDP_RIP.1.1 - Refinement	PP_PSS_V3.0	FDP_RIP.1.1	2016.12.16
TD0135	SNMP in NDcPP MACsec EP v1.2	PP_NDCPP_MACSEC_EP_V1.2	FMT_SNMP_EXT.1.1, FCS_SNMP_EXT.1.1	2017.01.25
TD0127	FIA_SIPT_EXT.1.2 - TLS Client X.509 Certificate Authentication	EP_SBC_V1.1	FIA_SIPT_EXT.1.2	2016.12.21
TD0105	MACsec Key Agreement	PP_NDCPP_MACSEC_EP_V1.2	FCS_MKA_EXT.1.2, FCS_MKA_EXT.1.5, FCS_MKA.1.8,	2016.09.13
TD0086	DisplayPort to HDMI Conversion Functionality	PP_PSS_V3.0	FDP_IFF.1.5(2), Rule 10	2016.03.10
TD0083	Vulnerability Survey Assurance Component (AVA_VAN.1) in PSS PP v3.0	PP_PSS_V3.0		2016.02.29
TD0079	RBG Cryptographic Transitions per NIST SP 800-131A Revision 1	PP_CA_v1.0, PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1, PP_MD_v2.0, PP_MDM_V2.0, PP_ND_VPN_GW_EP_v1.1, PP_OS_v4.0, PP_USB_FD_v1.0, PP_VOIP_V1.3, PP_VPN_IPSEC_CLIENT_V1.4, PP_WLAN_CLI_V1.0	PP_APP_v1.1	2018.06.15
TD0074	FCS_CKM.1(a) Requirement in HCD PP v1.0	PP_HCD_V1.0		2015.12.15
TD0071	Use of SHA-512 in ESM PPs	PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1		2015.12.03
TD0066	Clarification of FAU_STG_EXT.1 Requirement in ESM PPs	PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1		2015.10.08
TD0055	Move FTA_TAB.1 to Selection-Based Requirement	PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1		2015.07.30
TD0042	Removal of Low-level Crypto Failure Audit from PPs	PP_CA_v1.0, PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1, PP_SV_V1.0, PP_VOIP_V1.3, PP_VPN_IPSEC_CLIENT_V1.4, PP_WEBBROWSER_v1.0, PP_WLAN_CLI_V1.0		2018.06.15

References:

(free match)

Site Map Contact Us Home