[2600] Implementation for SFR "FCS_CKM.4"

[UEDA Shigeru <ueda.shigeru@xxxxxxxxxxx>]

Hello

I have a question.

At the February meeting, my proposal to remove FCS_CKM.4 from P2600 PP
was rejected because of an explicit dependency of FCS_COP.1 with a
suggestion to create an AppNote that talks about situations where  some
products may not have an explicit or active key destruction function.

I have no intension to discuss this matter again.
So I have to implement something to satisfy this SFR.

And can I get your opinion about my question below?

Because in P86 of CC 3.1 Part1 it is described that

"SFRs (of demonstrable conformance): The conformance rationale in the ST
shall demonstrate that the SFRs  in the ST are equivalent (or more
restrictive) than the SFRs in the PP."

On the other hand, 
as I mentioned in my comment at that time, encryption keys are stored in
the RAM area in some implementations,so it is automatically disappear
when it is powered off.

Is that implementation cover SFR FCS_CKM.4? 

Or do I need to implement some other implementation which actively
delete encryption keys?

Can I have your opinion?

Best Regards.

Shigeru Ueda of Canon.