[cPP CHANGE] Use the "selection, choose one of:" construct

[robertmclemons]

What is the change request for the cPP? Please describe. Selections for which only one selection is valid should use the "selection, choose one of:" construct. This is an actual CC thing. This would support future automated validation of STs.

Describe the solution you'd like If a selection has only one valid choice, then this should be noted using the above language so that sometime in the future NIAP could accurately encode the requirement into XML. Note: This is not necessary for selections that contain only one choice and another one that is "no other thing." We can figure those out.

Describe alternatives you've considered If you are not sure whether something should have only one selection it is best to leave it alone and let the validator sort it out.

Additional context Someday we might translate this cPP into the NIAP XML schema to partially automate validation of security targets. It's better that the iTC make these decisions now than have NIAP try to guess later.

[bharveyTX]

We agree, and will add in a future release.

[awnissen]

Reviewed - save for later

Need to work with NIAP to identify how best to demark requirements like this.

Need to review cPP and modules in a systematic way.

[awnissen]

Wait until NIAP has SW_APP 1.5 (presumably with CC2022) published. Then take this up as part of syncing requirements and converting to CC2022.