This page was not yet optimized for use on mobile devices.

Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.

	Cisco cEdge Routers running IOS XE 17.12 with SD-WAN 20.12 654-LSS	Bundesdruckerei Document Application withtamper-evident casing Version 2.6.1; FirmwareVersion 1.6.24-604, TOE Casing Version 0 None
name	Cisco cEdge Routers running IOS XE 17.12 with SD-WAN 20.12	Bundesdruckerei Document Application withtamper-evident casing Version 2.6.1; FirmwareVersion 1.6.24-604, TOE Casing Version 0
category	Boundary Protection Devices and Systems	Other Devices and Systems
scheme	CA	DE
status	active	active
not_valid_after	18.12.2029	30.01.2030
not_valid_before	18.12.2024	30.01.2025
cert_link	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/654-LSS%20CT%20v1.0.pdf	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1247c_pdf.pdf
report_link	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/654-LSS%20CR%20v1.0.pdf	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1247a_pdf.pdf
st_link	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/654-LSS%20ST%20v1.2.pdf	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1247b_pdf.pdf
manufacturer	Cisco Systems, Inc.	Bundesdruckerei GmbH
manufacturer_web	https://www.cisco.com	https://www.bundesdruckerei.de
security_level	EAL2+, ALC_FLR.2	EAL3
dgst	beb60ed58a76b232	df606f5845937bda
heuristics/cert_id	654-LSS
heuristics/cert_lab	[]	[]
heuristics/cpe_matches	{}	{}
heuristics/verified_cpe_matches	{}	{}
heuristics/related_cves	{}	{}
heuristics/direct_transitive_cves	{}	{}
heuristics/indirect_transitive_cves	{}	{}
heuristics/extracted_sars	ASE_INT.1, AVA_VAN.2, ADV_FSP.2, ASE_ECD.1, ASE_TSS.1, ASE_SPD.1, ALC_DEL.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.2, ADV_TDS.1, ATE_FUN.1, ATE_COV.1, ADV_ARC.1, ASE_OBJ.2, ALC_FLR.2, ASE_REQ.2, ALC_CMC.2, ATE_IND.2, ASE_CCL.1	{}
heuristics/extracted_versions	17.12, 20.12	2.6.1, 1.6.24
heuristics/prev_certificates	{}	{}
heuristics/next_certificates	{}	{}
heuristics/report_references/directly_referenced_by	{}	{}
heuristics/report_references/directly_referencing	{}	{}
heuristics/report_references/indirectly_referenced_by	{}	{}
heuristics/report_references/indirectly_referencing	{}	{}
heuristics/scheme_data	certification_date: 18.12.2024 level: EAL 2+ (ALC_FLR.2) product: Cisco cEdge Routers running IOS XE 17.12 with SD-WAN 20.12 vendor: Cisco Systems, Inc.	category: Electronic ID documents cert_id: BSI-DSZ-CC-1247-2025 certification_date: 30.01.2025 enhanced: applicant: Bundesdruckerei GmbH Kommandantenstraße 18 10969 Berlin assurance_level: EAL3 cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1247c_pdf.pdf?__blob=publicationFile&v=2 certification_date: 30.01.2025 description: The Target of Evaluation (TOE) is the Bundesdruckerei Document Application with tamper-evident casing 2.6.1. The Document Application is running on a Document Management Terminal (DMT). It is used to read the German Passport (ePass), to read and update the electronic data of the German Identity Card (“Personalausweis (PA)”) and electronic Resident Permit Card (“elektronischer Aufenthaltstitel (eAT)”) as well as to verify the document’s