UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The container platform must use FIPS-validated SHA-2 or higher hash function for digital signature generation and verification (non-legacy use).


Overview

Finding ID Version Rule ID IA Controls Severity
V-233285 SRG-APP-000610-CTR-001385 SV-233285r601897_rule Medium
Description
Without the use of digital signature, information can be altered by unauthorized accounts accessing or modifying the container platform registry, keystore, and container at runtime. Digital signatures provide non-repudiation for transactions between the components within the container platform. Without the use of approved FIPS-validated SHA-2 or higher hash function with digital signatures, the container platform cannot claim the validity of the individual or service identity and guarantee private key is kept secret. Keeping the private keys secure is vital for validating individuals or service identity prior to information exchange. The container platform must be configured to use SHA-2 or higher hash functions for digital signatures in accordance with SP 800-131Ar2.
STIG Date
Container Platform Security Requirements Guide 2021-06-16

Details

Check Text ( C-36221r601857_chk )
Review the container platform configuration to validate that a FIPS-validated SHA-2 or higher hash function is being used for digital signature generation and verification.

If a FIPS-validated SHA-2 or higher hash function is not being used for digital signature generation and verification, this is a finding.
Fix Text (F-36189r601343_fix)
Configure the container platform to use a FIPS-validated SHA-2 or higher hash function for digital signature generation and verification.