From 968a9a34c739d19dd54484eb78b9f008fe702a09 Mon Sep 17 00:00:00 2001
From: Rene Tshiteya <rene-claude.tshiteya@noblis.org>
Date: Mon, 28 Oct 2024 15:36:53 -0400
Subject: [PATCH] Fix constraints and constraint test files per issue #773

---
 .../content/fedramp-tailoring-profile.xml     |  2 +-
 .../content/profile-all-INVALID.xml           |  4 +--
 .../constraints/content/ssp-all-VALID.xml     | 36 +++++++++----------
 .../content/ssp-attachment-type-INVALID.xml   |  2 +-
 .../ssp-authorization-type-INVALID.xml        |  2 +-
 .../ssp-cloud-service-model-INVALID.xml       |  2 +-
 ...-control-implementation-status-INVALID.xml |  2 +-
 .../content/ssp-deployment-model-INVALID.xml  |  2 +-
 ...-authenticator-assurance-level-INVALID.xml |  2 +-
 ...-configuration-management-plan-INVALID.xml |  2 +-
 ...has-federation-assurance-level-INVALID.xml |  2 +-
 ...p-has-identity-assurance-level-INVALID.xml |  2 +-
 ...ssp-has-incident-response-plan-INVALID.xml |  2 +-
 ...mation-system-contingency-plan-INVALID.xml |  2 +-
 .../ssp-has-rules-of-behavior-INVALID.xml     |  2 +-
 ...as-separation-of-duties-matrix-INVALID.xml |  2 +-
 .../content/ssp-has-user-guide-INVALID.xml    |  2 +-
 .../ssp-interconnection-direction-INVALID.xml |  4 +--
 .../ssp-interconnection-security-INVALID.xml  |  4 +--
 ...sp-missing-response-components-INVALID.xml |  6 ++--
 .../ssp-profile-response-point-INVALID.xml    |  4 +--
 ...p-resource-has-base64-or-rlink-INVALID.xml |  2 +-
 .../ssp-resource-has-title-INVALID.xml        |  2 +-
 .../content/ssp-scan-type-INVALID.xml         |  2 +-
 .../fedramp-external-allowed-values.xml       | 18 +++++-----
 .../fedramp-external-constraints.xml          |  6 ++--
 26 files changed, 59 insertions(+), 59 deletions(-)

diff --git a/src/validations/constraints/content/fedramp-tailoring-profile.xml b/src/validations/constraints/content/fedramp-tailoring-profile.xml
index ac28635e8..b5301ab3f 100644
--- a/src/validations/constraints/content/fedramp-tailoring-profile.xml
+++ b/src/validations/constraints/content/fedramp-tailoring-profile.xml
@@ -20,7 +20,7 @@
   <modify>
     <alter control-id="ac-1">
         <add position="ending">
-            <prop ns="https://fedramp.gov/ns/oscal" name="response-point" value="Required"/>
+            <prop ns="http://fedramp.gov/ns/oscal" name="response-point" value="Required"/>
         </add>
     </alter>
   </modify>
diff --git a/src/validations/constraints/content/profile-all-INVALID.xml b/src/validations/constraints/content/profile-all-INVALID.xml
index de6bfcbb9..5b5bc573a 100644
--- a/src/validations/constraints/content/profile-all-INVALID.xml
+++ b/src/validations/constraints/content/profile-all-INVALID.xml
@@ -16,8 +16,8 @@
     <alter control-id="ac-1">
       <add position="starting">
         <part name="statement">
-          <prop name="response-point" ns="https://fedramp.gov/ns/oscal" value="123"/>
-          <prop name="response-point" ns="https://fedramp.gov/ns/oscal" value="1234"/>
+          <prop name="response-point" ns="http://fedramp.gov/ns/oscal" value="123"/>
+          <prop name="response-point" ns="http://fedramp.gov/ns/oscal" value="1234"/>
           <p>This is a test checking that profiles validation fails if more than one response point is specified for a given (control) part.</p>
         </part>
       </add>
diff --git a/src/validations/constraints/content/ssp-all-VALID.xml b/src/validations/constraints/content/ssp-all-VALID.xml
index 65ae0a7cf..3c03f1622 100644
--- a/src/validations/constraints/content/ssp-all-VALID.xml
+++ b/src/validations/constraints/content/ssp-all-VALID.xml
@@ -10,7 +10,7 @@
     <version>1.1</version>
     <oscal-version>1.1.2</oscal-version>
     <document-id scheme="https://example.com/identifiers">SSP-2024-002</document-id>
-    <prop name="fedramp-version" ns="https://fedramp.gov/ns/oscal" value="fedramp-3.0.0rc1-oscal-1.1.2"/>
+    <prop name="fedramp-version" ns="http://fedramp.gov/ns/oscal" value="fedramp-3.0.0rc1-oscal-1.1.2"/>
     
