From shawn at redhat.com Thu Aug 20 11:31:01 2015
Content-Type: multipart/mixed; boundary="===============1690382180456706630=="
MIME-Version: 1.0
From: Shawn Wells <shawn at redhat.com>
To: scap-security-guide at lists.fedorahosted.org
Subject: Re: [PATCH 01/17] Mapped CCI-001141 to network_ssl group
Date: Tue, 01 May 2012 20:42:31 -0400
Message-ID: <4FA082F7.8020007@redhat.com>
In-Reply-To: 1335914343-22781-2-git-send-email-wsantos@redhat.com

--===============1690382180456706630==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

On 5/1/12 7:18 PM, Willy Santos wrote:
> CCI-001141 requires the OS to produce, control, and distribute crypto key=
s using NSA-approved technology and processes. This met by using SSL which =
is implemented in RHEL with OpenSSL.
>
> Signed-off-by: Willy Santos<wsantos(a)redhat.com>
> ---
>   rhel6/src/input/system/network/ssl.xml |    1 +
>   1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/rhel6/src/input/system/network/ssl.xml b/rhel6/src/input/sys=
tem/network/ssl.xml
> index c439ed4..3a91efe 100644
> --- a/rhel6/src/input/system/network/ssl.xml
> +++ b/rhel6/src/input/system/network/ssl.xml
> @@ -34,6 +34,7 @@ can be appropriate. The major steps in this process are:
>   <li>Enable client support by distributing the CA=E2=80=99s certificate<=
/li>
>   </ol>
>   </description>
> +<ref disa=3D"1141" />
>
>   <Rule id=3D"network_ssl_create_ca">
>   <title>Create a CA to Sign Certificates</title>



Ack

--===============1690382180456706630==--