authenticity and the integrity of its data. The TOE is operated by governmental organisations, e.g. municipal office, police, government or other state approved agencies. The TOE is specifically applied in registration offices to allow card holders to verify that their ePass, PA or eAT is working correctly. In case of PA and eAT it is further possible to update the address information of the card holder, the card holder’s PIN for eID applications, and the community ID (“Gemeindeschlüssel”). In addition, the eID application functionality of the PA or eAT can be activated or deactivated. Additionally, the TOE ensures secure communication to external control software and provides a tamper-evident enclosure. Necessary protocols for the communication of the TOE with the electronic identity documents like the ePass, PA or eAT are described in [ICAO_9303], [TR-03110-1], [TR-03110-2], and [TR-03110-3]. entries: [frozendict({'id': 'BSI', 'description': 'Maintenance Report'}), frozendict({'id': 'BSI-DSZ-CC-1247-2025', 'description': 'Certificate'})] evaluation_facility: TÜV Informationstechnik GmbH expiration_date: 29.01.2030 product: Bundesdruckerei Document Application with tamper-evident casing Version 2.6.1, Firmware Version 1.6.24-604, TOE Casing Version 0 protection_profile: Common Criteria Protection Profile for Document Management Terminal DMT-PP, BSI-CC-PP-0064-V2-2018, Version: 2.0, 2018-06-06, Federal Office for Information Security (BSI) report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1247a_pdf.pdf?__blob=publicationFile&v=2 target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1247b_pdf.pdf?__blob=publicationFile&v=2 product: Bundesdruckerei Document Application with tamper-evident casing Version 2.6.1, Firmware Version 1.6.24-604, TOE Casing … subcategory: Software url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Hoheitliche_Dokumente-Software/1247.html vendor: Bundesdruckerei GmbH
heuristics/st_references/directly_referenced_by	{}	{}
heuristics/st_references/directly_referencing	{}	{}
heuristics/st_references/indirectly_referenced_by	{}	{}
heuristics/st_references/indirectly_referencing	{}	{}
heuristics/protection_profiles	{}	{}
maintenance_updates
protection_profiles
protection_profile_links	{}	{}
pdf_data/cert_filename	654-LSS CT v1.0.pdf
pdf_data/cert_frontpage
pdf_data/cert_keywords/cc_cert_id	CA: 654-LSS: 1
pdf_data/cert_keywords/cc_protection_profile_id
pdf_data/cert_keywords/cc_security_level	EAL: EAL 2+: 1
pdf_data/cert_keywords/cc_sar	ALC: ALC_FLR.2: 1
pdf_data/cert_keywords/cc_sfr
pdf_data/cert_keywords/cc_claims
pdf_data/cert_keywords/vendor	Cisco: Cisco: 1 Cisco Systems, Inc: 1
pdf_data/cert_keywords/eval_facility	Lightship: Lightship Security: 1
pdf_data/cert_keywords/symmetric_crypto
pdf_data/cert_keywords/asymmetric_crypto
pdf_data/cert_keywords/pq_crypto
pdf_data/cert_keywords/hash_function
pdf_data/cert_keywords/crypto_scheme
pdf_data/cert_keywords/crypto_protocol
pdf_data/cert_keywords/randomness
pdf_data/cert_keywords/cipher_mode
pdf_data/cert_keywords/ecc_curve
pdf_data/cert_keywords/crypto_engine
pdf_data/cert_keywords/tls_cipher_suite
pdf_data/cert_keywords/crypto_library
