BlackBerry 10 OS must have access to DoD root and intermediate PKI certificates when performing DoD PKI-related transactions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-47197 | BB10-2X-000280 | SV-60069r4_rule | Medium |
| Description |
|---|
| DoD root and intermediate PKI certificates are used to verify the authenticity of PKI certificates of users and web services. If the root and intermediate certificates are not available, an adversary could falsely sign a certificate in such a way that it could not be detected. Providing access to the DoD root and intermediate PKI certificates greatly diminishes the risk of this attack. |
| STIG | Date |
|---|---|
| BlackBerry 10.2.x OS Security Technical Implementation Guide | 2015-07-02 |
Details
| Check Text ( C-50023r3_chk ) |
|---|
| From the Work Space, navigate to "Settings >> Security and Privacy >> Certificates", and inspect "Enterprise Root Certificates" and "Enterprise Intermediate Certificates" stores. If DoD root and intermediate PKI certificates are not in the stores, this is a finding. |
| Fix Text (F-50901r3_fix) |
|---|
| On BlackBerry Device Service, ensure the required ".pem" files are present in this folder: |