The MEM client must support SHA2 or later signing operations.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32803 | WIR-WMS-MEM-22 | SV-43149r1_rule | IAKM-1 | Medium |
| Description |
|---|
| SHA2 or later signing is required because earlier signing algorithms have been compromised and do not provide the required level of trust. |
| STIG | Date |
|---|---|
| Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG) | 2013-05-08 |
Details
| Check Text ( C-41136r2_chk ) |
|---|
| Verify the MEM client that supports SHA2 or later signing operations. Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation. Mark as a finding if the MEM server does not have required features. |
| Fix Text (F-36684r1_fix) |
|---|
| Use a MEM product that supports SHA2 or later signing operations. |