pdf_data/cert_keywords/vulnerability
pdf_data/cert_keywords/side_channel_analysis
pdf_data/cert_keywords/technical_report_id
pdf_data/cert_keywords/device_model
pdf_data/cert_keywords/tee_name
pdf_data/cert_keywords/os_name
pdf_data/cert_keywords/cplc_data
pdf_data/cert_keywords/ic_data_group
pdf_data/cert_keywords/standard_id
pdf_data/cert_keywords/javacard_version
pdf_data/cert_keywords/javacard_api_const
pdf_data/cert_keywords/javacard_packages
pdf_data/cert_keywords/certification_process
pdf_data/cert_metadata	/Author: Clark, Cory P. /CreationDate: D:20241219134340-05'00' /Creator: Microsoft® Word for Microsoft 365 /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_ActionId: 03c3dcc6-6bfd-4194-a625-fb83b8d0389e /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_ContentBits: 1 /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Enabled: true /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Method: Privileged /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Name: UNCLASSIFIED /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_SetDate: 2023-05-16T11:46:20Z /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_SiteId: da9cbe40-ec1e-4997-afb3-17d87574571a /ModDate: D:20241219134340-05'00' /Producer: Microsoft® Word for Microsoft 365 pdf_file_size_bytes: 389504 pdf_hyperlinks: {} pdf_is_encrypted: False pdf_number_of_pages: 1
pdf_data/report_filename	654-LSS CR v1.0.pdf
pdf_data/report_frontpage	CA:	CA:
pdf_data/report_keywords/cc_cert_id
pdf_data/report_keywords/cc_protection_profile_id
pdf_data/report_keywords/cc_security_level	EAL: EAL 2+: 1
pdf_data/report_keywords/cc_sar	ALC: ALC_FLR.2: 1
pdf_data/report_keywords/cc_sfr
pdf_data/report_keywords/cc_claims
pdf_data/report_keywords/vendor	Cisco: Cisco: 11 Cisco Systems, Inc: 2
pdf_data/report_keywords/eval_facility	Lightship: Lightship Security: 1
pdf_data/report_keywords/symmetric_crypto	AES_competition: AES: AES: 4
pdf_data/report_keywords/asymmetric_crypto
pdf_data/report_keywords/pq_crypto
pdf_data/report_keywords/hash_function
pdf_data/report_keywords/crypto_scheme
pdf_data/report_keywords/crypto_protocol	IPsec: IPsec: 2
pdf_data/report_keywords/randomness
pdf_data/report_keywords/cipher_mode
pdf_data/report_keywords/ecc_curve
pdf_data/report_keywords/crypto_engine
pdf_data/report_keywords/tls_cipher_suite
pdf_data/report_keywords/crypto_library
pdf_data/report_keywords/vulnerability
pdf_data/report_keywords/side_channel_analysis
pdf_data/report_keywords/technical_report_id
pdf_data/report_keywords/device_model
pdf_data/report_keywords/tee_name
pdf_data/report_keywords/os_name
pdf_data/report_keywords/cplc_data
pdf_data/report_keywords/ic_data_group
pdf_data/report_keywords/standard_id	ISO: ISO/IEC 17025: 2
pdf_data/report_keywords/javacard_version
pdf_data/report_keywords/javacard_api_const
pdf_data/report_keywords/javacard_packages
pdf_data/report_keywords/certification_process
