Hi Chuck Atkins, Based on what I've found, it seems NIST 800-171 extending the whole OSPP really seems to be overkill, and was probably a workaround, or at least the fastest way to implement it at the time. However, I think the best people to confirm that are Shawn or Gabriel, both copied in this email.
So, lets see what they can tell about it. By the way, it's nice to know to someone from kitware, I really appreciate the software you build there, not only the CMake but Paraview helped me a lot! Regards ----- Original Message ----- From: "Wesley Ceraso Prudencio" <[email protected]> To: "SCAP Security Guide" <[email protected]> Sent: Monday, August 28, 2017 4:00:37 PM Subject: Re: CUI profile for EL7 Hi Chuck Atkins, I'm investigating this right now and I expect to give you a response by today. Thanks ----- Original Message ----- From: "Chuck Atkins" <[email protected]> To: "SCAP Security Guide" <[email protected]> Sent: Monday, August 28, 2017 3:50:53 PM Subject: Re: CUI profile for EL7 Ping? ---------- Chuck Atkins Staff R&D Engineer, Scientific Computing Kitware, Inc. On Tue, Aug 22, 2017 at 5:01 PM, Chuck Atkins < [email protected] > wrote: I was looking at the NIST 800-171 profile for Controlled Unclassified Information (CUI) and it looks like all it does is derive from the OSPP profile. While I'm sure this profile covers at least what's needed for CUI, inheriting the whole OSPP profile seems like *way* overkill and the OSPP profile itself describes NIST 800-171 as a subset. Should the nist-800-171 profile have more rules disabled or is it really that close of an overlap that the only difference is the inactivity timeout? ---------- Chuck Atkins Staff R&D Engineer, Scientific Computing Kitware, Inc. _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected] _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected] _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
