You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Sep 21, 2023. It is now read-only.
As an OSCAL user, I might find it difficult to make bug reports on OSCAL data because I can't share the data. How can I show the bug?
A little OSCAL data-obfuscator demo that rewrote OSCAL fragments (even invalid) into a 'blind' variant, with local save, could be helpful in this regard.
This could potentially be done in XSLT 1.0, assuming the right specs (around complications such as UUIDs etc).
The text was updated successfully, but these errors were encountered:
As an OSCAL user, I might find it difficult to make bug reports on OSCAL data because I can't share the data. How can I show the bug?
A little OSCAL data-obfuscator demo that rewrote OSCAL fragments (even invalid) into a 'blind' variant, with local save, could be helpful in this regard.
This could potentially be done in XSLT 1.0, assuming the right specs (around complications such as UUIDs etc).
I personally love this idea! This is actually the impetus behind doing the leg work in usnistgov/OSCAL#1119 to pave the way for such a tool: to facilitate the sharing of debugging data and general information sharing in the long-term! The requirements work around this, after threat modeling, is to know which fields should be "redacted" and which others should not, and in combination with one another as "sensitive information" (Controlled Unclassified Information or a more objective interpretation of sensitive) to build criteria for such tools.
I love this idea, and I will send you an email with internal memos from other information security colleagues about the context around this, and why such a tool would be wonderfully important.
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
As an OSCAL user, I might find it difficult to make bug reports on OSCAL data because I can't share the data. How can I show the bug?
A little OSCAL data-obfuscator demo that rewrote OSCAL fragments (even invalid) into a 'blind' variant, with local save, could be helpful in this regard.
This could potentially be done in XSLT 1.0, assuming the right specs (around complications such as UUIDs etc).
The text was updated successfully, but these errors were encountered: