On 7/3/12 6:52 PM, Willy Santos wrote:
CCI-001132 requires maintaining integrity of information during
aggregation, packaging and transformation in preparation for transmission. This can be
accomplished via SSL/TLS.
Signed-off-by: Willy Santos <wsantos(a)redhat.com>
---
rhel6/src/input/system/network/ssl.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rhel6/src/input/system/network/ssl.xml
b/rhel6/src/input/system/network/ssl.xml
index 9f59483..50f5b0b 100644
--- a/rhel6/src/input/system/network/ssl.xml
+++ b/rhel6/src/input/system/network/ssl.xml
@@ -34,7 +34,7 @@ can be appropriate. The major steps in this process are:
<li>Enable client support by distributing the CA’s certificate</li>
</ol>
</description>
-<ref disa="1141,1148,1130,1131,1127,1128,1135,1129" />
+<ref disa="1141,1148,1130,1131,1127,1128,1135,1129,1132" />
<Rule id="network_ssl_create_ca">
<title>Create a CA to Sign Certificates</title>
SRG-OS-000162
CCI-001132 The operating system must maintain the
confidentiality of information during aggregation, packaging, and
transformation in preparation for transmission. Confidentiality of the
data must be maintained to ensure unauthorized users or processes do not
have access to it. This can be accomplished via access control
mechanisms _*or encryption.*_
Given that encryption is an accepted method for this, Ack.