     <role id="creator">
       <title>Document Creator</title>
@@ -71,14 +71,14 @@
   <import-profile href="../../../../dist/content/rev5/baselines/xml/FedRAMP_rev5_HIGH-baseline-resolved-profile_catalog.xml"/>
   
   <system-characteristics>
-    <system-id identifier-type="https://fedramp.gov">F00000001</system-id>
+    <system-id identifier-type="http://fedramp.gov/ns/oscal">F00000001</system-id>
     <system-name>Enhanced Example System</system-name>
     <description>
       <p>This is an enhanced example system for demonstration purposes, incorporating more FedRAMP-specific elements.</p>
     </description>
-    <prop name='cloud-deployment-model' value='government-only-cloud' ns="https://fedramp.gov/ns/oscal"/>
-    <prop name='cloud-service-model' value='other' ns="https://fedramp.gov/ns/oscal"/>
-    <prop name='authorization-type' value='fedramp-agency' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-deployment-model' value='government-only-cloud' ns="http://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-service-model' value='other' ns="http://fedramp.gov/ns/oscal"/>
+    <prop name='authorization-type' value='fedramp-agency' ns="http://fedramp.gov/ns/oscal"/>
     <prop name="identity-assurance-level" value="2"/>
     <prop name="authenticator-assurance-level" value="2"/>
     <prop name="federation-assurance-level" value="2"/>
@@ -175,8 +175,8 @@
       <description>
         <p>Secure connection to an external API for data enrichment.</p>
       </description>
-      <prop name="interconnection-security" value="vpn" ns="https://fedramp.gov/ns/oscal"/>
-      <prop name="interconnection-direction" value="in/out" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-security" value="vpn" ns="http://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-direction" value="in/out" ns="http://fedramp.gov/ns/oscal"/>
       <status state="operational"/>
       <responsible-role role-id="system-admin">
         <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>
@@ -195,7 +195,7 @@
       <prop name="allows-authenticated-scan" value="yes"/>
       <prop name="public" value="no"/>
       <prop name="virtual" value="yes"/>
-      <prop name="scan-type" value="database" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="scan-type" value="database" ns="http://fedramp.gov/ns/oscal"/>
       <responsible-party role-id="asset-owner">
         <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>
       </responsible-party>
@@ -210,15 +210,15 @@
       <p>Implementation of controls for the Enhanced Example System</p>
     </description>
     <implemented-requirement uuid="88888888-0000-4000-9000-000000000008" control-id="ac-1">
-      <prop name="control-origination" value="sp-system" ns="https://fedramp.gov/ns/oscal"/>
-      <prop name="implementation-status" value="partial" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="control-origination" value="sp-system" ns="http://fedramp.gov/ns/oscal"/>
+      <prop name="implementation-status" value="partial" ns="http://fedramp.gov/ns/oscal"/>
       <statement statement-id="ac-1_stmt.a" uuid="99999999-0000-4000-9000-000000000009">
       </statement>
       <by-component component-uuid="55555555-0000-4000-9000-000000000005" uuid="aaaaaaaa-0000-4000-9000-00000000000a">
         <description>
           <p>Access Control Policy and Procedures (AC-1) is fully implemented in our system.</p>
         </description>
-        <prop ns="https://fedramp.gov/ns/oscal" name="implementation-status" value="implemented"/>
+        <prop ns="http://fedramp.gov/ns/oscal" name="implementation-status" value="implemented"/>
         <responsible-role role-id="system-admin">
           <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>
         </responsible-role>
@@ -226,14 +226,14 @@
     </implemented-requirement>
     
