UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile device operating system must have access to DoD root and intermediate PKI certificates when performing DoD PKI related transactions.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33781 SRG-OS-000167-MOS-000086 SV-44206r1_rule Medium
Description
DoD root and intermediate PKI certificates are used to verify the authenticity of PKI certificates of users and web services. If the root and intermediate certificates are not available, an adversary could falsely sign a certificate in such a way that it could not be detected. Providing access to the DoD root and intermediate PKI certificates greatly diminishes the risk of this attack.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41838r1_chk )
Review the mobile operating system configuration to determine if the root and intermediate certificates are present. In some cases, their presence may not be detected by user inspection, in which case the reviewer should review system documentation to determine whether they are present. If the certificate is accepted, the operating system is likely not performing the required check of root and intermediate certificates. If the DoD root and intermediate certificates are not present, this is a finding.
Fix Text (F-37681r1_fix)
Install DoD root and intermediate certificates on the device.