On 5/9/16 8:07 PM, david.ol...@verizon.net wrote:
I just got my Open-SCAP tool to work on CentOS 7 and works great. In
looking at the output, I noticed
that a significant number of CCEs do not have a numeric value to them,
but appear to be left open.
Who gets to enter CCEs to the NIST CCE dictionary?
Red Hat requests a block of CCEs from NIST, and dumps them into the
Anyone in the community can take a CCE out of the available list and
assign to an XCCDF rule. We do ask that someone from Red Hat merges the
patch, as once assigned it does become a binding identifier that Red Hat
corporately attests to.
Noticed we're running low on CCEs. Just pinged NIST for more.
Open-scap-list mailing list