DTOO267 - Outlook - Retrieving of CRL data must be set for online action.

Information

This policy setting controls how Outlook retrieves Certificate Revocation Lists to verify the validity of certificates. Certificate revocation lists (CRLs) are lists of digital certificates that have been revoked by their controlling certificate authorities (CAs), typically because the certificates were issued improperly or their associated private keys were compromised.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security -> Cryptography -> Signature Status dialog box 'Retrieving CRLs (Certificate Revocation Lists)' to 'Enabled (When online always retrieve the CRL)'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Outlook_2010_V1R13_STIG.zip

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(2)(a), CAT|II, CCI|CCI-000185, Rule-ID|SV-33880r1_rule, STIG-ID|DTOO267, Vuln-ID|V-17778

Plugin: Windows

Control ID: cc0156534b1fd402569c4dab4ad0501fe81abf18be4ac9387c9b5d99781bc94a