-
Notifications
You must be signed in to change notification settings - Fork 2
Conformance Claims for Functional Packages
Bob Clemons edited this page Jan 23, 2024
·
3 revisions
23 January 2024
The Common Criteria does not require that Packages include a Conformance Claims section, but NIAP FPs have them.
The most recently published FP is TLS FP 2.0. It includes a very basic Conformance Claims section that is generated completely from boilerplate.
<sec:Conformance_Claims/>
If the boilerplate text were spelled out in XML, it would look something like this:
<cclaims>
<cclaim name="Conformance Statement">
<description>
An [ST] must claim exact conformance to this Functional Package, as defined in
the [CC]and [CEM] addenda for Exact Conformance, Selection-based [SFRs], and Optional
[SFRs] (dated May 2017).
</description>
</cclaim>
<cclaim name="CC Conformance Claims">
<description>
This Functional Package is conformant to Parts 2 (extended) and 3 (conformant) of
Common Criteria Version 3.1, Revision 5.
</description>
</cclaim>
<cclaim name="PP Claim">
<description>
This Functional Package does not claim conformance to any Protection Profile.
</description>
</cclaim>
<cclaim name="Package Claim">
<description>
This Functional Package does not claim conformance to any packages.
</description>
</cclaim>
</cclaims>
Naturally, this language needs to be updated for CC:2022.
Also note that the CC Conformance Claims section talks about Part 3 although a Functional Package cannot include SARs. This probably does not need to be there. Additionally, a Functional Package should need neither a Package Claim nor PP Claim. But whatever.