The network element must validate certificates used for PKI-based authentication by constructing a certification path with status information to an accepted trust anchor.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-27344	SRG-NET-000164	SV-34649r1_rule		Medium

Description
A trust anchor is an authoritative entity represented via a public key. Within a chain of trust, the top entity to be trusted is the "root certificate" or "trust anchors" such as a Certification Authority (CA). A certification path starts with the Subject certificate and proceeds through a number of intermediate certificates up to a trusted root certificate, typically issued by a trusted CA. Path validation is necessary for a relying party to make an informed trust decision when presented with any certificate not already explicitly trusted.

Description

A trust anchor is an authoritative entity represented via a public key. Within a chain of trust, the top entity to be trusted is the "root certificate" or "trust anchors" such as a Certification Authority (CA). A certification path starts with the Subject certificate and proceeds through a number of intermediate certificates up to a trusted root certificate, typically issued by a trusted CA. Path validation is necessary for a relying party to make an informed trust decision when presented with any certificate not already explicitly trusted.

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None