>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SC-23(5)Session Authenticity

Technical

>Control Description

SESSION AUTHENTICITY | ALLOWED CERTIFICATE AUTHORITIES The information system only allows the use of organization-defined certificate authorities for verification of the establishment of protected sessions.

>Supplemental Guidance

Reliance on certificate authorities (CAs) for the establishment of secure sessions includes, for example, the use of Secure Socket Layer (SSL) and/or Transport Layer Security (TLS) certificates. These certificates, after verification by the respective certificate authorities, facilitate the establishment of protected sessions between web clients and web servers. Related control: SC-13.

Ask AI

Configure your API key to use AI features.