NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0353:  Guidance for Certificate Profiles

Publication Date

Protection Profiles

Other References

Issue Description

Test 4 for FDP_CER_EXT.1.1 as written violates AGD guidance.


Test 4 for FDP_CER_EXT.1.1 is modified as follows:

Test 4: For each extendedKeyUsage value defined in section of RFC 5280, the evaluator shall attempt to configure a certificate profile with each inconsistent keyUsage for that extendedKeyUsage field. If the CA rejects the attempt to create such a profile, then the test succeeds. If the creation of such a profile is allowed within the constraints of the AGD, the evaluator shall submit a certificate request using the profile, and show that the TSF does not issue the certificate.


Test 4 should is rewritten to ensure AGD guidance is not violated

Site Map              Contact Us              Home