we should probably add an app note to clear up what we mean
Note: The default configuration of the application should not allow the transmission of credentials in clear plain text form over a network. Hashing or encryption of credentials is one method to secure credentials when transmitted.
If an app XOR the credentials and sent them it would currently pass FMT_CFG_EXT.1.2 as worded
we should probably add an app note to clear up what we mean
Note: The default configuration of the application should not allow the transmission of credentials in clear plain text form over a network. Hashing or encryption of credentials is one method to secure credentials when transmitted.
If an app XOR the credentials and sent them it would currently pass FMT_CFG_EXT.1.2 as worded