ajlaing
commented
3 years ago Agree: Iterations seems more efficient, if NIAP has no objection.
Closed jfisherbah closed 2 years ago
ajlaing
commented
3 years ago Agree: Iterations seems more efficient, if NIAP has no objection.
jfisherbah
commented
2 years ago Upcoming draft will have an auth server-specific iteration for this. Closing.
We currently have FAU_GEN.1 as a Base-PP Modified SFR, as this was how auditable events were handled when this Module was first drafted. More recent Modules have chosen to iterate FAU_GEN.1 for the auditable events exclusive to that Module. Should we do the same thing here? i.e. we would iterate FAU_GEN.1/Authsvr and then put it in the mandatory SFRs (section 5.1.3).
If we did this we would also remove FAU_GEN.1 from section 5.2.2 and have the auth server specific audit requirements apply to both the ND and App PP TOE cases.