pdf_data/report_metadata	/Author: Clark, Cory P. /CreationDate: D:20241219134245-05'00' /Creator: Microsoft® Word for Microsoft 365 /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_ActionId: f4235719-a1a3-4fb4-8b18-a47ac84bac11 /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_ContentBits: 1 /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Enabled: true /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Method: Privileged /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Name: UNCLASSIFIED /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_SetDate: 2022-07-20T10:41:47Z /MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_SiteId: da9cbe40-ec1e-4997-afb3-17d87574571a /ModDate: D:20241219134245-05'00' /Producer: Microsoft® Word for Microsoft 365 pdf_file_size_bytes: 669293 pdf_hyperlinks: https://www.cisa.gov/known-exploited-vulnerabilities-catalog, mailto:[email protected], https://www.google.ca/, https://sec.cloudapps.cisco.com/security/center/publicationListing.x, https://cyber.gc.ca/en/alerts-advisories, https://web.nvd.nist.gov/view/vuln/search pdf_is_encrypted: False pdf_number_of_pages: 16
pdf_data/st_filename	654-LSS ST v1.2.pdf
pdf_data/st_frontpage
pdf_data/st_keywords/cc_cert_id
pdf_data/st_keywords/cc_protection_profile_id
pdf_data/st_keywords/cc_security_level	EAL: EAL2: 2 EAL2 augmented: 2
pdf_data/st_keywords/cc_sar	ADV: ADV_ARC.1: 2 ADV_FSP.2: 2 ADV_TDS.1: 2 AGD: AGD_OPE.1: 2 AGD_PRE.1: 2 ALC: ALC_CMC.2: 2 ALC_CMS.2: 2 ALC_DEL.1: 2 ALC_FLR.2: 4 ASE: ASE_CCL.1: 1 ASE_ECD.1: 1 ASE_INT.1: 1 ASE_OBJ.2: 1 ASE_REQ.2: 1 ASE_SPD.1: 1 ASE_TSS.1: 1 ATE: ATE_COV.1: 2 ATE_FUN.1: 2 ATE_IND.2: 2 AVA: AVA_VAN.2: 2
pdf_data/st_keywords/cc_sfr	FAU: FAU_GEN: 4 FAU_GEN.1: 11 FAU_GEN.1.1: 1 FAU_GEN.1.2: 1 FAU_GEN.2: 7 FAU_GEN.2.1: 1 FAU_STG.1: 9 FAU_STG.1.1: 1 FAU_STG.1.2: 1 FAU_STG.4: 5 FAU_STG.4.1: 1 FCS: FCS_CKM.1: 18 FCS_CKM.1.1: 1 FCS_CKM.2: 7 FCS_CKM.2.1: 1 FCS_CKM.4: 13 FCS_CKM.4.1: 1 FCS_COP.1: 15 FCS_RBG_EXT.1: 17 FCS_RBG_EXT.1.1: 2 FCS_RBG_EXT.1.2: 2 FDP: FDP_ACC.1: 1 FDP_IFC.1: 12 FDP_IFC.1.1: 1 FDP_IFF.1: 8 FDP_IFF.1.1: 1 FDP_IFF.1.2: 1 FDP_IFF.1.3: 1 FDP_IFF.1.4: 1 FDP_IFF.1.5: 1 FDP_ITC.1: 4 FDP_ITC.2: 4 FDP_ITT.1: 12 FDP_ITT.1.1: 1 FIA: FIA_AFL.1: 9 FIA_AFL.1.1: 1 FIA_AFL.1.2: 1 FIA_PMG_EXT: 3 FIA_PMG_EXT.1: 11 FIA_PMG_EXT.1.1: 2 FIA_UAU.1: 2 FIA_UAU.2: 9 FIA_UAU.2.1: 1 FIA_UAU.7: 6 FIA_UAU.7.1: 1 FIA_UID.1: 12 FIA_UID.1.1: 1 FIA_UID.1.2: 1 FMT: FMT_MOF.1: 13 FMT_MOF.1.1: 2 FMT_MSA.1: 8 FMT_MSA.1.1: 1 FMT_MSA.3: 9 FMT_MTD.1: 5 FMT_MTD.1.1: 1 FMT_SMF.1: 13 FMT_SMF.1.1: 1 FMT_SMR.1: 2 FMT_SMR.2: 12 FMT_SMR.2.1: 1 FMT_SMR.2.2: 1 FMT_SMR.2.3: 1 FPT: FPT_APW_EXT: 3 FPT_APW_EXT.1: 12 FPT_APW_EXT.1.1: 2 FPT_APW_EXT.1.2: 2 FPT_ITT: 1 FPT_ITT.1: 7 FPT_STM.1: 9 FPT_STM.1.1: 1 FPT_TST.1: 7 FPT_TST.1.1: 1 FPT_TST.1.2: 1 FPT_TST.1.3: 1 FTA: FTA_SSL.1: 10 FTA_SSL.1.1: 2 FTA_SSL.1.2: 2 FTA_SSL.3: 9 FTA_SSL.4: 7 FTA_SSL.4.1: 1 FTA_TAB.1: 9 FTP: FTP_TRP.1: 8 FTP_TRP.1.2: 1 FTP_TRP.1.3: 1
pdf_data/st_keywords/cc_claims	A: A.ADMIN: 3 A.CONNECTIONS: 3 A.LOCATE: 3 A.PHYSEC: 3 O: O.ACCESS: 1 O.ACCESS_CONTRO: 1 O.ACCESS_CONTROL: 15 O.ACCESS_CONTROLL: 3 O.ACCES_CONTROL: 1 O.ADMIN: 9 O.AUDIT: 1 O.AUDIT_GEN: 10 O.AUDIT_VIEW: 4 O.DATA: 11 O.IDAUTH: 12 O.MEDIATE: 7 O.PROTECTED_COM: 1 O.PROTECTED_COMMS: 3 O.SELFPRO: 12 O.SELPRO: 1 O.TIME: 7 O.TOE_ADMINISTRA: 1 O.TOE_ADMINISTRATION: 2 O.VPN: 11 OE: OE: 1 OE.ADMIN: 3 OE.CONNECTION: 2 OE.LOCATE: 3 OE.PHYSEC: 2 T: T.ACCOUNTABIL: 1 T.ACCOUNTABILITY: 2 T.ASPO: 1 T.ASPOOF: 2 T.MEDI: 1 T.MEDIAT: 2 T.NETWO: 1 T.NETWORK_COMPROMISE: 2 T.NOAU: 1 T.NOAUTH: 2 T.VP: 1 T.VPN: 2
