The MEM client must provide a mechanism to provide certificate validation through a trusted OCSP, CRL, or SCVP.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32800 | WIR-WMS-MEM-25 | SV-43146r1_rule | IAKM-1 | Medium |
| Description |
|---|
| Certificate validation is a key requirement of a robust PKI, therefore the mobile email server must support all DoD accepted processes for distributing certificate status information. |
| STIG | Date |
|---|---|
| Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG) | 2012-07-20 |
Details
| Check Text ( C-41133r2_chk ) |
|---|
| Verify the MEM client provides a mechanism to provide certificate validation through a trusted OCSP, CRL, or SCVP. Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation. Mark as a finding if the MEM server does not have required features. |
| Fix Text (F-36681r3_fix) |
|---|
| Use a MEM product that provides a mechanism to provide certificate validation through a trusted OCSP, CRL, or SCVP. |