>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IA-5(2)Authenticator Management

PBMM (P2)
Secret (P2)
Technical

>Control Description

AUTHENTICATOR MANAGEMENT | PKI-BASED AUTHENTICATION (a) The information system, for PKI-based authentication, validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information; (b) The information system, for PKI-based authentication, enforces authorized access to the corresponding private key; (c) The information system, for PKI-based authentication, maps the authenticated identity to the account of the individual or group; and (d) The information system, for PKI-based authentication, implements a local cache of revocation data to support path discovery and validation in case of inability to access revocation information via the network.

>Supplemental Guidance

Status information for certification paths includes, for example, certificate revocation lists or certificate status protocol responses. For PIV cards, validation of certifications involves the construction and verification of a certification path to the Common Policy Root trust anchor including certificate policy processing. Related control: IA-6.

>Tailoring Guidance

This security control/enhancement is considered to be best practice. Consequently, inclusion in a departmental profile is strongly encouraged in most cases.

Ask AI

Configure your API key to use AI features.