Closed zsmi closed 9 years ago
when would an app 'temporarly' store credentials to non-volatile memory. Should we change the requirement to say
The application shall invoke the mechanisms provided by the platform for any storage of credentials to non-volatile memory.
Per vendor comment should we add to the app note that this only applies to permanent storage of secrets and not temporary storage?