|
TD0556
|
NIT Technical Decision for RFC 5077 question
|
CPP_ND_V2.2E
|
NDSDv2.2, FCS_TLSS_EXT.1.4, Test 3
|
2020.11.06
|
|
TD0555
|
NIT Technical Decision for RFC Reference incorrect in TLSS Test
|
CPP_ND_V2.2E
|
NDSDv2.2, FCS_TLSS_EXT.1.4, Test 3
|
2020.11.06
|
|
TD0554
|
iOS/iPadOS/Android AppSW Virus Scan
|
PP_APP_v1.3
|
AVA_VAN.1
|
2020.10.30
|
|
TD0552
|
SFR Rationale and Implicitly Satisfied SFRs
|
PP_MDM_V4.0
|
Section 6 and Appendix I
|
2020.10.26
|
|
TD0551
|
NIT Technical Decision for Incomplete Mappings of OEs in FW Module v1.4+Errata
|
MOD_CPP_FW_v1.4e
|
Sections 5.3.2 and 5.3.4
|
2020.10.15
|
|
TD0549
|
Consistency of Security Problem Definition update for MOD_VPNGW_v1.0 and MOD_VPNGW_v1.1
|
MOD_VPNGW_v1.0, MOD_VPNGW_v1.1
|
Section 6.1.2
|
2020.10.02
|
|
TD0548
|
Integrity for installation tests in AppSW PP 1.3
|
PP_APP_v1.3
|
FPT_TUD_EXT.1.3
|
2020.09.30
|
|
TD0547
|
NIT Technical Decision for Clarification on developer disclosure of AVA_VAN
|
CPP_ND_V2.1, CPP_ND_V2.2E
|
ND SDv2.1, ND SDv2.2, AVA_VAN.1
|
2020.10.15
|
|
TD0546
|
NIT Technical Decision for DTLS - clarification of Application Note 63
|
CPP_ND_V2.2E
|
FCS_DTLSC_EXT.1.1
|
2020.10.15
|
|
TD0545
|
NIT Technical Decision for Conflicting FW rules cannot be configured (extension of RfI#201837)
|
MOD_CPP_FW_v1.3, MOD_CPP_FW_v1.4e
|
FWMOD SD v1.3, FWMOD SD v1.4e, FFW_RUL_EXT.1.8
|
2020.10.15
|
|
TD0544
|
Alternative testing methods for FPT_AEX_EXT.1.1
|
PP_APP_v1.3
|
FPT_AEX_EXT.1
|
2020.09.15
|
|
TD0543
|
FMT_MEC_EXT.1 evaluation activity update
|
PP_APP_v1.3
|
FMT_MEC_EXT.1
|
2020.09.15
|
|
TD0542
|
Update to FCS_COP.1(6) Key Transport
|
MOD_FEEM_V1.0
|
FCS_COP.1.1(6)
|
2020.08.26
|
|
TD0541
|
Update to cryptographic protocol SFRs in ESM PPs
|
PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1
|
FTP_ITC, FTP_TRP, FCS_SSH, FCS_TLS, FCS_HTTPS
|
2020.09.04
|
|
TD0540
|
Expanded AES Modes in FCS_COP
|
PP_APP_v1.3
|
FCS_COP.1(1)
|
2020.08.26
|
|
TD0539
|
Incorrect selection trigger in FTA_CIN_EXT.1 in MOD_VI_V1.0
|
MOD_VI_V1.0
|
FTA_CIN_EXT.1, SD for Video/Display Module
|
2020.07.11
|
|
TD0538
|
NIT Technical Decision for Outdated link to allowed-with list
|
CPP_ND_V2.1, CPP_ND_V2.2E
|
Section 2
|
2020.07.13
|
|
TD0537
|
NIT Technical Decision for Incorrect reference to FCS_TLSC_EXT.2.3
|
CPP_ND_V2.2E
|
FIA_X509_EXT.2.2
|
2020.07.13
|
|
TD0536
|
NIT Technical Decision for Update Verification Inconsistency
|
CPP_ND_V2.1, CPP_ND_V2.2E
|
AGD_OPE.1, ND SDv2.1, ND SDv2.2
|
2020.07.13
|
|
TD0535
|
NIT Technical Decision for Clarification about digital signature algorithms for FTP_TUD.1
|
CPP_ND_V2.1
|
FTP_TUD.1
|
2020.07.13
|
|
TD0534
|
NIT Technical Decision for Firewall IPv4 & IPv6 testing by default
|
CPP_FW_V2.0E, MOD_CPP_FW_v1.3
|
FW SDv2.0e, FW MOD SDv1.3
|
2020.07.13
|
|
TD0533
|
NIT Technical Decision for FTP_ITC.1 with signed downloads
|
CPP_ND_V2.1
|
FTP_ITC.1
|
2020.07.13
|
|
TD0532
|
NIT Technical Decision for Use of seeds with higher entropy
|
CPP_ND_V2.1
|
FCS_RGB_EXT.1.2
|
2020.07.13
|
|
TD0531
|
NIT Technical Decision for Challenge-Response for Authentication
|
CPP_ND_V2.1
|
FCS_SSHS_EXT.1
|
2020.07.13
|
|
TD0530
|
NIT Technical Decision for FCS_TLSC_EXT.1.1 5e test clarification
|
CPP_ND_V2.1
|
FCS_TLSC_EXT.1.1, ND SDv2.1
|
2020.07.13
|
|
TD0529
|
NIT Technical Decision for OCSP and Authority Information Access extension
|
CPP_ND_V2.1
|
FIA_X509_EXT.1/Rev , FIA_X509_EXT.2, ND SD v2.1
|
2020.07.13
|
|
TD0528
|
NIT Technical Decision for Missing EAs for FCS_NTP_EXT.1.4
|
CPP_ND_V2.1, CPP_ND_V2.2E
|
FCS_NTP_EXT.1.4, ND SD v2.1, ND SD v2.2
|
