UCF STIG Viewer Logo

The MEM client must provide a mechanism to provide certificate validation through a trusted OCSP, CRL, or SCVP.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32800 WIR-WMS-MEM-19 SV-43146r1_rule IAKM-1 Medium
Description
Certificate validation is a key requirement of a robust PKI; therefore, the mobile email server must support all DoD accepted processes for distributing certificate status information.
STIG Date
Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG) 2013-05-08

Details

Check Text ( C-41133r3_chk )
Verify the MEM client provides a mechanism to provide certificate validation through a trusted OCSP, CRL, or SCVP. Trusted in this context means signed with a DoD PKI certificate. Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation.

Mark as a finding if the MEM server does not have required features.
Fix Text (F-36681r3_fix)
Use a MEM product that provides a mechanism to provide certificate validation through a trusted OCSP, CRL, or SCVP.