Link to OVAL information.
|Deletions are marked like this.||Additions are marked like this.|
|Line 3:||Line 3:|
|This page is a TODO/IDEAS list to implement a SCAP guide for Debian.||This page is a TODO/IDEAS list to implement a SCAP guide for Debian. Debian automatically generates and publishes [[https://www.debian.org/security/oval/|OVAL information]] for use by SCAP.|
Debian SCAP Guide
This page is a TODO/IDEAS list to implement a SCAP guide for Debian. Debian automatically generates and publishes OVAL information for use by SCAP.
- Define the Profiles we want.
- What are Debian CPEs (platform, family?)
- Define distribution we target (typically: testing then stable)
- How to let our derivative fork easily?
- How to cooperate with scap-security-guide
- Test infrastructure?
- Compare: our supported checks, upstream checks, and a wishlist.
- Each SCAP probe should be tested, both in unstable and testing
- Each Debian distribution should be evaluated, for each relevant profile.
- Write docs
- Define communication channels so contributors can follow and participate (IRC, mailing list, etc.)
- Translating the SCAP guide
- Support older distribution
- provide framework so maintainers can provide probes in their packages
Fix the broken OVAL information for Debian