2020.07.13
|
|
TD0527
|
Updates to Certificate Revocation Testing (FIA_X509_EXT.1)
|
CPP_ND_V2.2E
|
FIA_X509_EXT.1/REV, FIA_X509_EXT.1/ITT
|
2020.07.01
|
|
TD0526
|
Updates to Certificate Revocation (FIA_X509_EXT.1)
|
PP_BASE_VIRTUALIZATION_V1.0
|
FIA_X509_EXT.1
|
2020.07.01
|
|
TD0525
|
Updates to Certificate Revocation (FIA_X509_EXT.1)
|
PP_OS_V4.2.1
|
FIA_X509_EXT.1
|
2020.07.01
|
|
TD0524
|
Updates to Certificate Revocation (FIA_X509_EXT.1)
|
PP_MDM_V4.0
|
FIA_X509_EXT.1
|
2020.07.01
|
|
TD0523
|
Updates to Certificate Revocation (FIA_X509_EXT.1)
|
PP_MD_V3.1
|
FIA_X509_EXT.1
|
2020.07.01
|
|
TD0522
|
Updates to Certificate Revocation (FIA_X509_EXT.1)
|
PP_CA_V2.1
|
FIA_X509_EXT.1
|
2020.07.01
|
|
TD0521
|
Updates to Certificate Revocation (FIA_X509_EXT.1)
|
PP_APP_v1.3
|
FIA_X509_EXT.1
|
2020.07.01
|
|
TD0520
|
VPN Gateway SFR Rationale
|
MOD_VPNGW_v1.0
|
Sections 5.3 and 5.4
|
2020.06.19
|
|
TD0519
|
Linux symbolic links and FMT_CFG_EXT.1
|
PP_APP_v1.3
|
FMT_CFG_EXT.1.2
|
2020.06.18
|
|
TD0518
|
Typographical error in Dependency Table
|
PP_PSD_V4.0
|
FPT_STM.1
|
2020.06.15
|
|
TD0517
|
WLAN Client Corrections for X509 and TLSC
|
PP_WLAN_CLI_EP_V1.0
|
FIA_X509_EXT.2.2, FCS_TLSC_EXT.1.3/WLAN
|
2020.06.19
|
|
TD0516
|
Behavior on Receiving TLS Certificate Request, FDP_TEP_EXT.1
|
MOD_STIP_V1.0
|
FDP_TEP_EXT.1
|
2020.06.17
|
|
TD0515
|
Use Android APK manifest in test
|
PP_APP_v1.3
|
FDP_DEC_EXT.1
|
2020.06.08
|
|
TD0514
|
Correction to MOD_VI FDP_APC_EXT.1 Test 3 Step 6
|
MOD_VI_V1.0
|
FDP_APC_EXT.1,
|
2020.05.18
|
|
TD0513
|
CA Certificate loading
|
PKG_TLS_V1.1
|
FCS_TLSC_EXT.1.3
|
2020.05.26
|
|
TD0512
|
Group CAKs for establishing multiple MKA connections is not mandated
|
PP_NDCPP_MACSEC_EP_V1.2
|
FMT_SMF.1
|
2020.03.26
|
|
TD0511
|
VPN GW Conformance Claim to allow for a PP-Module
|
MOD_VPNGW_v1.0
|
|
2020.03.06
|
|
TD0510
|
Obtaining random bytes for iOS/macOS
|
PP_APP_v1.3
|
FCS_RBG_EXT.1
|
2020.03.03
|
|
TD0509
|
Correction to MACsec Audit
|
PP_NDCPP_MACSEC_EP_V1.2
|
FAU_GEN.1
|
2020.03.02
|
|
TD0508
|
Conformance Claim to allow for a PP-Module
|
MOD_VPN_CLI_V2.1
|
|
2020.02.28
|
|
TD0507
|
Clarification on USB plug type
|
MOD_KM_V1.0
|
FDP_ACP_EXT.1
|
2020.03.03
|
|
TD0506
|
Missing Steps to disconnect and reconnect display
|
MOD_VI_V1.0
|
FDP_ACP_EXT.1
|
2020.02.28
|
|
TD0504
|
Cryptographic selections and updates for use with VPN Client PP-Module w/MDF PP
|
MOD_VPN_CLI_V2.1
|
FCS_CKM.1, FCS_CKM.2(1)
|
2020.09.04
|
|
TD0503
|
Cryptographic selections and updates for use with VPN Client PP-Module w/OS PP
|
MOD_VPN_CLI_V2.1
|
FCS_CKM.1(1), FCS_CKM.2(1)
|
2020.09.04
|
|
TD0502
|
Cryptographic selections and updates for MDF PP
|
PP_MD_V3.1
|
FCS_CKM.1, FCS_CKM.2
|
2020.09.03
|
|
TD0501
|
Cryptographic selections and updates for OS PP
|
PP_OS_V4.2.1
|
FCS_CKM.1, FCS_CKM.2
|
2020.09.03
|
|
TD0500
|
Cryptographic selections and updates for CAPP
|
PP_CA_V2.1
|
FCS_CKM.1 and FCS_CKM.2
|
2020.09.03
|
|
TD0499
|
Testing with pinned certificates
|
PKG_TLS_V1.1
|
FCS_TLSC_EXT.1.2
|
2020.02.04
|
|
TD0498
|
Application Software PP Security Objectives and Requirements Rationale
|
PP_APP_v1.3
|
Section 4.3 and Section 5.2
|
2020.01.31
|
|
TD0497
|
SFR Rationale, Consistency of SPD, and Implicitly Satisfied SFRs
|
MOD_MDM_AGENT_V1.0
|
Section 5, Section 6, and Appendix H
|
2020.10.26
|
|
TD0496
|
GPOS PP adds allow-with statement for VPN Client V2.1
|
PP_OS_V4.2.1
|
Conformance Claims
|
2020.01.29
|
|
TD0495
|
FIA_X509_EXT.1.2 Test Clarification
|
PP_APP_v1.3
|
FIA_X509_EXT.1.2
|
2020.01.29
|
|
TD0494
|
Removal of Mandatory SSH Ciphersuite for HCD
