The MEM client S/MIME must be fully interoperable with DoD PKI.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-32792	WIR-WMS-MEM-17	SV-43138r1_rule	ECCT-1	Low

Description
Without DoD PKI interoperability, the S/MIME feature would not work and could not meet DoD S/MIME requirements.

STIG	Date
Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG)	2012-07-20

Details

Check Text ( C-41125r3_chk )
Verify the MEM client S/MIME feature is fully interoperable with the DoD PKI. CAC/PIV (and alternative hard token form factors such as SE MicroSD) and PKCS#12 (soft token) certificates must be supported. Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation. Mark as a finding if the MEM server does not have required features.

Check Text ( C-41125r3_chk )

Verify the MEM client S/MIME feature is fully interoperable with the DoD PKI. CAC/PIV (and alternative hard token form factors such as SE MicroSD) and PKCS#12 (soft token) certificates must be supported. Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation.

Mark as a finding if the MEM server does not have required features.

Fix Text (F-36673r2_fix)
Use a MEM product that has an S/MIME feature that is fully interoperable with DoD PKI.