The operating system, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.

An XCCDF Rule

Details
Profiles

Description

Without configuring a local cache of revocation data, there is the potential to allow access to users who are no longer authorized (users with revoked certificates).

ID: SV-203734r982217_rule
Version: SRG-OS-000384-GPOS-00167
Severity: Medium
References: CCI-004068

SRG-OS-000384-GPOS-00167
Updated: 7 days ago

Remediation Templates

Configure the operating system, for PKI-based authentication, to implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.

The operating system, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.

Description

Remediation Templates

A Manual Procedure