|
PP_HCD_V1.0
|
FCS_SSH_EXT.1.7
|
2020.02.20
|
|
TD0493
|
X.509v3 certificates when using digital signatures for Boot Integrity
|
PP_OS_V4.2.1
|
FPT_TST_EXT.1.1
|
2020.03.04
|
|
TD0492
|
TLS-EAP Ciphers and TLS versions for WLAN Client
|
PP_WLAN_CLI_EP_V1.0
|
FCS_TLSC_EXT.1.1/WLAN, TLSC_EXT.1.6/WLAN
|
2020.01.22
|
|
TD0491
|
Update to FMT_SMF_EXT.4 Test 2
|
MOD_MDM_AGENT_V1.0
|
FMT_SMF_EXT.4
|
2020.01.15
|
|
TD0489
|
Update to FCS_COP.1 in MOD_FEEM
|
MOD_FEEM_V1.0
|
FCS_COP.1(5); FCS_COP.1(7)
|
2020.01.30
|
|
TD0488
|
Selectable ciphers for FCS_COP.1(5)
|
EP_VVOIP_V1.0
|
FCS_COP.1(5)
|
2020.01.21
|
|
TD0487
|
Correction to Typo in FCS_MACSEC_EXT.4
|
PP_NDCPP_MACSEC_EP_V1.2
|
FCS_MACSEC_EXT.4.4
|
2020.01.02
|
|
TD0486
|
Removal of PP-Module for VPN Clients from allowed with list
|
PP_APP_v1.3
|
Section 2, FDP_DAR_EXT.1
|
2019.12.17
|
|
TD0485
|
PP-Configuration for Application Software and Virtual Private Network (VPN) Clients not allowed
|
MOD_VPN_CLI_V2.1
|
|
2019.12.17
|
|
TD0484
|
NIT Technical Decision for Interactive sessions in FTA_SSL_EXT.1 & FTA_SSL.3
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FTA_SSL_EXT.1, FTA_SSL.3
|
2019.12.18
|
|
TD0483
|
NIT Technical Decision for Applicability of FPT_APW_EXT.1
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FPT_APW_EXT.1
|
2019.12.18
|
|
TD0482
|
NIT Technical Decision for Identification of usage of cryptographic schemes
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
ND SDv2.0e, FW SDv2.0e, ND SDv2.1, FCS_CKM.2
|
2019.12.18
|
|
TD0481
|
NIT Technical Decision for FCS_(D)TLSC_EXT.X.2 IP addresses in reference identifiers
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
ND SDv2.0, ND SDv2.1, FW SDv2.0e, FAU_GEN.1
|
2019.12.18
|
|
TD0480
|
NIT Technical Decision for Granularity of audit events
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
FIA_AFL.1 (NDcPP), section 2.3.1.3 (ND SD)
|
2019.12.18
|
|
TD0479
|
FMT_SMF.1(1) Reliance on MDF Evals
|
PP_MDM_V4.0
|
FMT_SMF.1(1)
|
2020.02.21
|
|
TD0478
|
NIT Technical Decision for Application Notes for FIA_X509_EXT.1 iterations
|
CPP_FW_v2.0, CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FIA_X509_EXT.1/Rev, FIA_X509_EXT.1/ITT
|
2019.12.18
|
|
TD0477
|
NIT Technical Decision for Clarifying FPT_TUD_EXT.1 Trusted Update
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
ND SD V2.0E, ND SD V2.1, FPT_TUD_EXT.1, Tests section
|
2019.12.18
|
|
TD0475
|
NIT Technical Decision for Separate traffic consideration for SSH rekey
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_SSHC_EXT.1.1, FCS_SSHS_EXT.1.1, ND SD V2.0E, ND SD V2.1
|
2019.12.18
|
|
TD0474
|
Removal of Mandatory Cipher Suite in FCS_TLS_EXT.1
|
PP_HCD_V1.0
|
FCS_TLS_EXT.1
|
2019.12.04
|
|
TD0473
|
Support for Client or Server TOEs in FCS_HTTPS_EXT
|
PP_APP_v1.3
|
FCS_HTTPS_EXT.1
|
2020.01.21
|
|
TD0472
|
File Encryption SFR Rationale and Consistency of TOE Type added
|
MOD_FE_V1.0
|
Section 5.3, Section 6.1.1
|
2019.12.04
|
|
TD0470
|
Wireless Network Restrictions
|
PP_WLAN_CLI_EP_V1.0
|
FMT_SMF_EXT.1.1/WLAN; FTA_WSE_EXT.1.1
|
2020.01.22
|
|
TD0469
|
Modification of test activity for FCS_TLSS_EXT.1.1 test 4.1
|
PKG_TLS_V1.1
|
FCS_TLSS_EXT.1.1
|
2019.11.20
|
|
TD0468
|
Bluetooth pairing vs connection
|
PP_MD_V3.1
|
FIA_BLT_EXT.3.1
|
2019.11.22
|
|
TD0466
|
Selectable Key Sizes for AES Data Encryption/Decryption
|
PP_NDCPP_MACSEC_EP_V1.2
|
FCS_COP.1.1
|
2019.11.15
|
|
TD0465
|
Configuration Storage for .NET Apps
|
PP_APP_v1.3
|
FMT_MEC_EXT.1
|
2019.11.08
|
|
TD0464
|
FIT Technical Decision for FPT_PWR_EXT.1 compliant power saving states