     <implemented-requirement uuid="bbbbbbbb-0000-4000-9000-00000000000b" control-id="cm-8">
-      <prop name="control-origination" value="sp-system" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="control-origination" value="sp-system" ns="http://fedramp.gov/ns/oscal"/>
       <statement statement-id="cm-8_stmt.a" uuid="cccccccc-0000-4000-9000-00000000000c">
       </statement>
       <by-component component-uuid="55555555-0000-4000-9000-000000000005" uuid="dddddddd-0000-4000-9000-00000000000d">
         <description>
           <p>Information System Component Inventory (CM-8) is partially implemented.</p>
         </description>
-        <prop ns="https://fedramp.gov/ns/oscal" name="implementation-status" value="partial"/>
+        <prop ns="http://fedramp.gov/ns/oscal" name="implementation-status" value="partial"/>
         <responsible-role role-id="system-admin">
           <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>
         </responsible-role>
@@ -247,7 +247,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="policy" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="policy" ns="http://fedramp.gov/ns/oscal"/>
       <rlink href="https://example.com/policies/access-control.pdf"/>
     </resource>
     <resource uuid="90a128ac-c850-48f6-8fff-a55692f80b41">
@@ -328,7 +328,7 @@
   <description>
      <p>Separation of Duties Matrix</p>
   </description>
-  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="separation-of-duties-matrix"/>
+  <prop ns="http://fedramp.gov/ns/oscal" name="type" value="separation-of-duties-matrix"/>
   <prop name="published" value="2023-01-01T00:00:00Z"/>
   <prop name="version" value="Document Version"/>
   <rlink href="./documents/Sep_Matrix.docx" media-type="application/msword"/>
@@ -344,7 +344,7 @@
   <description>
      <p>Authorization Boundary Diagram</p>
   </description>
-  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
+  <prop ns="http://fedramp.gov/ns/oscal" name="type" value="plan"/>
   <prop name="published" value="2023-01-01T00:00:00Z"/>
   <prop name="version" value="Document Version"/>
   <rlink href="./documents/AuthBoundary.docx" media-type="application/msword"/>
@@ -359,7 +359,7 @@
   <description>
      <p>Network Architecture Diagram</p>
   </description>
-  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
+  <prop ns="http://fedramp.gov/ns/oscal" name="type" value="plan"/>
   <prop name="published" value="2023-01-01T00:00:00Z"/>
   <prop name="version" value="Document Version"/>
   <rlink href="./documents/NetworkArchitecture.docx" media-type="application/msword"/>
@@ -374,7 +374,7 @@
   <description>
      <p>Data flow Diagram</p>
   </description>
-  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
+  <prop ns="http://fedramp.gov/ns/oscal" name="type" value="plan"/>
   <prop name="published" value="2023-01-01T00:00:00Z"/>
   <prop name="version" value="Document Version"/>
   <rlink href="./documents/Dataflo.docx" media-type="application/msword"/>
diff --git a/src/validations/constraints/content/ssp-attachment-type-INVALID.xml b/src/validations/constraints/content/ssp-attachment-type-INVALID.xml
index d06c671c3..bc716ca85 100644
--- a/src/validations/constraints/content/ssp-attachment-type-INVALID.xml
+++ b/src/validations/constraints/content/ssp-attachment-type-INVALID.xml
@@ -5,7 +5,7 @@
                       uuid="12345678-1234-4321-8765-123456789012">
   <back-matter>
     <resource uuid="eeeeeeee-0000-4000-9000-00000000000e">
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-authorization-type-INVALID.xml b/src/validations/constraints/content/ssp-authorization-type-INVALID.xml
index dd2fab6b5..1cd5436ae 100644
--- a/src/validations/constraints/content/ssp-authorization-type-INVALID.xml
+++ b/src/validations/constraints/content/ssp-authorization-type-INVALID.xml
@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='authorization-type' value='unsupported-value' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='authorization-type' value='unsupported-value' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-cloud-service-model-INVALID.xml b/src/validations/constraints/content/ssp-cloud-service-model-INVALID.xml
index c44fa26ed..ee2130ab0 100644
--- a/src/validations/constraints/content/ssp-cloud-service-model-INVALID.xml
+++ b/src/validations/constraints/content/ssp-cloud-service-model-INVALID.xml
@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='cloud-service-model' value='unsupported-model' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-service-model' value='unsupported-model' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-control-implementation-status-INVALID.xml b/src/validations/constraints/content/ssp-control-implementation-status-INVALID.xml
index 01aea8746..72f9df0bd 100644
--- a/src/validations/constraints/content/ssp-control-implementation-status-INVALID.xml
+++ b/src/validations/constraints/content/ssp-control-implementation-status-INVALID.xml
@@ -6,7 +6,7 @@
   <control-implementation>
     <implemented-requirement uuid="88888888-0000-4000-9000-000000000008" control-id="ac-1">
       <by-component component-uuid="55555555-0000-4000-9000-000000000005" uuid="aaaaaaaa-0000-4000-9000-00000000000a">
-        <prop ns="https://fedramp.gov/ns/oscal" name="implementation-status" value="unsupported-status"/>
+        <prop ns="http://fedramp.gov/ns/oscal" name="implementation-status" value="unsupported-status"/>
       </by-component>
     </implemented-requirement>
   </control-implementation>
diff --git a/src/validations/constraints/content/ssp-deployment-model-INVALID.xml b/src/validations/constraints/content/ssp-deployment-model-INVALID.xml
index 03c17a486..71c059105 100644
--- a/src/validations/constraints/content/ssp-deployment-model-INVALID.xml
+++ b/src/validations/constraints/content/ssp-deployment-model-INVALID.xml
@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='cloud-deployment-model' value='unsupported-value' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-deployment-model' value='unsupported-value' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-has-authenticator-assurance-level-INVALID.xml b/src/validations/constraints/content/ssp-has-authenticator-assurance-level-INVALID.xml
index c44fa26ed..ee2130ab0 100644
--- a/src/validations/constraints/content/ssp-has-authenticator-assurance-level-INVALID.xml
+++ b/src/validations/constraints/content/ssp-has-authenticator-assurance-level-INVALID.xml
@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='cloud-service-model' value='unsupported-model' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-service-model' value='unsupported-model' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-has-configuration-management-plan-INVALID.xml b/src/validations/constraints/content/ssp-has-configuration-management-plan-INVALID.xml
