NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0729:  Self-contradictory test requirement

Publication Date

Protection Profiles

Other References

Issue Description

FCS_TLSS_EXT.6 Test 34 in PKG_TLS_V2.0 is self-contradictory because it asks for a known reaction to be observed for data it is supposed to ignore.  The intent of the test was to determine data that would result in an observable response and then attempt to send it as early data.


FCS_TLSS_EXT.6 Test 34 in PKG_TLS_V2.0 is replaced as follows, with strikethroughs denoting deletions and bold lettering denoting additions:

The evaluator shall establish a valid TLS 1.3 session with the TOE and send the data as application data after the finished messages have been verified, and observe the response. The evaluator shall then configure the TOE to clear the response and initiate a resumed session (as for FCS_TLSS_EXT.5 Test 31) with a test TLS 1.3 client attempting to provide the same data in early data that provokes a known reaction at the TOE if received. The evaluator shall observe that the TSF does not react to the early data as it did when presented as application data after the finished messages, indicating that the data was ignored.


See issue description.

Site Map              Contact Us              Home