|
CPP_FDE_EE_V2.0E
|
FPT_PWR_EXT.1
|
2019.11.05
|
|
TD0463
|
Clarification for FPT_TUD_EXT
|
PP_OS_V4.2.1
|
FPT_TUD_EXT.1.1, FPT_TUD_EXT.2.1
|
2019.11.12
|
|
TD0461
|
Security Audit for Distributed TOEs
|
PP_MDM_V4.0
|
Section 6.2.2, Bullet 2
|
2020.01.08
|
|
TD0460
|
FIT Technical Decision for FPT_PWR_EXT.1 non-compliant power saving states
|
CPP_FDE_EE_V2.0E
|
FPT_PWR_EXT.1, FDE EE SD v2.0E
|
2019.10.18
|
|
TD0459
|
RadSec Pre-Shared Key Clarification
|
PP_NDCPP_APP_AUTHSVR_EP_V1.0
|
FCS_RADSEC_EXT.1.4
|
2019.10.25
|
|
TD0458
|
FIT Technical Decision for FPT_KYP_EXT.1 evaluation activities
|
CPP_FDE_AA_V2.0E, CPP_FDE_EE_V2.0E
|
FPT_KYP_EXT.1, FDE AA SD v2.0E, FDE EE SD v2.0E
|
2019.10.18
|
|
TD0457
|
Typographical error in FPT_FLS.1.1
|
EP_ESC_V1.0
|
FPT_FLS.1
|
2019.10.04
|
|
TD0456
|
Removal of Low-level Crypto Failure Audit in WLAN AS EP
|
PP_WLAN_AS_EP_V1.0
|
FAU_GEN.1
|
2019.10.09
|
|
TD0455
|
NIST SP800-133 keygen methods for FAK/FEK Generation
|
MOD_FE_V1.0
|
FDP_AUT_EXT.2.9, FCS_CKM_EXT.2.1
|
2019.10.18
|
|
TD0454
|
Test for displaying real-time connection status of VVoIP endpoints in FMT_SMF.1.1
|
EP_ESC_V1.0
|
FMT_SMF.1
|
2019.09.23
|
|
TD0453
|
NIT Technical Decision for Clarify authentication methods SSH clients can use to authenticate SSH se
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_SSHC_EXT.1.9
|
2019.09.16
|
|
TD0451
|
NIT Technical Decision for ITT Comm UUID Reference Identifier
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_TLSS_EXT.1.2 and FCS_TLSS_EXT.2.2
|
2019.09.16
|
|
TD0450
|
NIT Technical Decision for RSA-based ciphers and the Server Key Exchange message
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_TLSS_EXT.*.3, FCS_DTLSS_EXT.*.4, ND SD v2.1, ND SD v2.0E
|
2019.09.16
|
|
TD0447
|
NIT Technical Decision for Using 'diffie-hellman-group-exchange-sha256' in FCS_SSHC/S_EXT.1.7
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_SSHC_EXT.1.7, FCS_SSHS_EXT.1.7
|
2019.09.16
|
|
TD0446
|
Missing selections for SSH
|
PP_SSH_EP_v1.0
|
FCS_SSHC_EXT.1.3, FCS_SSHC_EXT.1.5, FCS_SSHS_EXT.1.3, FCS_SSHS_EXT.1.5
|
2019.10.18
|
|
TD0445
|
User Modifiable File Definition
|
PP_APP_v1.3
|
FPT_AEX_EXT.1.4
|
2019.10.09
|
|
TD0444
|
IPsec selections
|
PP_APP_v1.3
|
FTP_DIT_EXT.1, FIA_X509_EXT.2
|
2019.08.30
|
|
TD0443
|
FPT_VDP_EXT.1 Clarification for Assurance Activity
|
PP_BASE_VIRTUALIZATION_V1.0
|
FPT_VDP_EXT.1
|
2019.08.21
|
|
TD0442
|
Updated TLS Ciphersuites for TLS Package
|
PKG_TLS_V1.1
|
FCS_TLSC_EXT.1.1, FCS_TLSS_EXT.1.1, FCS_DTLSC_EXT.1.1, FCS_DTLSS_EXT.1.1
|
2019.08.21
|
|
TD0441
|
Updated TLS Ciphersuites for OS PP
|
PP_OS_V4.2.1
|
FCS_TLSC_EXT.1.1, FCS_TLSS_EXT.1.1, FCS_DTLSC_EXT.1.1, FCS_DTLSS_EXT.1.1
|
2019.08.21
|
|
TD0440
|
Assurance Activities for FIA_UAU.2
|
EP_ESC_V1.0
|
FIA_UAU.2/TC, FIA_UAU.2/VVoIP
|
2019.08.20
|
|
TD0439
|
EAP-TLS Revocation Checking
|
PP_WLAN_CLI_EP_V1.0
|
FIA_X509_EXT.1, FAU_GEN.1
|
2019.08.29
|
|
TD0438
|
TST and TUD on the MDM Agent
|
PP_MDM_V4.0
|
FPT_TST_EXT.1, FPT_TUD_EXT.1
|
2019.08.21
|
|
TD0437
|
Supported Configuration Mechanism
|
PP_APP_v1.3
|
FMT_MEC_EXT.1.1
|
2019.07.23
|
|
TD0435
|
Alternative to SELinux for FPT_AEX_EXT.1.3
|
PP_APP_v1.2, PP_APP_v1.3
|
FPT_AEX_EXT.1.3
|
2019.07.26
|
|
TD0434
|
Windows Desktop Applications Test
|
PP_APP_v1.2, PP_APP_v1.3
|
FDP_DEC_EXT.1.1
|
2019.07.22
|
|
TD0432
|
Corrections to FIA_AFL_EXT.1
|
PP_BASE_VIRTUALIZATION_V1.0
|
FIA_AFL_EXT.1
|
2019.07.16
|
|
TD0431
|
Modification to Cipher Suites for TLS
|
PP_BASE_VIRTUALIZATION_V1.0
|
FAU_GEN.1, FCS_IPSEC_EXT.1.15, FCS_TLSC_EXT.1, FCS_TLSC_EXT.2, FCS_TLSS_EXT.1, FCS_TLSS_EXT.2