index d134e7119..ab9d648ee 100644
--- a/src/validations/constraints/content/ssp-has-configuration-management-plan-INVALID.xml
+++ b/src/validations/constraints/content/ssp-has-configuration-management-plan-INVALID.xml
@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-has-federation-assurance-level-INVALID.xml b/src/validations/constraints/content/ssp-has-federation-assurance-level-INVALID.xml
index 72e6dfad0..24c15bdec 100644
--- a/src/validations/constraints/content/ssp-has-federation-assurance-level-INVALID.xml
+++ b/src/validations/constraints/content/ssp-has-federation-assurance-level-INVALID.xml
@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='cloud-service-model' value='unsupported-model' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-service-model' value='unsupported-model' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>
\ No newline at end of file
diff --git a/src/validations/constraints/content/ssp-has-identity-assurance-level-INVALID.xml b/src/validations/constraints/content/ssp-has-identity-assurance-level-INVALID.xml
index 72e6dfad0..24c15bdec 100644
--- a/src/validations/constraints/content/ssp-has-identity-assurance-level-INVALID.xml
+++ b/src/validations/constraints/content/ssp-has-identity-assurance-level-INVALID.xml
@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='cloud-service-model' value='unsupported-model' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-service-model' value='unsupported-model' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>
\ No newline at end of file
diff --git a/src/validations/constraints/content/ssp-has-incident-response-plan-INVALID.xml b/src/validations/constraints/content/ssp-has-incident-response-plan-INVALID.xml
index d134e7119..ab9d648ee 100644
--- a/src/validations/constraints/content/ssp-has-incident-response-plan-INVALID.xml
+++ b/src/validations/constraints/content/ssp-has-incident-response-plan-INVALID.xml
@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-has-information-system-contingency-plan-INVALID.xml b/src/validations/constraints/content/ssp-has-information-system-contingency-plan-INVALID.xml
index d134e7119..ab9d648ee 100644
--- a/src/validations/constraints/content/ssp-has-information-system-contingency-plan-INVALID.xml
+++ b/src/validations/constraints/content/ssp-has-information-system-contingency-plan-INVALID.xml
@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-has-rules-of-behavior-INVALID.xml b/src/validations/constraints/content/ssp-has-rules-of-behavior-INVALID.xml
index d134e7119..ab9d648ee 100644
--- a/src/validations/constraints/content/ssp-has-rules-of-behavior-INVALID.xml
+++ b/src/validations/constraints/content/ssp-has-rules-of-behavior-INVALID.xml
@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-has-separation-of-duties-matrix-INVALID.xml b/src/validations/constraints/content/ssp-has-separation-of-duties-matrix-INVALID.xml
index d134e7119..ab9d648ee 100644
--- a/src/validations/constraints/content/ssp-has-separation-of-duties-matrix-INVALID.xml
+++ b/src/validations/constraints/content/ssp-has-separation-of-duties-matrix-INVALID.xml
@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-has-user-guide-INVALID.xml b/src/validations/constraints/content/ssp-has-user-guide-INVALID.xml
index d134e7119..ab9d648ee 100644
--- a/src/validations/constraints/content/ssp-has-user-guide-INVALID.xml
+++ b/src/validations/constraints/content/ssp-has-user-guide-INVALID.xml
@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-interconnection-direction-INVALID.xml b/src/validations/constraints/content/ssp-interconnection-direction-INVALID.xml
index 1a9a7bc8c..987fe20b7 100644
--- a/src/validations/constraints/content/ssp-interconnection-direction-INVALID.xml
+++ b/src/validations/constraints/content/ssp-interconnection-direction-INVALID.xml
@@ -9,8 +9,8 @@
       <description>
         <p>Secure connection to an external API for data enrichment.</p>
       </description>
-      <prop name="interconnection-security" value="unsupported-security" ns="https://fedramp.gov/ns/oscal"/>
-      <prop name="interconnection-direction" value="unsupported-direction" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-security" value="unsupported-security" ns="http://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-direction" value="unsupported-direction" ns="http://fedramp.gov/ns/oscal"/>
       <status state="operational"/>
       <responsible-role role-id="system-admin">
         <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>
diff --git a/src/validations/constraints/content/ssp-interconnection-security-INVALID.xml b/src/validations/constraints/content/ssp-interconnection-security-INVALID.xml
index 1a9a7bc8c..987fe20b7 100644
--- a/src/validations/constraints/content/ssp-interconnection-security-INVALID.xml
+++ b/src/validations/constraints/content/ssp-interconnection-security-INVALID.xml
@@ -9,8 +9,8 @@
       <description>
         <p>Secure connection to an external API for data enrichment.</p>
       </description>
-      <prop name="interconnection-security" value="unsupported-security" ns="https://fedramp.gov/ns/oscal"/>
-      <prop name="interconnection-direction" value="unsupported-direction" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-security" value="unsupported-security" ns="http://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-direction" value="unsupported-direction" ns="http://fedramp.gov/ns/oscal"/>
       <status state="operational"/>
       <responsible-role role-id="system-admin">
         <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>
diff --git a/src/validations/constraints/content/ssp-missing-response-components-INVALID.xml b/src/validations/constraints/content/ssp-missing-response-components-INVALID.xml
index 9af07aea0..805e44bb2 100644
--- a/src/validations/constraints/content/ssp-missing-response-components-INVALID.xml
+++ b/src/validations/constraints/content/ssp-missing-response-components-INVALID.xml
@@ -8,14 +8,14 @@
       <p>Implementation of controls for the Enhanced Example System</p>
     </description>
     <implemented-requirement uuid="88888888-0000-4000-9000-000000000008" control-id="ac-1">
-      <prop name="control-origination" value="unsupported-origination" ns="https://fedramp.gov/ns/oscal"/>
-      <prop name="implementation-status" value="unsupported-status" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="control-origination" value="unsupported-origination" ns="http://fedramp.gov/ns/oscal"/>
+      <prop name="implementation-status" value="unsupported-status" ns="http://fedramp.gov/ns/oscal"/>
       <statement statement-id="ac-1_stmt.a" uuid="99999999-0000-4000-9000-000000000009">
       </statement>
     </implemented-requirement>
     
