Optional mandatory requirements [sic]

commoncriteria / operatingsystem

Protection Profile for Operating Systems

The Unlicense

9 stars 6 forks source link

Optional mandatory requirements [sic] #52

Closed kgal closed 9 years ago

kgal commented 9 years ago

fcs_tlsc_ext.1.1 has the following note:

      If <i>implement TLS 1.2 (RFC 5246)</i> is selected, then 
      <linkref linkend="FCS_CKM.2.1"/>,    <linkref linkend="FCS_COP.1.1(1)"/>, 
      <linkref linkend="FCS_COP.1.1(2)"/>, <linkref linkend="FCS_COP.1.1(3)"/>, and 
      <linkref linkend="FCS_COP.1.1(4)"/> are required.

which kinda implies that those requirements are selection-based, but they're not. What is this trying to say?

ajcousi commented 9 years ago

Rewrite to mandate that TLS 1.2 is supported?

Rewrite suggestion:

FCS_CKM.2.1, FCS_COP.1.1(1)...etc... are mandatory requirments to ensure TLS 1.2 operates in a conformant manner?

Or...

Ensure that all the tests listed aren't marked as optional?

jeffblank commented 9 years ago

This is a vestige of copy-paste from the App PP. After copy-pasting that document, it should have been scrubbed.

kgal commented 9 years ago

Scrubbed