|
2019.07.30
|
|
TD0430
|
Optional Logging of Power and Fan Status
|
EP_ESC_V1.0
|
FAU_GEN.1/Log
|
2019.06.27
|
|
TD0429
|
AAs for FMT_MTD.1/SystemTime
|
EP_SBC_V1.1
|
FMT_MTD.1/SystemTime
|
2019.06.21
|
|
TD0428
|
FCS_SRTP_EXT.1 Test Activity
|
EP_VVOIP_V1.0
|
FCS_SRTP_EXT.1
|
2019.06.25
|
|
TD0427
|
Reliable Time Source
|
PP_APP_v1.2, PP_APP_v1.3
|
A.Platform
|
2019.06.11
|
|
TD0425
|
NIT Technical Decision for Cut-and-paste Error for Guidance AA
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
ND SD V2.0e, ND SD V2.1, FTA_SSL.3
|
2019.05.31
|
|
TD0424
|
NIT Technical Decision for NDcPP v2.1 Clarification - FCS_SSHC/S_EXT1.5
|
CPP_ND_V2.1
|
ND SD V2.1, FCS_SSHC_EXT.1.5, FCS_SSHS_EXT.1.5
|
2019.05.31
|
|
TD0423
|
NIT Technical Decision for Clarification about application of RfI#201726rev2
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
ND SD V2.0E, FW SD V2.0E, ND SD V2.1
|
2019.05.31
|
|
TD0422
|
FCS_SRTP_EXT.1 Test 2
|
EP_SBC_V1.1
|
FCS_SRTP_EXT.1
|
2019.05.16
|
|
TD0420
|
Conflict in FCS_SSHC_EXT.1.1 and FCS_SSHS_EXT.1.1
|
PP_SSH_EP_v1.0
|
FCS_SSHC_EXT.1.1, FCS_SSHS_EXT.1.1
|
2019.05.10
|
|
TD0419
|
FAU_GEN.1 Audit for FMT_SMF.1
|
EP_ESC_V1.0
|
FAU_GEN.1
|
2019.05.02
|
|
TD0418
|
Clarifications for ESC EP
|
EP_ESC_V1.0
|
FAU_STG.1/VVR, FAU_STG_EXT.1, FMT_SMF.1, FTP_ITC.1
|
2019.05.03
|
|
TD0417
|
Updates to FDP_IFF.1 and FIA_UAU.2
|
EP_ESC_V1.0
|
FDP_IFF.1, FIA_UAU.2.1/TC, FIA_UAU.2/VVoIP
|
2019.04.30
|
|
TD0416
|
Correction to FCS_RBG_EXT.1 Test Activity
|
PP_APP_v1.3
|
FCS_RBG_EXT.1.1
|
2019.04.24
|
|
TD0415
|
Trusted Update Test 4 Conditional
|
PP_CA_V2.1
|
FPT_TUD_EXT.1
|
2019.04.04
|
|
TD0414
|
FTP_ITC_EXT1. Tests 1 and 2
|
PP_APP_EMAILCLIENT_EP_v2.0
|
FTP_ITC_EXT.1
|
2019.04.04
|
|
TD0413
|
Conformance Claim to allow for a PP-Module
|
PP_MD_V3.1
|
|
2019.03.22
|
|
TD0412
|
NIT Technical Decision for FCS_SSHS_EXT.1.5 SFR and AA discrepancy
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_SSHS_EXT.1.5, ND SD V2.0e, ND SD V2.1
|
2019.03.22
|
|
TD0411
|
NIT Technical Decision for FCS_SSHC_EXT.1.5, Test 1 - Server and client side seem to be confused
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_SSHC_EXT.1.5, ND SD V2.0E, ND SD V2.1
|
2019.03.22
|
|
TD0410
|
NIT technical decision for Redundant assurance activities associated with FAU_GEN.1
|
CPP_ND_V1.0, CPP_ND_V2.0E, CPP_ND_V2.1
|
FAU_GEN.1, ND SD V1.0, ND SD V2.0e, ND SD V2.1
|
2019.03.22
|
|
TD0409
|
NIT decision for Applicability of FIA_AFL.1 to key-based SSH authentication
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
FIA_AFL.1, ND SD v2.0e, ND SD v2.1
|
2019.03.22
|
|
TD0408
|
NIT Technical Decision for local vs. remote administrator accounts
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FIA_AFL.1, FIA_UAU_EXT.2, FMT_SMF.1
|
2019.03.22
|
|
TD0407
|
NIT Technical Decision for handling Certification of Cloud Deployments
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
|
2019.03.22
|
|
TD0406
|
FDP_IFF.1.5 Tests 1 and 2
|
EP_VVOIP_V1.0
|
FDP_IFF.1.5
|
2019.03.13
|
|
TD0405
|
FIA_SASL_EXT.1 Testing
|
PP_APP_EMAILCLIENT_EP_v2.0
|
FIA_SASL_EXT.1
|
2019.03.20
|
|
TD0404
|
Cryptographic selections and updates for use with App PP v1.3
|
MOD_VPN_CLI_V2.1
|
FCS_CKM.1, FCS_CKM.2.1, FCS_CKM_EXT.1, FCS_COP.1, FIA_X509_EXT.2, FTP_DIT_EXT.1, FCS_IPSEC_EXT.1.8
|
2019.08.30
|
|
TD0402
|
NIT Technical Decision for RSA-based FCS_CKM.2 Selection
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_CKM.2, ND SD V2.0E, ND SD V2.1
|
2019.02.24
|
|
TD0401
|
NIT Technical Decision for Reliance on external servers to meet SFRs
