Closed bourdett closed 9 years ago
OPS...i i should have kept reading...the very next one is FCS_CKM.1.1 which basically looks like it is from MDF PP.
Should we just delete FCS_CKM_EXT.1.1
Agreed - will remove FCS_CKM_EXT.1.1 as FCS_CKM.1.1 seems to be more specific and useful
(below is from MDF PP). We may want to modify, but i'm assuming we need to be a little more specific that just "The OS shall implement asymmetric key generation"
The OS shall generate asymmetric cryptographic keys in accordance with a specified cryptographic key generation algorithm [selection: ● [RSA schemes] using cryptographic key sizes of [2048-bit or greater] that meet the following: [selection: ○ FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.3; ○ ANSI X9.31-1998, Section 4.1]; ● [ECC schemes] using [“NIST curves” P-256, P-384 and [selection: P-521, no other curves]] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.4]; ● [FFC schemes] using cryptographic key sizes of [2048-bit or greater] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.1] Protection Profile for Mobile Device Fundamentals Page 23 of 175 ].