@@ -1046,7 +1046,7 @@ These requirements are about the collection and handling of "auditable events",
a) Date and time of the event, type of event, subject identity (if applicable), and the outcome (success or failure) of the event; and
- RATIONALE: The audit record timestamping and subject identification ensure that all auditable events are traceable and misuse of the PKI functions can be traced. It covers misuse of users and administrators fonction : T_SYS02, T_SYS04, T_SYS05, T_SYS07, T_SYS10, T_REG01, T_REG03, T.Logs_Tampering, T.Logs_Disclosure
- NOTE: The audit shall not include in plaintext any private or secret keys or other critical security parameters.
- NOTE: The audit shall not include in plaintext any secret keys or other critical security parameters.