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
FTP_ITC.1
|
2019.02.24
|
|
TD0400
|
NIT Technical Decision for FCS_CKM.2 and elliptic curve-based key establishment
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_CKM.1, FCS_CKM.2
|
2019.02.24
|
|
TD0399
|
NIT Technical Decision for Manual installation of CRL (FIA_X509_EXT.2)
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
FIA_X509_EXT.2, ND SD V2.0E, ND SD V2.1
|
2019.02.24
|
|
TD0398
|
NIT Technical Decision for FCS_SSH*EXT.1.1 RFCs for AES-CTR
|
CPP_FW_V2.0E, CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_SSHC_EXT.1.1, FCS_SSHS_EXT.1.1
|
2019.02.24
|
|
TD0397
|
NIT Technical Decision for Fixing AES-CTR Mode Tests
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_COP.1/DataEncryption, ND SD V2.0E, ND SD V2.1
|
2019.02.24
|
|
TD0396
|
NIT Technical Decision for FCS_TLSC_EXT.1.1, Test 2
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_DTLSC_EXT.1.1, FCS_DTLSC_EXT.2.1, FCS_TLSC_EXT.1.1, FCS_TLSC_EXT.2.1, ND SD V2.0E, ND SD V2.1
|
2019.02.24
|
|
TD0395
|
NIT Technical Decision for Different Handling of TLS1.1 and TLS1.2
|
CPP_ND_V2.0E, CPP_ND_V2.1
|
FCS_TLSS_EXT.2.4, FCS_TLSS_EXT.2.5, ND SD V2.0E, ND SD V2.1
|
2019.02.24
|
|
TD0393
|
Require FTP_TRP.1(b) only for printing
|
PP_HCD_V1.0
|
FTP_TRP.1(b)
|
2019.02.26
|
|
TD0387
|
VPN Client Required SFR for GPOS as Base PP
|
MOD_VPN_CLI_V2.1
|
Section 5.1.1
|
2019.01.29
|
|
TD0386
|
Platform-Provided Verification of Update
|
PP_OS_V4.2, PP_OS_V4.2.1
|
FPT_TUD_EXT.1.2
|
2019.02.07
|
|
TD0385
|
FTP_DIT_EXT.1 Assurance Activity Clarification
|
MOD_VPN_CLI_V2.1, PP_APP_v1.2
|
FTP_DIT_EXT.1
|
2019.01.08
|
|
TD0381
|
FCS_SMIME_EXT.1 Test 3
|
PP_APP_EMAILCLIENT_EP_v2.0
|
FCS_SMIME_EXT.1.1
|
2018.12.27
|
|
TD0379
|
Updated FCS_IPSEC_EXT.1.11 Tests for VPN Client
|
MOD_VPN_CLI_V2.1
|
FCS_IPSEC_EXT.1.11
|
2018.12.20
|
|
TD0378
|
TOE/TOE Platform Selection in FCS_IPSEC_EXT.1 SFRs
|
MOD_VPN_CLI_V2.1
|
FCS_IPSEC_EXT.1.12, FCS_IPSEC_EXT.1.13
|
2018.12.13
|
|
TD0376
|
Audit record entry for FMT_SMF.1 in FAU_GEN.1.2/VOIP
|
EP_VVOIP_V1.0
|
FAU_GEN.1.2/VVOIP
|
2018.11.29
|
|
TD0375
|
FMT_MOF.1(4) selection
|
PP_CA_V2.1
|
FMT_MOF.1
|
2018.11.27
|
|
TD0372
|
Auditing in VVOIP
|
EP_VVOIP_V1.0
|
FAU_GEN.1/VVOIP, FAU_STG_EXT.1
|
2018.11.27
|
|
TD0371
|
Section F.2 [Use Case 2]
|
PP_MD_V3.1
|
|
2018.11.21
|
|
TD0369
|
Long-term trusted channel key material
|
PP_MD_V3.1
|
FCS_STG_EXT.2.1, FCS_STG_EXT.2.2, FCS_STG_EXT.3.1
|
2018.10.17
|
|
TD0367
|
Trusted Updates
|
EP_VVOIP_V1.0
|
FPT_TUD_EXT.1
|
2018.10.12
|
|
TD0366
|
Flexibility in Password Conditioning in FCS_COP.1(5)
|
PP_MD_V3.1
|
FCS_COP.1.1(5), FCS_CKM_EXT.3.2
|
2018.10.12
|
|
TD0365
|
FCS_CKM_EXT.4 selections
|
PP_OS_V4.2, PP_OS_V4.2.1
|
FCS_CKM_EXT.4
|
2018.10.12
|
|
TD0363
|
Access Banner and applicability to programmatic interfaces
|
PP_BASE_VIRTUALIZATION_V1.0
|
FTA_TAB.1
|
2018.10.05
|
|
TD0362
|
"Failure of the randomization process" audit
|
MOD_VPN_CLI_V2.1
|
FCS_RBG_EXT.1, FIA_PSK_EXT.1
|
2018.10.03
|
|
TD0360
|
AD Server configuration in FMT_MOF_EXT.1
|
EP_CV_V1.0, EP_SV_V1.0, PP_BASE_VIRTUALIZATION_V1.0
|
FMT_MOF_EXT.1.2, FIA_UAU.5.1
|
2018.09.28
|
|
TD0355
|
FCS_CKM.1/VPN for IKE authentication
|
MOD_VPN_CLI_V2.1
|
FCS_CKM.1/VPN
|
2018.09.20
|
|
TD0353
|
Guidance for Certificate Profiles
|
PP_CA_V2.1
|
FDP_CER_EXT.1.1
|
2018.09.18
|
|
TD0352
|
Added key destruction options
|
PP_APP_EMAILCLIENT_EP_v2.0
|
FCS_CKM_EXT.4
|
2018.09.18
|
|
TD0351
|
Additional methods for DEK formation
|
PP_MD_V3.1
|
FCS_CKM_EXT.2.1
|
2018.09.20
|
|
