For FIA_X509_EXT.1 Test 4, the test to validate an 'expired certificate' implies that the validity period of the cert is in the past. Should there also be a test for when it's in the future, i.e. attempt to use a certificate that hasn't become valid yet? It seems preferable to test the failure conditions on both ends of the validity period if feasible.
For FIA_X509_EXT.1 Test 4, the test to validate an 'expired certificate' implies that the validity period of the cert is in the past. Should there also be a test for when it's in the future, i.e. attempt to use a certificate that hasn't become valid yet? It seems preferable to test the failure conditions on both ends of the validity period if feasible.