     <implemented-requirement uuid="bbbbbbbb-0000-4000-9000-00000000000b" control-id="cm-8">
-      <prop name="control-origination" value="unsupported-origination" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="control-origination" value="unsupported-origination" ns="http://fedramp.gov/ns/oscal"/>
       <statement statement-id="cm-8_stmt.a" uuid="cccccccc-0000-4000-9000-00000000000c">
       </statement>
     </implemented-requirement>
diff --git a/src/validations/constraints/content/ssp-profile-response-point-INVALID.xml b/src/validations/constraints/content/ssp-profile-response-point-INVALID.xml
index b4839d067..d83e672c0 100644
--- a/src/validations/constraints/content/ssp-profile-response-point-INVALID.xml
+++ b/src/validations/constraints/content/ssp-profile-response-point-INVALID.xml
@@ -93,8 +93,8 @@
         <link href="#4c0ec2ee-a0d6-428a-9043-4504bc3ade6f" rel="reference"/>
         <link href="#7f473f21-fdbf-4a6c-81a1-0ab95919609d" rel="reference"/>
         <part name="statement" ns="http://csrc.nist.gov/ns/oscal">
-            <prop name="response-point" ns="https://fedramp.gov/ns/oscal" value="123"/>
-            <prop name="response-point" ns="https://fedramp.gov/ns/oscal" value="1234"/>
+            <prop name="response-point" ns="http://fedramp.gov/ns/oscal" value="123"/>
+            <prop name="response-point" ns="http://fedramp.gov/ns/oscal" value="1234"/>
         </part>
 