TD0349
|
Update to FPT_MCD_EXT.1.2
|
PP_APP_WEBBROWSER_EP_v2.0
|
FPT_MCD_EXT.1.2
|
2018.08.31
|
|
TD0348
|
FCS_TLSS_EXT.2.4 for TLS 1.2 or higher
|
PP_CA_V2.1
|
FCS_TLSS_EXT.2.4
|
2018.08.28
|
|
TD0347
|
Update of Use Case 2 in MDF PP
|
PP_MD_V3.1
|
Section F.2 [Use Case 2]
|
2018.08.23
|
|
TD0346
|
Revision of FMT_SMF_EXT.2 in MDF PP
|
PP_MD_V3.1
|
FMT_SMF_EXT.2
|
2018.08.23
|
|
TD0332
|
Support for RSA SHA2 host keys
|
PP_SSH_EP_v1.0
|
FCS_SSHC_EXT.1.4, FCS_SSHS_EXT.1.4
|
2018.06.08
|
|
TD0331
|
SSH Rekey Testing
|
PP_SSH_EP_v1.0
|
FCS_SSHS_EXT.1.7, FCS_SSHC_EXT.1.7
|
2018.06.01
|
|
TD0328
|
Split Knowledge Procedures distinction
|
PP_CA_V2.1
|
FPT_SKY_EXT.1
|
2018.06.07
|
|
TD0325
|
Inline mode for Signature-based IPS policies
|
EP_IPS_V2.11
|
IPS_SBD_EXT.1.5
|
2018.05.21
|
|
TD0315
|
Clarification of test for FCS_CKM.2.1(3)
|
PP_WLAN_AS_EP_V1.0
|
FCS_CKM.2.1(3)
|
2018.05.03
|
|
TD0314
|
Modifications to support Selection Based requirements
|
EP_WIDS_V1.0
|
FAU_SAA.1.2, FAU_GEN.1.1/WIDS, FAU_GEN.2.1//WIDS, FMT_SMF.1/WIDS
|
2018.04.26
|
|
TD0306
|
Update to FAU_WID_EXT.2.1 and FAU_WID_EXT.2.2
|
EP_WIDS_V1.0
|
FAU_WID_EXT.2.1, FAU_WID_EXT.2.2
|
2018.05.22
|
|
TD0305
|
Handling of TLS connections with and without mutual authentication
|
PP_APP_v1.2, PP_MD_V3.1, PP_MDM_V3.0, PP_OS_V4.1
|
FCS_TLSC_EXT.2.1, FCS_TLSC_EXT.1.4, FCS_TLSC_EXT.4.1
|
2018.04.04
|
|
TD0304
|
Update to FCS_TLSC_EXT.1.2
|
PP_APP_v1.2, PP_MD_V3.1, PP_MDM_V3.0, PP_OS_V4.1
|
FCS_TLSC_EXT.1.2
|
2018.04.04
|
|
TD0303
|
IKEv1 and support for XAUTH
|
MOD_VPN_CLI_V2.1
|
FCS_IPSEC_EXT.1.5
|
2018.03.29
|
|
TD0302
|
Update to FAU_ARP.1
|
EP_SBC_V1.1
|
FAU_ARP.1
|
2018.03.29
|
|
TD0301
|
Updates to Administrator Management and Biometric Authenication
|
PP_MD_V3.1
|
FMT_SMF_EXT.3, FIA_BMG_EXT.1.1
|
2018.04.04
|
|
TD0299
|
Update to FCS_CKM.4 Assurance Activities
|
PP_HCD_V1.0
|
FCS_CKM.4
|
2018.03.16
|
|
TD0294
|
Correction of TLS SFRs in CA PP ver 2.1
|
PP_CA_V2.1
|
FCS_TLSC_EXT.2, FCS_TLSS_EXT.1, FCS_TLSS_EXT.2
|
2018.04.18
|
|
TD0287
|
FAU_STG.4 Testing
|
PP_CA_V2.1
|
FAU_STG.4
|
2018.01.25
|
|
TD0286
|
Audit Events for FPT_RCV.1
|
PP_CA_V2.1
|
FPT_RCV.1
|
2018.01.25
|
|
TD0284
|
Tests for FCS_SRTP_EXT.1
|
EP_SBC_V1.1
|
FCS_SRTP_EXT.1
|
2018.01.18
|
|
TD0282
|
Test Activities added for Key Distribution and Key Generation
|
PP_WLAN_AS_EP_V1.0
|
FCS_CKM.1(2). FCS_CKM.2(3)
|
2018.01.19
|
|
TD0279
|
Ciphersuites for SRTP
|
EP_SBC_V1.1, EP_VVOIP_V1.0
|
FCS_SRTP_EXT.1.2
|
2018.01.03
|
|
TD0278
|
Clarification of Role for Managing Manual Certificate Requests
|
PP_CA_V2.1
|
FMT_MOF.1(1); FMT_MOF.1(3)
|
2017.12.21
|
|
TD0277
|
Pre-Shared Key Composition
|
PP_WLAN_AS_EP_V1.0
|
FIA_PSK_EXT.1
|
2017.12.20
|
|
TD0276
|
X.509 Code Signing on TOE Updates
|
PP_CA_V2.1
|
FIA_X509_EXT.2.1
|
2017.12.19
|
|
TD0275
|
Corrections to FAU_WID_EXT.2.1 and FAU_WID_EXT.3.1
|
EP_WIDS_V1.0
|
FAU_WID_EXT.2.1, FAU_WID_EXT.3.1
|
2017.12.20
|
|
TD0273
|
Rekey after CAK expiration
|
PP_NDCPP_MACSEC_EP_V1.2
|
FCS_MACSEC_EXT.4
|
2017.12.20
|
|
TD0271
|
RADsec as alternative to IPsec
|
PP_WLAN_AS_EP_V1.0
|
FTP_ITC.1
|
2018.04.26
|
|
TD0266
|
Password/passphrase min vs max value for FCS_CKM_EXT.5.1
|
PP_APP_EMAILCLIENT_EP_v2.0
|
FCS_CKM_EXT.5.1
|
2017.12.08
|
|
TD0264
|
Clarification of Auditable Events for FPT_RDM_EXT.1
|
PP_BASE_VIRTUALIZATION_V1.0
|
PP_BASE_VIRTUALIZATION_V1.0, FPT_RDM_EXT.1
|
2017.12.07
|
|
TD0261
|
Destruction of CSPs in flash
|
PP_HCD_V1.0
|
FCS_CKM.4
|
2017.11.14
|
|
TD0254
|
Algorithms in FCS_SMIME_EXT.1.4
|
PP_APP_EMAILCLIENT_EP_v2.0
|
FCS_SMIME_EXT.1.4
|
2017.11.08
|
|
TD0253
