| AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys. | DISA STIG AIX 7.x v2r5 | Unix | |
| AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys. | DISA STIG AIX 7.x v2r8 | Unix | |
| AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys. | DISA STIG AIX 7.x v2r6 | Unix | |
| APPL-12-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - PIV credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions. | DISA STIG Apple macOS 12 V1R2 | Unix | |
| F5BI-AP-000231 - The F5 BIG-IP appliance must be configured to deny access when revocation data is unavailable using OCSP. | DISA F5 BIG-IP Access Policy Manager STIG v2r3 | F5 | IDENTIFICATION AND AUTHENTICATION |
| F5BI-LT-000203 - The BIG-IP Core implementation must be configured to deny-by-default all PKI-based authentication to virtual servers supporting path discovery and validation if unable to access revocation information via the network. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v1r3 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000203 - The BIG-IP Core implementation must be configured to deny-by-default all PKI-based authentication to virtual servers supporting path discovery and validation if unable to access revocation information via the network. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r2 | F5 | |
| JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl | DISA STIG Oracle JRE 8 Unix v1r2 | Unix | |
| JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl.locked | DISA STIG Oracle JRE 8 Unix v1r2 | Unix | |
| JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check | DISA STIG Oracle JRE 8 Unix v1r2 | Unix | |
| JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check.locked | DISA STIG Oracle JRE 8 Unix v1r2 | Unix | |
| JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JRE8-WN-000150 - JRE 8 must enable the dialog to check publisher certs for revocation - deployment.security.validation.crl.locked | DISA STIG Oracle JRE 8 Windows v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| JRE8-WN-000150 - JRE 8 must enable the dialog to enable users to check publisher certs for revocation - deployment.security.validation.crl | DISA STIG Oracle JRE 8 Windows v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| JRE8-WN-000160 - JRE 8 must lock the option to check publisher certs for revocation - eployment.security.revocation.check.locked | DISA STIG Oracle JRE 8 Windows v1r5 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-WN-000160 - JRE 8 must lock the option to enable users to check publisher certs for revocation - deployment.security.revocation.check | DISA STIG Oracle JRE 8 Windows v1r5 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor - which includes status information to an accepted trust anchor. | DISA Oracle Linux 8 STIG v1r7 | Unix | |
| OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor - which includes status information to an accepted trust anchor. | DISA Oracle Linux 8 STIG v1r4 | Unix | |
| OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor - which includes status information to an accepted trust anchor. | DISA Oracle Linux 8 STIG v1r8 | Unix | |
| OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor - which includes status information to an accepted trust anchor. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Oracle Linux 8 STIG v1r2 | Unix | |
| OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Oracle Linux 8 STIG v1r9 | Unix | |
| OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| RHEL-09-631010 - RHEL 9, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-631010 - RHEL 9, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| SLES-12-030530 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA SLES 12 STIG v2r11 | Unix | |
| SLES-12-030530 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA SLES 12 STIG v2r7 | Unix | |
| SLES-15-010170 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA SLES 15 STIG v1r12 | Unix | |
| SLES-15-010170 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA SLES 15 STIG v1r6 | Unix | |
| SLES-15-010170 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA SLES 15 STIG v1r9 | Unix | |
| SLES-15-010170 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA SLES 15 STIG v1r10 | Unix | |
| SLES-15-010170 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA SLES 15 STIG v1r11 | Unix | |
| SYMP-AG-000420 - Symantec ProxySG providing user authentication intermediary services using PKI-based user authentication must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network. | DISA Symantec ProxySG Benchmark ALG v1r1 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000420 - Symantec ProxySG providing user authentication intermediary services using PKI-based user authentication must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| UBTU-18-010425 - The Ubuntu operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA STIG Ubuntu 18.04 LTS v2r10 | Unix | |
| UBTU-18-010425 - The Ubuntu operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor. | DISA STIG Ubuntu 18.04 LTS v2r8 | Unix | |
| UBTU-20-010066 - The Ubuntu operating system for PKI-based authentication, must implement a local cache of revocation data in case of the inability to access revocation information via the network. | DISA STIG Ubuntu 20.04 LTS v1r9 | Unix | |
| UBTU-20-010066 - The Ubuntu operating system for PKI-based authentication, must implement a local cache of revocation data in case of the inability to access revocation information via the network. | DISA STIG Ubuntu 20.04 LTS v1r10 | Unix | |
| UBTU-20-010066 - The Ubuntu operating system for PKI-based authentication, must implement a local cache of revocation data in case of the inability to access revocation information via the network. | DISA STIG Ubuntu 20.04 LTS v1r4 | Unix | |
| UBTU-20-010066 - The Ubuntu operating system for PKI-based authentication, must implement a local cache of revocation data in case of the inability to access revocation information via the network. | DISA STIG Ubuntu 20.04 LTS v1r1 | Unix | |
| UBTU-20-010066 - The Ubuntu operating system for PKI-based authentication, must implement a local cache of revocation data in case of the inability to access revocation information via the network. | DISA STIG Ubuntu 20.04 LTS v1r5 | Unix | |
| UBTU-20-010066 - The Ubuntu operating system for PKI-based authentication, must implement a local cache of revocation data in case of the inability to access revocation information via the network. | DISA STIG Ubuntu 20.04 LTS v1r12 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-612035 - Ubuntu 22.04 LTS for PKI-based authentication, must implement a local cache of revocation data in case of the inability to access revocation information via the network. | DISA STIG Canonical Ubuntu 22.04 LTS v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WDNS-IA-000011 - The Windows 2012 DNS Server must implement a local cache of revocation data for PKIauthentication in the event revocation information via the network is not accessible. | DISA Microsoft Windows 2012 Server DNS STIG v1r14 | Windows | |
| WDNS-IA-000011 - The Windows 2012 DNS Server must implement a local cache of revocation data for PKIauthentication in the event revocation information via the network is not accessible. | DISA Microsoft Windows 2012 Server DNS STIG v2r4 | Windows | |
| WDNS-IA-000011 - The Windows 2012 DNS Server must implement a local cache of revocation data for PKIauthentication in the event revocation information via the network is not accessible. | DISA Microsoft Windows 2012 Server DNS STIG v2r5 | Windows | |
| WDNS-IA-000011 - The Windows 2012 DNS Server must implement a local cache of revocation data for PKIauthentication in the event revocation information via the network is not accessible. | DISA Microsoft Windows 2012 Server DNS STIG v2r1 | Windows | |
