SC-23.5: Allowed Certificate Authorities

SC-23.5 · Allowed Certificate Authorities

Control Description

Only allow the use of {{ insert: param, sc-23.05_odp }} for verification of the establishment of protected sessions.

Impact Baselines

Security baselines where this control applies

Not in any baseline

Control Properties

SP800-53-enhancement

system

Enhancement

Control Statement

The control requirements

Only allow the use of {{ insert: param, sc-23.05_odp }} for verification of the establishment of protected sessions.

Supplemental Guidance

Reliance on certificate authorities for the establishment of secure sessions includes the use of Transport Layer Security (TLS) certificates. These certificates, after verification by their respective certificate authorities, facilitate the establishment of protected sessions between web clients and web servers.

Related NIST Controls

Other NIST 800-53 controls related to this one

SC-12

SC-13