|
Assurance Activities for Key Transport
|
PP_HCD_V1.0
|
FCS_COP.1.1(i)
|
2017.11.08
|
|
TD0250
|
Hypercall Controls - FPT_HCL_EXT.1 Clarification
|
PP_BASE_VIRTUALIZATION_V1.0
|
FPT_HCL_EXT.1
|
2017.11.14
|
|
TD0249
|
Applicability of FTP_ITC_EXT.1
|
PP_BASE_VIRTUALIZATION_V1.0
|
FTP_ITC_EXT.1.1
|
2017.11.14
|
|
TD0244
|
FCS_TLSC_EXT - TLS Client Curves Allowed
|
PP_APP_v1.2, PP_MD_V3.1, PP_OS_V4.1, PP_WLAN_CLI_EP_V1.0
|
FCS_TLSC_EXT.2.1, FCS_TLSC_EXT.4.1, FCS_TLSC_EXT.1.4, FCS_TLSC_EXT.2/WLAN
|
2017.11.16
|
|
TD0240
|
FCS_COP.1.1(1) Platform provided crypto for encryption/decryption
|
PP_SSH_EP_v1.0
|
FCS_COP.1.1(1)
|
2017.11.27
|
|
TD0230
|
ALC Assurance Activities for Server Virtualization and Base Virtualization PPs
|
PP_BASE_VIRTUALIZATION_V1.0, PP_SV_V1.1
|
ALC_CMC.1, ALC_CMS.1
|
2017.09.06
|
|
TD0222
|
Use of RF Jammer for DoS testing in WIDS EP
|
EP_WIDS_V1.0
|
FAU_WID_EXT.3
|
2017.07.27
|
|
TD0219
|
NIAP Endorsement of Errata for HCD PP v1.0
|
PP_HCD_V1.0
|
|
2017.07.07
|
|
TD0211
|
FPT_TUD_EXT.1 - VVoIP Endpoints Optional
|
EP_ESC_V1.0
|
FPT_TUD_EXT.1
|
2017.06.13
|
|
TD0206
|
Testing for Non-Existence of Disconnected Virtual Devices
|
PP_BASE_VIRTUALIZATION_V1.0
|
FPT_DVD_EXT.1
|
2017.05.05
|
|
TD0194
|
Update to Audit of FTP_ITC_EXT.1/WLAN
|
PP_WLAN_CLI_EP_V1.0
|
FAU_GEN.1, FTP_ITC_EXT.1/WLAN
|
2017.04.11
|
|
TD0190
|
FPT_FLS.1(2)/SelfTest Failure with Preservation of Secure State and Modular Network Devices
|
PP_NDCPP_MACSEC_EP_V1.2
|
FPT_FLS.1(2)/SelfTest
|
2017.04.11
|
|
TD0176
|
FDP_DSK_EXT.1.2 - SED Testing
|
PP_HCD_V1.0
|
FDP_DSK_EXT.1.2
|
2017.04.11
|
|
TD0174
|
Optional Ciphersuites for TLS
|
PP_APP_v1.2, PP_MD_v3.0, PP_NDCPP_APP_AUTHSVR_EP_V1.0
|
FCS_TLSC_EXT.1.1, FCS_EAP-TLS_EXT.1.1,
|
2017.04.10
|
|
TD0171
|
Testing for RADIUS EAP responses and EAP-TLS protocols
|
PP_NDCPP_APP_AUTHSVR_EP_V1.0
|
FCS_RADIUS_EXT.1, FCS_EAP-TLS_EXT.1
|
2017.04.06
|
|
TD0157
|
FCS_IPSEC_EXT.1.1 - Testing SPDs
|
PP_HCD_V1.0
|
FCS_IPSEC_EXT.1.1
|
2017.06.15
|
|
TD0139
|
Clarification of testing for FDP_RIP_EXT.2
|
PP_BASE_VIRTUALIZATION_V1.0
|
FDP_RIP_EXT.2
|
2017.01.19
|
|
TD0137
|
FIA_X509_EXT.2.1 - IPsec Optional Selection
|
EP_ESC_V1.0
|
FIA_X509_EXT.2.1;
|
2016.12.22
|
|
TD0135
|
SNMP in NDcPP MACsec EP v1.2
|
PP_NDCPP_MACSEC_EP_V1.2
|
FMT_SNMP_EXT.1.1, FCS_SNMP_EXT.1.1
|
2017.01.25
|
|
TD0127
|
FIA_SIPT_EXT.1.2 - TLS Client X.509 Certificate Authentication
|
EP_SBC_V1.1
|
FIA_SIPT_EXT.1.2
|
2016.12.21
|
|
TD0105
|
MACsec Key Agreement
|
PP_NDCPP_MACSEC_EP_V1.2
|
FCS_MKA_EXT.1.2, FCS_MKA_EXT.1.5, FCS_MKA.1.8,
|
2016.09.13
|
|
TD0079
|
RBG Cryptographic Transitions per NIST SP 800-131A Revision 1
|
PP_CA_v1.0, PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1, PP_MD_v2.0, PP_MDM_V2.0, PP_ND_VPN_GW_EP_v1.1, PP_OS_v4.0, PP_USB_FD_v1.0, PP_VOIP_V1.3, PP_VPN_IPSEC_CLIENT_V1.4, PP_WLAN_CLI_V1.0
|
PP_APP_v1.1
|
2018.06.15
|
|
TD0074
|
FCS_CKM.1(a) Requirement in HCD PP v1.0
|
PP_HCD_V1.0
|
|
2015.12.15
|
|
TD0071
|
Use of SHA-512 in ESM PPs
|
PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1
|
|
2015.12.03
|
|
TD0066
|
Clarification of FAU_STG_EXT.1 Requirement in ESM PPs
|
PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1
|
|
2015.10.08
|
|
TD0055
|
Move FTA_TAB.1 to Selection-Based Requirement
|
PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1
|
|
2015.07.30
|
|
TD0042
|
Removal of Low-level Crypto Failure Audit from PPs
|
PP_CA_v1.0, PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1, PP_SV_V1.0, PP_VOIP_V1.3, PP_VPN_IPSEC_CLIENT_V1.4, PP_WEBBROWSER_v1.0, PP_WLAN_CLI_V1.0
|
|
2018.06.15
|
