MDF as a base, FE FCS requirements #42
Description
When using the MDF (I used the 3.2 draft here) as the base, I would expect that the FE product is actually part of the system, not a separate app, which means some of the FE requirements may not be needed in this configuration (but would if the App is the base).
For example:
- FCS_CKM_EXT.4 - this FE requirement is basically the MDF requirement (modified since the app may not have the same level of access the MDF system would). It would seem this requirement could be removed from being needed here
- FCS_IV_EXT.1 - this is a more limited version of the MDF requirement (since it more targeted) and would not be needed in the MDF scenario
- FCS_CKM_EXT.6 - This seems to actually be split among several MDF requirements (in addition to the FCS_CKM_EXT.6 of the MDF)
- FCS_COP.1/CONDITION
- FIA_PMG_EXT.1
- I think this requirement should actually lead to a specific FIA requirement for the FE when combined with the MDF (this could be FIA_AUT_EXT.1 or some other variation). This would point to what is used for the FE-specific auth and how it is handled. The underlying portions should be subject to the same dependent requirements, maybe with inline edits or iterations for FE as needed by the vendor.
- FCS_COP.1(5) - this is a more limited version of FCS_COP.1/ENCRYPT
- FCS_COP.1(7) - this would also seem to be handled by FCS_COP.1/ENCRYPT