The MEM client must provide a noticeable warning to the user if the CRL, SCVP, or OCSP server cannot be contacted or the revocation data provided cannot be verified.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32801 | WIR-WMS-MEM-20 | SV-43147r1_rule | IAKM-1 | Low |
| Description |
|---|
| Certificate validation is a key requirement of a robust PKI; therefore, the user must be notified if the status of a certificate on a signed email cannot be verified. |
| STIG | Date |
|---|---|
| Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG) | 2013-05-08 |
Details
| Check Text ( C-41134r3_chk ) |
|---|
| Verify the MEM client provides a noticeable warning to the user if the CRL, SCVP, or OCSP server cannot be contacted or the revocation data provided cannot be verified. Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation. Mark as a finding if the MEM server does not have required features. |
| Fix Text (F-36682r2_fix) |
|---|
| Use a MEM product that provides a noticeable warning to the user if the CRL, SCVP, or OCSP server cannot be contacted or the revocation data provided cannot be verified. |