WARNING! Gitlab maintenance operation scheduled for Thursday, 18 June between 19:00 and 20:00 (CET). During this time window, short service interruptions (less than 5 minutes) may occur. Thank you in advance for your understanding.
@@ -737,7 +737,7 @@ The VPN provider shall by default not establish routes between different client
The VPN client shall not route traffic through the endpoint from sources/destinations other than the endpoint without the user's explicit informed consent, and such routing shall not be necessary for the use of any unrelated function.
#### 5.2.11.2 MI-TRAF-1:
#### 5.2.11.2 MI-TRAF-1: No capability to route traffic from other sources
The VPN client shall not implement the capability for routing traffic from sources/destinations other than the endpoint through an endpoint.
@@ -748,7 +748,7 @@ The VPN client shall not implement the capability for routing traffic from sourc
* Verdict: No traffic originating from the VPN provider for sources/destinations other than the endpoint => PASS, otherwise FAIL
* Evidence: Packet capture with annotations of origin of packet
#### 5.2.11.3 MI-TRAF-2:
#### 5.2.11.3 MI-TRAF-2: Route traffic from other sources disabled by default
The VPN client shall disable by default the capability for routing traffic from sources/destinations other than the endpoint through an endpoint.
@@ -759,7 +759,7 @@ The VPN client shall disable by default the capability for routing traffic from
* Verdict: No traffic originating from the VPN provider for sources/destinations other than the endpoint => PASS, otherwise FAIL
* Evidence: Packet capture with annotations of origin of packet
#### 5.2.11.4 MI-TRAF-3:
#### 5.2.11.4 MI-TRAF-3: Notify user if routing traffic from other sources
The VPN client shall alert the user if traffic if the endpoint is allowing traffic from sources/destinations other than the endpoint to be routed through the endpoint.
@@ -770,7 +770,7 @@ The VPN client shall alert the user if traffic if the endpoint is allowing traff
* Verdict: User receives some alert or notification that clearly indicates forwarding is enabled => PASS, FAIL
* Evidence: Record of UI change
#### 5.2.11.5 MI-TRAF-4:
#### 5.2.11.5 MI-TRAF-4: No routing traffic from other sources if not necessary for services
The VPN client shall not require routing of traffic from sources/destinations other than the endpoint to use services that do not require such routing.
@@ -799,7 +799,7 @@ The VPN client shall not require routing of traffic from sources/destinations ot
The product shall not collect data unnecessary for the functions of the product.
#### 5.2.12.2 MI-NPII-1:
#### 5.2.12.2 MI-NPII-1: No PII collected without authorization
The VPN provider shall not collect PII without explicit authorization.
@@ -810,7 +810,7 @@ The VPN provider shall not collect PII without explicit authorization.
* Verdict: All PII collected has a record of authorization by the user => PASS, otherwise FAIL
* Evidence: Packet capture, documentation of PII, authorization, justification
#### 5.2.12.3 MI-NPII-2:
#### 5.2.12.3 MI-NPII-2: No PII sent outside endpoint
VPN provider shall not send PII outside of the endpoint at all.
@@ -821,7 +821,7 @@ VPN provider shall not send PII outside of the endpoint at all.
* Verdict: There is no PII collected => PASS, otherwise FAIL
* Evidence: Packet capture
#### 5.2.12.4 MI-NPII-3:
#### 5.2.12.4 MI-NPII-3: No PII required for use or payment
The VPN provider shall not require PII for use of the product, including for payment.
@@ -832,7 +832,7 @@ The VPN provider shall not require PII for use of the product, including for pay
* Verdict: If there is any PII in the data entered => PASS, otherwise => FAIL
* Evidence: The record of data entered with a short description of each part saying why it is not PII
#### 5.2.12.5 MI-NPII-4:
#### 5.2.12.5 MI-NPII-4: No PII stored on remote data processing systems
The VPN provider shall not store any PII of the user on remote data processing systems.
