Version: 1, Published: 2025-11-02
Impacted Documents
-
CPP_HCD_V1.0e_supporting_doc
References
-
FCS_IPSC_EXT.1.10
Issue Description
The Tests section (5.2.1.3.9. FCS_IPSEC_EXT.1.10) includes TSS assurance activities that are misplaced because these activities should be—and are already—located in the TSS section (5.2.1.1.9. FCS_IPSEC_EXT.1.10).
Resolution
Remove the TSS assurance activities from the Tests section (5.2.1.3.9. FCS_IPSEC_EXT.1.10).
CPP_HCD_V1.0e_supporting_doc
The SD is updated as follows (yellow highlights for additions, strikethrough for deletions) per section that is being updated:
5.2.1.3.9. FCS_IPSEC_EXT.1.10
Each of the following tests shall be performed for each version of IKE selected in the FCS_IPSEC_EXT.1.5 protocol selection:
-
Test 1: If the first selection is chosen, the evaluator shall check to ensure that, for each DH group supported, the TSS describes the process for generating each nonce. The evaluator shall verify that the TSS indicates that the random number generated that meets the requirements in this cPP is used, and that the length of the nonces meet the stipulations in the requirement. -
Test 2: If the second selection is chosen, the evaluator shall check to ensure that, for each PRF hash supported, the TSS describes the process for generating each nonce. The evaluator shall verify that the TSS indicates that the random number generated that meets the requirements in this cPP is used, and that the length of the nonces meet the stipulations in the requirement.
None.