Fix constraints and constraint test files per issue GSA#773

src/validations/constraints/content/fedramp-tailoring-profile.xml

@@ -20,7 +20,7 @@
   <modify>
     <alter control-id="ac-1">
         <add position="ending">
-            <prop ns="https://fedramp.gov/ns/oscal" name="response-point" value="Required"/>
+            <prop ns="http://fedramp.gov/ns/oscal" name="response-point" value="Required"/>
         </add>
     </alter>
   </modify>

src/validations/constraints/content/profile-all-INVALID.xml

@@ -16,8 +16,8 @@
     <alter control-id="ac-1">
       <add position="starting">
         <part name="statement">
-          <prop name="response-point" ns="https://fedramp.gov/ns/oscal" value="123"/>
-          <prop name="response-point" ns="https://fedramp.gov/ns/oscal" value="1234"/>
+          <prop name="response-point" ns="http://fedramp.gov/ns/oscal" value="123"/>
+          <prop name="response-point" ns="http://fedramp.gov/ns/oscal" value="1234"/>
           <p>This is a test checking that profiles validation fails if more than one response point is specified for a given (control) part.</p>
         </part>
       </add>

src/validations/constraints/content/ssp-attachment-type-INVALID.xml

@@ -5,7 +5,7 @@
                       uuid="12345678-1234-4321-8765-123456789012">
   <back-matter>
     <resource uuid="eeeeeeee-0000-4000-9000-00000000000e">
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-authorization-type-INVALID.xml

@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='authorization-type' value='unsupported-value' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='authorization-type' value='unsupported-value' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>

src/validations/constraints/content/ssp-control-implementation-status-INVALID.xml

@@ -7,7 +7,7 @@
     <implemented-requirement uuid="88888888-0000-4000-9000-000000000008" control-id="ac-1">
       <statement statement-id="ac-1_stmt.a" uuid="99999999-0000-4000-9000-000000000009">
         <by-component component-uuid="55555555-0000-4000-9000-000000000005" uuid="aaaaaaaa-0000-4000-9000-00000000000a">
-          <prop ns="https://fedramp.gov/ns/oscal" name="implementation-status" value="unsupported-status"/>
+          <prop ns="http://fedramp.gov/ns/oscal" name="implementation-status" value="unsupported-status"/>
         </by-component>
       </statement>
     </implemented-requirement>

src/validations/constraints/content/ssp-has-authenticator-assurance-level-INVALID.xml

@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='cloud-service-model' value='unsupported-model' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-service-model' value='unsupported-model' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>

src/validations/constraints/content/ssp-has-configuration-management-plan-INVALID.xml

@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-has-federation-assurance-level-INVALID.xml

@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='cloud-service-model' value='unsupported-model' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-service-model' value='unsupported-model' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>

src/validations/constraints/content/ssp-has-identity-assurance-level-INVALID.xml

@@ -4,6 +4,6 @@
                       xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 https://github.com/usnistgov/OSCAL/releases/download/v1.1.2/oscal_ssp_schema.xsd"
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-characteristics>
-    <prop name='cloud-service-model' value='unsupported-model' ns="https://fedramp.gov/ns/oscal"/>
+    <prop name='cloud-service-model' value='unsupported-model' ns="http://fedramp.gov/ns/oscal"/>
   </system-characteristics>
 </system-security-plan>

src/validations/constraints/content/ssp-has-incident-response-plan-INVALID.xml

@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-has-information-system-contingency-plan-INVALID.xml

@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-has-rules-of-behavior-INVALID.xml

@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-has-user-guide-INVALID.xml

@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-interconnection-direction-INVALID.xml

@@ -9,8 +9,8 @@
       <description>
         <p>Secure connection to an external API for data enrichment.</p>
       </description>
-      <prop name="interconnection-security" value="unsupported-security" ns="https://fedramp.gov/ns/oscal"/>
-      <prop name="interconnection-direction" value="unsupported-direction" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-security" value="unsupported-security" ns="http://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-direction" value="unsupported-direction" ns="http://fedramp.gov/ns/oscal"/>
       <status state="operational"/>
       <responsible-role role-id="system-admin">
         <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>

src/validations/constraints/content/ssp-interconnection-security-INVALID.xml

@@ -9,8 +9,8 @@
       <description>
         <p>Secure connection to an external API for data enrichment.</p>
       </description>
-      <prop name="interconnection-security" value="unsupported-security" ns="https://fedramp.gov/ns/oscal"/>
-      <prop name="interconnection-direction" value="unsupported-direction" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-security" value="unsupported-security" ns="http://fedramp.gov/ns/oscal"/>
+      <prop name="interconnection-direction" value="unsupported-direction" ns="http://fedramp.gov/ns/oscal"/>
       <status state="operational"/>
       <responsible-role role-id="system-admin">
         <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>

src/validations/constraints/content/ssp-leveraged-authorization-has-valid-impact-level-VALID.xml

