SC-17: Public Key Infrastructure Certificates

Control Family:

System And Communications Protection

Priority:

P1: Implement P1 security controls first.

Threats Addressed:

Spoofing
Repudiation

Baselines:

Low
N/A
Moderate
- SC-17
High
- SC-17

Next Version:

NIST Special Publication 800-53 Revision 5:
SC-17: Public Key Infrastructure Certificates

Control Statement

The organization issues public key certificates under an [Assignment: organization-defined certificate policy] or obtains public key certificates from an approved service provider.

Supplemental Guidance

For all certificates, organizations manage information system trust stores to ensure only approved trust anchors are in the trust stores. This control addresses both certificates with visibility external to organizational information systems and certificates related to the internal operations of systems, for example, application-specific time services.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 4

Cloud Controls Matrix v3.0.1