For FPT_MFW_EXT.2, the intent seems to be to allow MAC verification. Note the App Note says "The TOE guarantees the integrity of the firmware by verifying its integrity." and later "FCS_COP.1/SigVer applies if the TOE provides the capability to update the TOE firmware and uses digital signatures and MAC verification for update verification."
Obviously, FCS_COP.1/SigVer does not apply for MAC verification, so it should be clarified.
For FPT_MFW_EXT.3, the intent seems to be to only allow signature verification. Note the App Note says "The TOE guarantees the authenticity of the firmware by verifying its signature."
Then, the later reference to "MAC verification" in the App Note needs to be removed.
For FPT_MFW_EXT.2, the intent seems to be to allow MAC verification. Note the App Note says "The TOE guarantees the integrity of the firmware by verifying its integrity." and later "FCS_COP.1/SigVer applies if the TOE provides the capability to update the TOE firmware and uses digital signatures and MAC verification for update verification."
Obviously, FCS_COP.1/SigVer does not apply for MAC verification, so it should be clarified.
For FPT_MFW_EXT.3, the intent seems to be to only allow signature verification. Note the App Note says "The TOE guarantees the authenticity of the firmware by verifying its signature."
Then, the later reference to "MAC verification" in the App Note needs to be removed.