@@ -162,7 +162,7 @@
   <import-profile href="../../../../dist/content/rev5/baselines/xml/FedRAMP_rev5_HIGH-baseline-resolved-profile_catalog.xml"/>
 
   <system-characteristics>
-    <system-id identifier-type="https://fedramp.gov">F00000001</system-id>
+    <system-id identifier-type="http://fedramp.gov/ns/oscal">F00000001</system-id>
     <system-name>Enhanced Example System</system-name>
     <system-name-short>System's Short Name or Acronym</system-name-short>
     <description>
@@ -321,7 +321,7 @@
       <prop name="allows-authenticated-scan" value="yes"/>
       <prop name="public" value="no"/>
       <prop name="virtual" value="yes"/>
-      <prop name="scan-type" value="database" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="scan-type" value="database" ns="http://fedramp.gov/ns/oscal"/>
       <responsible-party role-id="asset-owner">
         <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>
       </responsible-party>
@@ -355,30 +355,30 @@
       <p>Implementation of controls for the Enhanced Example System</p>
     </description>
     <implemented-requirement uuid="88888888-0000-4000-9000-000000000008" control-id="ac-1">
-      <prop name="control-origination" value="sp-system" ns="https://fedramp.gov/ns/oscal"/>
-      <prop name="implementation-status" value="partial" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="control-origination" value="sp-system" ns="http://fedramp.gov/ns/oscal"/>
+      <prop name="implementation-status" value="partial" ns="http://fedramp.gov/ns/oscal"/>
       <statement statement-id="ac-1_stmt.a" uuid="99999999-0000-4000-9000-000000000009">
       </statement>
       <by-component component-uuid="55555555-0000-4000-9000-000000000005" uuid="aaaaaaaa-0000-4000-9000-00000000000a">
         <description>
           <p>Access Control Policy and Procedures (AC-1) is fully implemented in our system.</p>
         </description>
-        <prop ns="https://fedramp.gov/ns/oscal" name="implementation-status" value="implemented"/>
+        <prop ns="http://fedramp.gov/ns/oscal" name="implementation-status" value="implemented"/>
         <responsible-role role-id="system-admin">
           <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>
         </responsible-role>
       </by-component>
     </implemented-requirement>
 
     <implemented-requirement uuid="bbbbbbbb-0000-4000-9000-00000000000b" control-id="cm-8">
-      <prop name="control-origination" value="sp-system" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="control-origination" value="sp-system" ns="http://fedramp.gov/ns/oscal"/>
       <statement statement-id="cm-8_stmt.a" uuid="cccccccc-0000-4000-9000-00000000000c">
       </statement>
       <by-component component-uuid="55555555-0000-4000-9000-000000000005" uuid="dddddddd-0000-4000-9000-00000000000d">
         <description>
           <p>Information System Component Inventory (CM-8) is partially implemented.</p>
         </description>
-        <prop ns="https://fedramp.gov/ns/oscal" name="implementation-status" value="partial"/>
+        <prop ns="http://fedramp.gov/ns/oscal" name="implementation-status" value="partial"/>
         <responsible-role role-id="system-admin">
           <party-uuid>11111111-0000-4000-9000-000000000001</party-uuid>
         </responsible-role>
@@ -392,7 +392,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="policy" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="policy" ns="http://fedramp.gov/ns/oscal"/>
       <rlink href="https://example.com/policies/access-control.pdf"/>
     </resource>
     <resource uuid="90a128ac-c850-48f6-8fff-a55692f80b41">
@@ -473,7 +473,7 @@
   <description>
      <p>Separation of Duties Matrix</p>
   </description>
-  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="separation-of-duties-matrix"/>
+  <prop ns="http://fedramp.gov/ns/oscal" name="type" value="separation-of-duties-matrix"/>
   <prop name="published" value="2023-01-01T00:00:00Z"/>
   <prop name="version" value="Document Version"/>
   <rlink href="./documents/Sep_Matrix.docx" media-type="application/msword"/>
@@ -489,7 +489,7 @@
   <description>
      <p>Authorization Boundary Diagram</p>
   </description>
-  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
+  <prop ns="http://fedramp.gov/ns/oscal" name="type" value="plan"/>
   <prop name="published" value="2023-01-01T00:00:00Z"/>
   <prop name="version" value="Document Version"/>
   <rlink href="./documents/AuthBoundary.docx" media-type="application/msword"/>
@@ -504,7 +504,7 @@
   <description>
      <p>Network Architecture Diagram</p>
   </description>
-  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
+  <prop ns="http://fedramp.gov/ns/oscal" name="type" value="plan"/>
   <prop name="published" value="2023-01-01T00:00:00Z"/>
   <prop name="version" value="Document Version"/>
   <rlink href="./documents/NetworkArchitecture.docx" media-type="application/msword"/>
@@ -519,7 +519,7 @@
   <description>
      <p>Data flow Diagram</p>
   </description>
-  <prop ns="https://fedramp.gov/ns/oscal" name="type" value="plan"/>
+  <prop ns="http://fedramp.gov/ns/oscal" name="type" value="plan"/>
   <prop name="published" value="2023-01-01T00:00:00Z"/>
   <prop name="version" value="Document Version"/>
   <rlink href="./documents/Dataflo.docx" media-type="application/msword"/>

