FIA_SOS.1 Verification of secrets
User application notes
Secrets can be generated by the user. This component ensures that those user generated secrets can be verified to meet a certain quality metric.
Operations
Assignment:
In FIA_SOS.1.1, the PP/ST author should provide a defined quality metric. The quality metric specification can be as simple as a description of the quality checks to be performed, or as formal as a reference to a government published standard that defines the quality metrics that secrets must meet. Examples of quality metrics could include a description of the alphanumeric structure of acceptable secrets and/or the space size that acceptable secrets must meet.