We currently have FAU_GEN.1 as a Base-PP Modified SFR, as this was how auditable events were handled when this Module was first drafted. More recent Modules have chosen to iterate FAU_GEN.1 for the auditable events exclusive to that Module. Should we do the same thing here? i.e. we would iterate FAU_GEN.1/Authsvr and then put it in the mandatory SFRs (section 5.1.3).
If we did this we would also remove FAU_GEN.1 from section 5.2.2 and have the auth server specific audit requirements apply to both the ND and App PP TOE cases.
We currently have FAU_GEN.1 as a Base-PP Modified SFR, as this was how auditable events were handled when this Module was first drafted. More recent Modules have chosen to iterate FAU_GEN.1 for the auditable events exclusive to that Module. Should we do the same thing here? i.e. we would iterate FAU_GEN.1/Authsvr and then put it in the mandatory SFRs (section 5.1.3).
If we did this we would also remove FAU_GEN.1 from section 5.2.2 and have the auth server specific audit requirements apply to both the ND and App PP TOE cases.