The container platform, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.

An XCCDF Rule

Details
Profiles

Description

The potential of allowing access to users who are no longer authorized (have revoked certificates) increases unless a local cache of revocation data is configured.

ID: SV-233201r981893_rule
Version: SRG-APP-000401-CTR-000965
Severity: Medium
References: CCI-004068
Updated: 7 days ago

Remediation Templates

Configure the container platform to implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.

The container platform, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.

Description

Remediation Templates

A Manual Procedure