Verify the MEM client S/MIME feature is fully interoperable with the DoD PKI. CAC/PIV (and alternative hard token form factors such as SE MicroSD) and PKCS#12 (soft token) certificates must be supported. Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation.
Mark as a finding if the MEM server does not have required features.
Fix Text (F-36673r2_fix)
Use a MEM product that has an S/MIME feature that is fully interoperable with DoD PKI.