Section B.3.1.5, FCS_TLSC_EXT.1.8 (and others)

[kr15tyk]

FCS_TLSC_EXT.1.8 (and others) prohibits use of out-of-band provisioned pre-shared keys while FCS_IPSEC_EXT.1.13 still allows use of such pre-shared keys. Please explain why the low entropy concerns described in the application note are only applicable to one use case. 

Selectively prohibiting PSK but only with (D)TLS would favor vendors that traditionally implemented secure channels with IPSec over vendors that rely on (D)TLS. 

Recommend against selectively disallowing the use of PSK with (D)TLS as impact of such change on ability to claim TLS with various technology-specific modules (e.g., WLAN) should be further considered.

Suggested change: One possible solution is adapting FIA_PSK_EXT.1 Pre-Shared Key Composition from WLAN modules. See Section B.2 in:  https://www.niap-ccevs.org/MMO/PP/MOD_WLAN_AS_v1.0.pdf 

[kr15tyk]

TLSWG sees TLSv1.3 as a new feature and did not add legacy selections to the SFRs. This comment is on hold for future discussion.

[kr15tyk]

The ND iTC TLS working goup is working in conjunction with NIAP's TLS TC so that the next version of the NDcPP can point out to NIAP's FP's for TLS and X509.