pdf_data/st_keywords/vendor	Cisco: Cisco: 54 Cisco Systems, Inc: 6
pdf_data/st_keywords/eval_facility
pdf_data/st_keywords/symmetric_crypto	AES_competition: AES: AES: 14 AES-: 1 constructions: MAC: HMAC: 5 HMAC-SHA-256: 1
pdf_data/st_keywords/asymmetric_crypto
pdf_data/st_keywords/pq_crypto
pdf_data/st_keywords/hash_function	SHA: SHA2: SHA256: 1
pdf_data/st_keywords/crypto_scheme	KEX: Key Exchange: 3 MAC: MAC: 4
pdf_data/st_keywords/crypto_protocol	IKE: IKE: 1 IKEv1: 1 IKEv2: 1 IPsec: IPsec: 13 SSH: SSH: 12 SSHv2: 9 TLS: DTLS: DTLS: 11 DTLS v1.2: 1 TLS: TLS v1.2: 2 TLS v1.3: 2 VPN: VPN: 20
pdf_data/st_keywords/randomness	PRNG: DRBG: 6 RNG: RBG: 3
pdf_data/st_keywords/cipher_mode	GCM: GCM: 2
pdf_data/st_keywords/ecc_curve	NIST: secp256r1: 7
pdf_data/st_keywords/crypto_engine
pdf_data/st_keywords/tls_cipher_suite	TLS: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 3
pdf_data/st_keywords/crypto_library
pdf_data/st_keywords/vulnerability
pdf_data/st_keywords/side_channel_analysis	SCA: SPA: 5
pdf_data/st_keywords/technical_report_id
pdf_data/st_keywords/device_model
pdf_data/st_keywords/tee_name
pdf_data/st_keywords/os_name
pdf_data/st_keywords/cplc_data
pdf_data/st_keywords/ic_data_group
pdf_data/st_keywords/standard_id	CC: CCMB-2017-04-001: 1 CCMB-2017-04-002: 1 CCMB-2017-04-003: 1 CCMB-2017-04-004: 1 FIPS: FIPS 198: 1 ISO: ISO/IEC 18031:2011: 6 ISO/IEC 18033-3: 1 ISO/IEC 19772: 2 NIST: SP 800-90A: 2 RFC: RFC 6347: 2 RFC 791: 1 RFC 792: 1 RFC 793: 1
pdf_data/st_keywords/javacard_version
pdf_data/st_keywords/javacard_api_const
pdf_data/st_keywords/javacard_packages
pdf_data/st_keywords/certification_process	OutOfScope: Defense (UTD) security features such as IPS, Cisco URL Filtering, AMP, and TLS/SSL proxy. This is out of scope for the evaluation. These services will be disabled by configuration settings. Cisco cEdge Routers: 1 UTD) security features such as IPS, Cisco URL Filtering, AMP, and TLS/SSL proxy. This is out of scope for the evaluation: 1 out of scope: 1
pdf_data/st_metadata	/Author: conan /CreationDate: D:20241217081136-05'00' /ModDate: D:20241217081136-05'00' /Producer: Microsoft: Print To PDF /Title: Microsoft Word - Cisco_cEdge_IOS-XE_17.12_SDWAN_20.12_EAL2_ST_v1.2 (1).docx pdf_file_size_bytes: 1976947 pdf_hyperlinks: {} pdf_is_encrypted: False pdf_number_of_pages: 80
state/cert/convert_garbage	True	False
state/cert/convert_ok	True	False
state/cert/download_ok	True	False
state/cert/extract_ok	True	False
state/cert/pdf_hash	Different	Different
state/cert/txt_hash	Different	Different
state/report/convert_garbage	False	False
state/report/convert_ok	True	False
state/report/download_ok	True	False
state/report/extract_ok	True	False
state/report/pdf_hash	Different	Different
state/report/txt_hash	Different	Different
state/st/convert_garbage	False	False
state/st/convert_ok	True	False
state/st/download_ok	True	False
state/st/extract_ok	True	False
state/st/pdf_hash	Different	Different
state/st/txt_hash	Different	Different