 </control>
diff --git a/src/validations/constraints/content/ssp-resource-has-base64-or-rlink-INVALID.xml b/src/validations/constraints/content/ssp-resource-has-base64-or-rlink-INVALID.xml
index d134e7119..ab9d648ee 100644
--- a/src/validations/constraints/content/ssp-resource-has-base64-or-rlink-INVALID.xml
+++ b/src/validations/constraints/content/ssp-resource-has-base64-or-rlink-INVALID.xml
@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-resource-has-title-INVALID.xml b/src/validations/constraints/content/ssp-resource-has-title-INVALID.xml
index d134e7119..ab9d648ee 100644
--- a/src/validations/constraints/content/ssp-resource-has-title-INVALID.xml
+++ b/src/validations/constraints/content/ssp-resource-has-title-INVALID.xml
@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>
diff --git a/src/validations/constraints/content/ssp-scan-type-INVALID.xml b/src/validations/constraints/content/ssp-scan-type-INVALID.xml
index 4e64d0cbf..4c6c62b54 100644
--- a/src/validations/constraints/content/ssp-scan-type-INVALID.xml
+++ b/src/validations/constraints/content/ssp-scan-type-INVALID.xml
@@ -5,7 +5,7 @@
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-implementation>
     <inventory-item uuid="77777777-0000-4000-9000-000000000007">
-      <prop name="scan-type" value="unsupported-scan-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="scan-type" value="unsupported-scan-type" ns="http://fedramp.gov/ns/oscal"/>
     </inventory-item>
   </system-implementation>
 </system-security-plan>
diff --git a/src/validations/constraints/fedramp-external-allowed-values.xml b/src/validations/constraints/fedramp-external-allowed-values.xml
index 4b5ae3b06..c0da0b0c2 100644
--- a/src/validations/constraints/fedramp-external-allowed-values.xml
+++ b/src/validations/constraints/fedramp-external-allowed-values.xml
@@ -15,13 +15,13 @@
 
