UCF STIG Viewer Logo

The MEM client S/MIME must be fully interoperable with DoD PKI.


Finding ID Version Rule ID IA Controls Severity
V-32792 WIR-WMS-MEM-11 SV-43138r1_rule ECCT-1 Low
Without DoD PKI interoperability, the S/MIME feature would not work and could not meet DoD S/MIME requirements.
Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG) 2013-05-08


Check Text ( C-41125r3_chk )
Verify the MEM client S/MIME feature is fully interoperable with the DoD PKI. CAC/PIV (and alternative hard token form factors such as SE MicroSD) and PKCS#12 (soft token) certificates must be supported. Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation.

Mark as a finding if the MEM server does not have required features.
Fix Text (F-36673r2_fix)
Use a MEM product that has an S/MIME feature that is fully interoperable with DoD PKI.