On 6/29/12 5:45 PM, Willy Santos wrote:
CCI-000185 requires, for PKI-based authentication, the validation of
certificates using a certification path to an accepted trust anchor. For
SSL/TLS the refenced rule addresses this requirement.
Signed-off-by: Willy Santos <[email protected]>
---
rhel6/src/input/system/network/ssl.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rhel6/src/input/system/network/ssl.xml
b/rhel6/src/input/system/network/ssl.xml
index f66914e..4a54343 100644
--- a/rhel6/src/input/system/network/ssl.xml
+++ b/rhel6/src/input/system/network/ssl.xml
@@ -115,7 +115,7 @@ To avoid this warning, and properly authenticate the
servers, your CA certificat
application on every client system that will be connecting to an SSL-enabled
server.</description>
<!--<ident cce="TODO" />-->
<!--TODO:MANUAL<oval id="network_ssl_enable_client_support" />-->
-<ref nist="AC-3, AC-17, CM-6, SC-12, SC-13" />
+<ref nist="AC-3, AC-17, CM-6, SC-12, SC-13" disa="185" />
</Rule>
<Rule id="network_ssl_add_ca_firefox">
Ack
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide
