You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
the Guide to OSCAL-based FedRAMP System Security Plans (SSP)
the Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)
the Guide to OSCAL-based FedRAMP Security Assessment Results (SAR)
the Guide to OSCAL-based FedRAMP Plan of Action and Milestones (POA&M)
the FedRAMP SSP OSCAL Template (JSON or XML Format)
the FedRAMP SAP OSCAL Template (JSON or XML Format)
the FedRAMP SAR OSCAL Template (JSON or XML Format)
the FedRAMP POA&M OSCAL Template (JSON or XML Format)
the FedRAMP OSCAL Validations
What is your feedback?
For the Digital Identity Level (DIL) Determination there is a discrepancy between the document templates and OSCAL with the values it accepts. In the document templates it accepts the following values: IAL3/FAL3/AAL3, IAL2/FAL2/AAL2, IAL 1/FAL1/AAL1, but in OSCAL it needs an integer: 1, 2, or 3.
Similarly, in the definitions for the SSP meta schema, it requires 1, 2, or 3:
Is there a reason for having this difference between the documents and OSCAL? Could we instead use only one of the value option types (string vs integer)?
Where, exactly?
SSP OSCAL and Document Templates
Other information
No response
The text was updated successfully, but these errors were encountered:
OSCAL <prop name="identity-assurance-level" value="1" /> is the equivalent of IAL1 in the documented template
OSCAL <prop name="authenticator-assurance-level" value="2" /> is the equivalent of AAL2 in the documented template
OSCAL <prop name="federation-assurance-level" value="3" /> is the equivalent of FAL3 in the documented template
Removing these props from core NIST OSCAL would be a backwards breaking / non-compatible change and adding new props would be duplicative so we do not foresee a change in the near-term.
I agree. I would recommend instead changing the requirement in the legacy SSP template to 1, 2, 3 to match OSCAL, and not changing the OSCAL to match legacy.
And/or Accept the OSCAL syntax of 1,2,3 in an SSP produced by OSCAL as opposed to IAL1,AAL1,FAL1, IAL2, AAL2,FAL2, IAL3,AAL3,FAL3.
Ticket is for consistency between the manual and OSCAL process, without requiring a processor between the two to convert the formatting back and forth.
This is a ...
question - need to understand something
This relates to ...
What is your feedback?
For the Digital Identity Level (DIL) Determination there is a discrepancy between the document templates and OSCAL with the values it accepts. In the document templates it accepts the following values: IAL3/FAL3/AAL3, IAL2/FAL2/AAL2, IAL 1/FAL1/AAL1, but in OSCAL it needs an integer: 1, 2, or 3.
Similarly, in the definitions for the SSP meta schema, it requires 1, 2, or 3:
Is there a reason for having this difference between the documents and OSCAL? Could we instead use only one of the value option types (string vs integer)?
Where, exactly?
SSP OSCAL and Document Templates
Other information
No response
The text was updated successfully, but these errors were encountered: