FIA_X509_EXT.1 Test 1 requires cert validation to fail because the certification path terminates with an "untrusted public key." Is this simply intended to mean that the root CA cert is not in the TOE's trust store? Or does this require some sort of man-in-the-middle attack with a disguised CA+leaf certificate?
FIA_X509_EXT.1 Test 1 requires cert validation to fail because the certification path terminates with an "untrusted public key." Is this simply intended to mean that the root CA cert is not in the TOE's trust store? Or does this require some sort of man-in-the-middle attack with a disguised CA+leaf certificate?