         <constraints>
             
-            <allowed-values id="fedramp-version" target="metadata/prop[@name='fedramp-version'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="fedramp-version" target="metadata/prop[@name='fedramp-version'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>FedRAMP Version</formal-name>
                 <description>Identifies the FedRAMP version of the document.</description>
                 <enum value="fedramp-3.0.0rc1-oscal-1.1.2">FedRAMP Version</enum>
             </allowed-values>
             
-            <allowed-values id="attachment-type" target="back-matter/resource/prop[@name='type'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="attachment-type" target="back-matter/resource/prop[@name='type'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>Attachment Type</formal-name>
                 <description>Identifies the type of attachment.</description>
                 <enum value="law">Law or Statute</enum>
@@ -91,7 +91,7 @@
                 <enum value="not-applicable">Not Applicable</enum>
             </allowed-values>
 
-            <allowed-values id="interconnection-direction" target="system-implementation/component[@type='interconnection']/prop[@name='interconnection-direction'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="interconnection-direction" target="system-implementation/component[@type='interconnection']/prop[@name='interconnection-direction'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>Interconnection Direction</formal-name>
                 <description>Identifies the direction of information flow for the interconnection.</description>
                 <enum value="in">Incoming</enum>
@@ -99,7 +99,7 @@
                 <enum value="in/out">Bi-Directional</enum>
             </allowed-values>
 
-            <allowed-values id="interconnection-security" target="system-implementation/component[@type='interconnection']/prop[@name='interconnection-security'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="interconnection-security" target="system-implementation/component[@type='interconnection']/prop[@name='interconnection-security'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>Interconnection Security</formal-name>
                 <description>Identifies the type of security applied to the interconnection.</description>
                 <enum value="ipsec">IPsec</enum>
@@ -111,7 +111,7 @@
                 <enum value="other">Other</enum>
             </allowed-values>
 
-            <allowed-values id="scan-type" target="system-implementation//prop[@name='scan-type'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="scan-type" target="system-implementation//prop[@name='scan-type'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>Scan Type</formal-name>
                 <description>Identifies the type of scan.</description>
                 <enum value="infrastructure">Infrastructure and Operating System Scan</enum>
@@ -129,14 +129,14 @@
                 </remarks>
             </allowed-values>
 
