Provide the location of the issue
SFRs sections (mandatory/optional/selection-based)
What is the correction request for the cPP? Please describe.
APE_REQ.2-7 requires correct formatting of selections. The following updates are needed:
o As a general note, the only selection convention is when it is “wholly or partially completed in the PP.” There is not actually a convention that is defined for an uncompleted selection (e.g. FCS_CKM.2.1). It is recommended to update this convention either to make it so that underlines are used for ALL selections (to remove ambiguity) or simply to follow NIAP’s current formatting of using italics for both selections and assignments.
o As another general note, there is no convention for when an assignment gets ‘replaced’ with a selection, as is done in FCS_CKM.1 and FCS_CKM.2. This is an allowable operation in the CC because the SFR is being made more restrictive. Technically it is a refinement but it is not typically formatted as such because bolding the entire selection can be confusing to the reader. However, it is recommended that something be discussed for this in the conventions section so that an evaluator can see the PP is still a faithful adaptation of CC Part 2 for these SFRs.
o As another general note, there is inconsistency between whether a new selection inside of another operation should have its opening bracket and prompt italicized. For example, in FCS_DTLSS_EXT.1.4 the second selection (“[selection: 2048 bits, 3072 bits, 4096 bits])” is fully italicized including the prompt, but in FCS_IPSEC_EXT.1.7 and 1.8, the “[selection:” part of the nested selections is not italicized.
o Based on the convention, FTP_ITC.1.2 is a partially completed selection because it removed “another trusted IT product” from the list of allowed choices, but that is formatted with a strikethrough (refinement) rather than simply omitting the unallowed selection item and underlining it which is how the third bullet of section 6.1 implies it should be done. The same logic is true for FTP_TRP.1.2/Join.
o The outermost selection in FAU_STG_EXT.1.2 has no closing bracket.
o “software-based noise source” and “platform-based noise source” in FCS_RBG_EXT.1.2 are unformatted despite being part of a selection (note this could be OBE if FCS_RBG_EXT.1 is converted to Part 2 SFRs anyway)
o In FTA_TAB.1.1, “the TSF” is part of a selection now and should be formatted as such (note the more general comment however that this SFR is now very different from its Part 2 definition due to changes to CC Part 2 in CC:2022)
o FTP_ITC.1.2 - Based on the convention, the selection here is a partially completed selection because it ruled out an option, but that is formatted with a strikethrough (refinement) rather than simply omitting the unallowed selection item and underlining it per the convention.
o FTP_TRP.1.2/Join - Based on the convention, the selection here is a partially completed selection because it ruled out an option, but that is formatted with a strikethrough (refinement) rather than simply omitting the unallowed selection item and underlining it per the convention.
o FCS_IPSEC_EXT.1.7 – The “[selection:” prompts aside from the outermost one should be italicized as they are contained within a selection.
o FCS_IPSEC_EXT.1.7 – The semicolon after “hours” is unnecessary as there is already another semicolon after the selection it’s in closes off.
o FCS_IPSEC_EXT.1.8 – The “[selection:” prompts aside from the outermost one should be italicized as they are contained within a selection.
o FCS_IPSEC_EXT.1.8 – The semicolons after “hours” are unnecessary as there is already another semicolon after the first one closes off and there is no reason for the second one.
o FIA_X509_EXT.1.1/Rev (fourth bullet) - Based on the convention, the selection here is a partially completed selection because it ruled out an option, but that is formatted with a strikethrough (refinement) rather than simply omitting the unallowed selection item and underlining it per the convention.
Describe the solution you'd like
Solutions for individual findings listed alongside the findings above.
Describe alternatives you've considered
N/A
Additional context
NIAP requested review of PP/SD against CC:2022 and for us to provide guidance and recommendations on changes that will be needed for compatibility with the updated version of the CC.
Provide the location of the issue SFRs sections (mandatory/optional/selection-based)
What is the correction request for the cPP? Please describe. APE_REQ.2-7 requires correct formatting of selections. The following updates are needed: o As a general note, the only selection convention is when it is “wholly or partially completed in the PP.” There is not actually a convention that is defined for an uncompleted selection (e.g. FCS_CKM.2.1). It is recommended to update this convention either to make it so that underlines are used for ALL selections (to remove ambiguity) or simply to follow NIAP’s current formatting of using italics for both selections and assignments. o As another general note, there is no convention for when an assignment gets ‘replaced’ with a selection, as is done in FCS_CKM.1 and FCS_CKM.2. This is an allowable operation in the CC because the SFR is being made more restrictive. Technically it is a refinement but it is not typically formatted as such because bolding the entire selection can be confusing to the reader. However, it is recommended that something be discussed for this in the conventions section so that an evaluator can see the PP is still a faithful adaptation of CC Part 2 for these SFRs. o As another general note, there is inconsistency between whether a new selection inside of another operation should have its opening bracket and prompt italicized. For example, in FCS_DTLSS_EXT.1.4 the second selection (“[selection: 2048 bits, 3072 bits, 4096 bits])” is fully italicized including the prompt, but in FCS_IPSEC_EXT.1.7 and 1.8, the “[selection:” part of the nested selections is not italicized. o Based on the convention, FTP_ITC.1.2 is a partially completed selection because it removed “another trusted IT product” from the list of allowed choices, but that is formatted with a strikethrough (refinement) rather than simply omitting the unallowed selection item and underlining it which is how the third bullet of section 6.1 implies it should be done. The same logic is true for FTP_TRP.1.2/Join. o The outermost selection in FAU_STG_EXT.1.2 has no closing bracket. o “software-based noise source” and “platform-based noise source” in FCS_RBG_EXT.1.2 are unformatted despite being part of a selection (note this could be OBE if FCS_RBG_EXT.1 is converted to Part 2 SFRs anyway) o In FTA_TAB.1.1, “the TSF” is part of a selection now and should be formatted as such (note the more general comment however that this SFR is now very different from its Part 2 definition due to changes to CC Part 2 in CC:2022) o FTP_ITC.1.2 - Based on the convention, the selection here is a partially completed selection because it ruled out an option, but that is formatted with a strikethrough (refinement) rather than simply omitting the unallowed selection item and underlining it per the convention. o FTP_TRP.1.2/Join - Based on the convention, the selection here is a partially completed selection because it ruled out an option, but that is formatted with a strikethrough (refinement) rather than simply omitting the unallowed selection item and underlining it per the convention. o FCS_IPSEC_EXT.1.7 – The “[selection:” prompts aside from the outermost one should be italicized as they are contained within a selection. o FCS_IPSEC_EXT.1.7 – The semicolon after “hours” is unnecessary as there is already another semicolon after the selection it’s in closes off. o FCS_IPSEC_EXT.1.8 – The “[selection:” prompts aside from the outermost one should be italicized as they are contained within a selection. o FCS_IPSEC_EXT.1.8 – The semicolons after “hours” are unnecessary as there is already another semicolon after the first one closes off and there is no reason for the second one. o FIA_X509_EXT.1.1/Rev (fourth bullet) - Based on the convention, the selection here is a partially completed selection because it ruled out an option, but that is formatted with a strikethrough (refinement) rather than simply omitting the unallowed selection item and underlining it per the convention.
Describe the solution you'd like Solutions for individual findings listed alongside the findings above.
Describe alternatives you've considered N/A
Additional context NIAP requested review of PP/SD against CC:2022 and for us to provide guidance and recommendations on changes that will be needed for compatibility with the updated version of the CC.