NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0499:  Testing with pinned certificates

Publication Date

Protection Profiles

Other References

Issue Description

If pinned certificates are supported and present in the TOE, they adversely affect the ability to perform the CN/SAN checking in FCS_TLSC_EXT.1.2 Tests 1-6.


The sentence under Tests that precedes Test 1 is modified as follows, with underlines indicating additions:

The evaluator shall configure the reference identifier according to the AGD guidance and perform the following tests during a TLS connection.  If the TOE supports certificate pinning, all pinned certificates must be removed before performing Tests 1 through 6. A pinned certificate must be added prior to performing Test 7.


See issue description.

Site Map              Contact Us              Home