-            <allowed-values id="authorization-type" target="system-characteristics/prop[@name='authorization-type'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="authorization-type" target="system-characteristics/prop[@name='authorization-type'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>Authorization Type</formal-name>
                 <description>The FedRAMP Authorization Type</description>
                 <enum value="fedramp-jab">FedRAMP JAB P-ATO</enum>
                 <enum value="fedramp-agency">FedRAMP Agency ATO</enum>
                 <enum value="fedramp-li-saas">FedRAMP Tailored for LI-SaaS</enum>
             </allowed-values>
-            <allowed-values id="deployment-model" target="system-characteristics/prop[@name='cloud-deployment-model'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="deployment-model" target="system-characteristics/prop[@name='cloud-deployment-model'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>Deployment Model</formal-name>
                 <description>The cloud deployment model.</description>
                 <enum value="public-cloud">Public Cloud</enum>
@@ -145,7 +145,7 @@
                 <enum value="hybrid-cloud">Hybrid</enum>
                 <enum value="other">Other</enum>
             </allowed-values>
-            <allowed-values id="authorization-type" target="system-characteristics/prop[@name='authorization-type'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="authorization-type" target="system-characteristics/prop[@name='authorization-type'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>Authorization Type</formal-name>
                 <description>The FedRAMP Authorization Type</description>
                 <enum value="fedramp-jab">FedRAMP JAB P-ATO</enum>
@@ -173,7 +173,7 @@
                 <enum value="no-access">No Access</enum>
               </allowed-values>
 
-            <allowed-values id="cloud-service-model" target="system-characteristics/prop[@name='cloud-service-model'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="cloud-service-model" target="system-characteristics/prop[@name='cloud-service-model'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>Cloud Service Model</formal-name>
                 <description>The cloud service model used by the system.</description>
                 <enum value="iaas">Infrastructure as a Service</enum>
diff --git a/src/validations/constraints/fedramp-external-constraints.xml b/src/validations/constraints/fedramp-external-constraints.xml
index dd1b78c23..a59de02b7 100644
--- a/src/validations/constraints/fedramp-external-constraints.xml
+++ b/src/validations/constraints/fedramp-external-constraints.xml
@@ -8,7 +8,7 @@
         <metapath target="/assessment-plan/local-definitions/objectives-and-methods"/>
         <metapath target="/assessment-results/local-definitions/objectives-and-methods"/>
         <constraints>
-            <expect id="prop-response-point-has-cardinality-one" target=".//part" test="count(prop[@ns='https://fedramp.gov/ns/oscal' and @name='response-point']) &lt;= 1">
+            <expect id="prop-response-point-has-cardinality-one" target=".//part" test="count(prop[@ns='http://fedramp.gov/ns/oscal' and @name='response-point']) &lt;= 1">
                 <message>Duplicate response point at '{ path(.) }'.</message>
             </expect>
             <remarks>
@@ -21,7 +21,7 @@
     <context>
         <metapath target="//metadata"/>
         <constraints>
-            <expect id="fedramp-version" target="." test="prop[@name='fedramp-version'][@ns='https://fedramp.gov/ns/oscal']">
+            <expect id="fedramp-version" target="." test="prop[@name='fedramp-version'][@ns='http://fedramp.gov/ns/oscal']">
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/general-concepts/4-expressing-common-fedramp-template-elements-in-oscal/#fedramp-version"/>
                 <message>A FedRAMP document's metadata MUST define a valid FedRAMP version.</message>
                 <remarks>
@@ -156,7 +156,7 @@
             <expect id="has-data-flow-diagram-link-rel-allowed-value" target="system-characteristics/data-flow/diagram/link" test="@rel eq 'diagram'" level="ERROR">
                 <message>Each FedRAMP SSP data flow diagram must have a link rel attribute with the value "diagram".</message>
             </expect>
-            <expect id="has-system-id" target="system-characteristics" test="system-id[@identifier-type eq 'https://fedramp.gov']" level="ERROR">
+            <expect id="has-system-id" target="system-characteristics" test="system-id[@identifier-type eq 'http://fedramp.gov/ns/oscal']" level="ERROR">
                 <prop namespace="https://docs.oasis-open.org/sarif/sarif/v2.1.0" name="help-url" value="https://automate.fedramp.gov/documentation/ssp/4-ssp-template-to-oscal-mapping/#system-name-abbreviation-and-fedramp-unique-identifier"/>
                 <message>A FedRAMP SSP must have a FedRAMP system identifier.</message>
             </expect>