Crypto catalog app note review

[woodbe]

Some of the app notes from the catalog are more for the ":authors" and not for the document itself. We need to review the app notes in the cPP to verify if the ones in there for the FCS requirements are appropriate or not.

[woodbe]

OK, first question, which is about format, not which ones to remove.

The iTC-written app notes say things like "if XYZ is selected, then MNO must be claimed"

The catalog app notes instead say "if XYZ is selected, MNO SHALL be included"

I'm inclined to move to the catalog version in part because I have been working in ETSI a LOT lately and they have a prohibition on using "must" in their docs, so moving to shall is better.

I don't know though if we want to capitalize the SHALL though in the app note.

Thoughts?

[slpotte]

Are the app notes meant to be informative or normative? If informative, then lower case should be used.

[woodbe]

My understanding is that they are informative. The issue I have seen in the past is that something in the app note is some sort of requirement that isn't actually specified in the SFR itself, and as such was considered a "hidden" requirement. Anything in the app notes is supposed to help explain/understand what is being asked in the SFR, but is not a requirement itself, and as such cannot be normative (by my understanding).

So that would seem to be lower case then. I had really not thought about it from that perspective, it was more that I noticed it while reviewing the docs.

[slpotte]

As we built the catalog, we tried to catch hidden requirements in the app notes and remove them.

[woodbe]

In the app notes, change "shall be included" to "must be claimed"

[woodbe]

OK, on taking a last check on the "shall be included" point, I don't see this in the current doc. I think that this must have been one of the things I saw between them but didn't copy over, so it looks clear at this point.