Re: [PATCH 06/21] Mapped CCI-001143 to requirement_unclear.
On 7/3/12 6:52 PM, Willy Santos wrote:
CCI-001143 requires the OS to produce, control, and distribute
asymmetric cryptographic keys using approved PKI Class 3 or Class 4 certificates and
hardware security tokens that protect the user's private key. This mapping is a
request for input/discussion.
Signed-off-by: Willy Santos <wsantos(a)redhat.com>
---
rhel6/src/input/auxiliary/srg_support.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rhel6/src/input/auxiliary/srg_support.xml
b/rhel6/src/input/auxiliary/srg_support.xml
index 2c8888a..0046920 100644
--- a/rhel6/src/input/auxiliary/srg_support.xml
+++ b/rhel6/src/input/auxiliary/srg_support.xml
@@ -38,7 +38,7 @@ The requirement is impractical or out of scope.
<description>
It is unclear how to satisfy this requirement.
</description>
-<ref disa="20,31,218,219,224,1097,1159,1125,1126,1140" />
+<ref disa="20,31,218,219,224,1097,1159,1125,1126,1140,1143" />
</Group> <!-- end requirement_unclear -->
<Group id="new_rule_needed">
SRG-OS-000168 CCI-001143 The operating system must produce, control,
and distribute asymmetric cryptographic keys using approved PKI Class 3
or Class 4 certificates and hardware security tokens that protect the
user’s private key. Cryptographic key management and establishment can
be performed using manual procedures or automated mechanisms with
supporting manual procedures. In addition to being required for the
effective operation of a cryptographic mechanism, effective
cryptographic key management provides protections to maintain the
availability of the information in the event of the loss of
cryptographic keys by users.
Same as CCI-001140
Attachments:
- attachment.html (text/html — 3.1 KB)