EDGE-00-000030 – Online revocation checks must be performed.

Details

If you enable this policy, Microsoft Edge will perform soft-fail, online OCSP/CRL checks. ‘Soft fail’ means that if the revocation server can’t be reached, the certificate will be considered valid.

If you disable the policy or don’t configure it, Microsoft Edge won’t perform online revocation checks.

Solution

Set the policy value for ‘Computer Configuration/Administrative Templates/Microsoft Edge/Enable online OCSP/CRL checks’ to ‘Enabled’.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Edge_V1R4_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Windows.

References

800-53|IA-5(2)(a)
CAT|II
CCI|CCI-000185
Rule-ID|SV-235747r766851_rule
STIG-ID|EDGE-00-000030
Vuln-ID|V-235747

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles