UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Check e-mail addresses against addresses of certificates being used must be disallowed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-26702 DTOO320 SV-54066r1_rule Medium
Description
This policy setting controls whether Outlook verifies the user's email address with the address associated with the certificate used for signing.
STIG Date
Microsoft Outlook 2013 STIG 2017-03-17

Details

Check Text ( C-48006r1_chk )
Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Security -> Cryptography "Do not check e-mail address against address of certificates being used" is set to "Enabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\15.0\outlook\security

Criteria: If the value SupressNameChecks is REG_DWORD = 1, this is not a finding.
Fix Text (F-46946r1_fix)
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Security -> Cryptography "Do not check e-mail address against address of certificates being used" to "Enabled".