CCI-000187 requires PKI-based authentication to map the authenticated identity to the user account. SSL/TLS can be used for this purpose.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/network/ssl.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/network/ssl.xml b/rhel6/src/input/system/network/ssl.xml index 5cc3ae8..2ba4c6e 100644 --- a/rhel6/src/input/system/network/ssl.xml +++ b/rhel6/src/input/system/network/ssl.xml @@ -34,7 +34,7 @@ can be appropriate. The major steps in this process are: <li>Enable client support by distributing the CA’s certificate</li> </ol> </description> -<ref disa="1141,1148,1130,1131,1127,1128,1135,1129,1132,1142,1147" /> +<ref disa="1141,1148,1130,1131,1127,1128,1135,1129,1132,1142,1147,187" /> <Rule id="network_ssl_create_ca"> <title>Create a CA to Sign Certificates</title> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
