Skip to content
Catalogs
XCCDF
Cloud Computing Mission Owner Network Security Requirements Guide
SRG-NET-000580
The Mission Owner of the Infrastructure as a Service (IaaS)/Platform as a Service (PaaS) must use valid DOD Online Certificate Status Protocol (OCSP) responders.
The Mission Owner of the Infrastructure as a Service (IaaS)/Platform as a Service (PaaS) must use valid DOD Online Certificate Status Protocol (OCSP) responders. An XCCDF Rule
The Mission Owner of the Infrastructure as a Service (IaaS)/Platform as a Service (PaaS) must use valid DOD Online Certificate Status Protocol (OCSP) responders.
Medium Severity
<VulnDiscussion>To provide assurances that certificates are validated by the correct responders, the Mission Owner must ensure they are using a valid DOD OCSP responder for remote system DOD Common Access Card (CAC) two-factor authentication of DOD privileged users to systems instantiated within the cloud service environment.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>