clarity for FCS_STO_EXT.1.1 selections and assurance activities

commoncriteria / application

Protection Profile for Application Software

The Unlicense

9 stars 3 forks source link

clarity for FCS_STO_EXT.1.1 selections and assurance activities #145

Closed jeffblank closed 8 years ago

jeffblank commented 8 years ago

The third selection in FCS_STO_EXT.1.1 allows for application-implemented functionality for storing credentials. Yet this is only acceptable on those non-mobile platforms which do not provide hardware protections for storage.

An Application Note should be added to clarify this.

jeffblank commented 8 years ago

Added Application Note -- the AAs restrict which selections can be made, on a per-platform basis.