UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The operating system must produce, control, and distribute asymmetric cryptographic keys using approved PKI Class 3 or Class 4 certificates and hardware security tokens that protect the users private key.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33151 SRG-OS-000168-NA SV-43549r1_rule Medium
Description
Cryptographic key management and establishment can be performed using manual procedures or automated mechanisms with supporting manual procedures. Rationale for non-applicability: This control is primarily intended for systems that act as a certificate authority or server. Mobile operating systems are not intended for this role. Aspects of certificate control that are handled by a mobile device are addressed by other controls in the MOS SRG.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41411r1_chk )
This requirement is NA for the Mobile OS SRG.
Fix Text (F-37051r1_fix)
The requirement is NA. No fix is required.