UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The MEM client must provide the capability to save public certificates of contacts in an acceptable method.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32795 WIR-WMS-MEM-14 SV-43141r1_rule IAKM-1 Low
Description
This capability is required to support S/MIME encryption of email. Without S/MIME, end-to-end data encryption is not possible and sensitive DoD data could be compromised.
STIG Date
Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG) 2013-01-17

Details

Check Text ( C-41128r5_chk )
Verify the MEM client saves public certificates of contacts in the contact object by one of the following methods:
1. By saving public PKI certificates that were attached to a received email message to the contacts object.
2. By downloading the certificates via an external partner PKI lookup from the mobile device.
3. By sending a signed email to a contact that just sent a signed email.

Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation.

Mark as a finding if the MEM server does not have required features.
Fix Text (F-36676r3_fix)
Use a MEM product that saves public certificates of contacts in the contact object by one of the acceptable methods.