CCI-000185 requires, for PKI-based authentication, the validation of certificates using a certification path to an accepted trust anchor. For SSL/TLS the refenced rule addresses this requirement.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/network/ssl.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/network/ssl.xml b/rhel6/src/input/system/network/ssl.xml index f66914e..4a54343 100644 --- a/rhel6/src/input/system/network/ssl.xml +++ b/rhel6/src/input/system/network/ssl.xml @@ -115,7 +115,7 @@ To avoid this warning, and properly authenticate the servers, your CA certificat application on every client system that will be connecting to an SSL-enabled server.</description> <!--<ident cce="TODO" />--> <!--TODO:MANUAL<oval id="network_ssl_enable_client_support" />--> -<ref nist="AC-3, AC-17, CM-6, SC-12, SC-13" /> +<ref nist="AC-3, AC-17, CM-6, SC-12, SC-13" disa="185" /> </Rule> <Rule id="network_ssl_add_ca_firefox"> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