src/validations/constraints/content/ssp-missing-response-components-INVALID.xml

@@ -8,15 +8,15 @@
       <p>Implementation of controls for the Enhanced Example System</p>
     </description>
     <implemented-requirement uuid="88888888-0000-4000-9000-000000000008" control-id="ac-1">
-      <prop name="control-origination" value="unsupported-origination" ns="https://fedramp.gov/ns/oscal"/>
-      <prop name="implementation-status" value="unsupported-status" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="control-origination" value="unsupported-origination" ns="http://fedramp.gov/ns/oscal"/>
+      <prop name="implementation-status" value="unsupported-status" ns="http://fedramp.gov/ns/oscal"/>
       <statement statement-id="ac-1_stmt.a" uuid="99999999-0000-4000-9000-000000000009">
         <!-- A require by-component reference is missing here, this missing assembly should trigger a constraint violation error. -->
       </statement>
     </implemented-requirement>
 
     <implemented-requirement uuid="bbbbbbbb-0000-4000-9000-00000000000b" control-id="cm-8">
-      <prop name="control-origination" value="unsupported-origination" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="control-origination" value="unsupported-origination" ns="http://fedramp.gov/ns/oscal"/>
       <statement statement-id="cm-8_stmt.a" uuid="cccccccc-0000-4000-9000-00000000000c">
         <!-- A require by-component reference is missing here, this missing assembly should trigger a constraint violation error. -->
       </statement>

src/validations/constraints/content/ssp-profile-response-point-INVALID.xml

@@ -93,8 +93,8 @@
         <link href="#4c0ec2ee-a0d6-428a-9043-4504bc3ade6f" rel="reference"/>
         <link href="#7f473f21-fdbf-4a6c-81a1-0ab95919609d" rel="reference"/>
         <part name="statement" ns="http://csrc.nist.gov/ns/oscal">
-            <prop name="response-point" ns="https://fedramp.gov/ns/oscal" value="123"/>
-            <prop name="response-point" ns="https://fedramp.gov/ns/oscal" value="1234"/>
+            <prop name="response-point" ns="http://fedramp.gov/ns/oscal" value="123"/>
+            <prop name="response-point" ns="http://fedramp.gov/ns/oscal" value="1234"/>
         </part>
 
 </control>

src/validations/constraints/content/ssp-resource-has-base64-or-rlink-INVALID.xml

@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-resource-has-title-INVALID.xml

@@ -8,7 +8,7 @@
       <description>
         <p>Detailed access control policy document</p>
       </description>
-      <prop name="type" value="unsupported-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="type" value="unsupported-type" ns="http://fedramp.gov/ns/oscal"/>
     </resource>
   </back-matter>
 </system-security-plan>

src/validations/constraints/content/ssp-scan-type-INVALID.xml

@@ -5,7 +5,7 @@
                       uuid="12345678-1234-4321-8765-123456789012">
   <system-implementation>
     <inventory-item uuid="77777777-0000-4000-9000-000000000007">
-      <prop name="scan-type" value="unsupported-scan-type" ns="https://fedramp.gov/ns/oscal"/>
+      <prop name="scan-type" value="unsupported-scan-type" ns="http://fedramp.gov/ns/oscal"/>
     </inventory-item>
   </system-implementation>
 </system-security-plan>

src/validations/constraints/fedramp-external-allowed-values.xml

@@ -334,7 +334,7 @@
                 <enum value="in/out">Bi-Directional</enum>
             </allowed-values>
 
-            <allowed-values id="interconnection-security" target="system-implementation/component[@type='interconnection']/prop[@name='interconnection-security'][@ns='https://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
+            <allowed-values id="interconnection-security" target="system-implementation/component[@type='interconnection']/prop[@name='interconnection-security'][@ns='http://fedramp.gov/ns/oscal']/@value" allow-other="no" level="ERROR">
                 <formal-name>Interconnection Security</formal-name>
                 <description>Identifies the type of security applied to the interconnection.</description>
                 <enum value="ipsec">IPsec</enum>