Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FIA_XCM_EXT.2.1 Uses #22

Open
kenji-lightship opened this issue May 17, 2024 · 1 comment
Open

FIA_XCM_EXT.2.1 Uses #22

kenji-lightship opened this issue May 17, 2024 · 1 comment

Comments

@kenji-lightship
Copy link

FIA_XCM_EXT.2.1 allows for the selection of "administrator authentication" and "user authentication."

Since FIA_XCM_EXT.2.1 is for the TOE obtaining corticates for its own use, it is not clear how the certificates would be used for administrator or user authentication. Is this an additional variant of the embedded CA use case. The TOE might issue certificates that enable external entities (e.g., administrators) to authenticate to the TOE)?
@jfisherbah
Copy link
Contributor

The use case for this would be to acquire person-entity certificates for outbound communications (e.g. SSH). The app note clarifies that use of an embedded CA to obtain these is discouraged (as opposed to external CA issuance) but no change made to explicitly prohibit this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jfisherbah @kenji-lightship