The newest version of the Common Criteria Network Device Collaborative Protection Profile (NDcPP) and Supporting Documents (SD) has been released. Key changes in version 2.0 include:
- Support for distributed TOEs
- Updated X509 certificate authentication requirements
- Improved FCS_CKM requirements
- Integration of Network iTC Interpretation Team Technical Decisions through April 30 (changes made in v1.0 have been migrated to this version)
- Start of revisions to TLS testing
- Updated requirements to handle Diffie-Hellman Group 14 and removed Diffie-Hellman Group 5
The support for a distributed TOE is the most significant and widely anticipated change to the new release. There were additional “minor” improvements made to both the cPP and its supporting document. There were over 200 public review comments addressed for the cPP and over 100 comments addressed in the SD.
Even though this release addresses many issues, the iTC is already busy working on a minor version (v2.1) and the next major version (v3.0). The minor version is focused on the following:
- Network Time Protocol requirements
- Audit requirements
- TLS testing procedurs
The next major version, v3.0, will be focused on virtualization and software only TOEs.
Stay up to date on these and other updates to security certifications and the requirements of each – Subscribe