I know DCID 6/3 is going away, but I would like to map the DCID requirements to the rules in the scap-security-guide. Questions: 1) Has this been done in a non-public repo since the source is FOUO? 2) Would it be acceptable to commit the DCID paragraph numbers to the git tree without any expository text? e.g. <ref dcid="1.1, 2.2, 3.3"/>
joe
This would be excellent, and has been on our (mental) roadmap for a while. I am also not aware that anyone has done it yet. There was also interest in this from other parties (and firm intentions but not yet firm plans).
Your XML is almost exactly what I had in mind (and I'll need to update the shorthand2xccdf.xslt transform to handle appropriately, to turn it into real XCCDF.).
Let's coordinate details off the list.
Another relevant reference is DISA's CCIs (as defined in their OS SRG). This will let us ensure that we've achieved a level of completeness called for in the STIGs, enabling their use of the content for a future STIG.
On 01/26/2012 03:14 PM, Joe Nall wrote:
I know DCID 6/3 is going away, but I would like to map the DCID requirements to the rules in the scap-security-guide. Questions:
- Has this been done in a non-public repo since the source is FOUO?
- Would it be acceptable to commit the DCID paragraph numbers to the git tree without any expository text? e.g.<ref dcid="1.1, 2.2, 3.3"/>
joe
scap-security-guide mailing list scap-security-guide@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/scap-security-guide
scap-security-guide@lists.fedorahosted.org