[SCAP-On-Apple] [Announce] Community-based Settings Curation for OSX & iOS

Shawn Geddis geddis at apple.com
Wed May 29 12:02:53 PDT 2013

SCAP-On-Apple User and Dev Community,
(cross-post to Fed-Talk Community)

The day has final come to begin digging in your heels with your shoulder to the grindstone!

Several have been working hard behind the scenes, for several months now, to establish a bulk of the initial settings for OSX and iOS for public review, discussion, modifications and ultimately for approval and posting to the data feeds provided from this project.  We have had some time and resource constraints that have negatively impacted our ability to reach this point on our original target date.  Now, your wait is over and we can all dig in our heels and move this effort forward in a joint effort to bring the best and brightest together in a concerted effort for Settings Curation.

I wanted to give everyone a bit of structure and guidance on how we plan to proceed to maximize our time, talents and goals for this project.  

Flow of Settings Curation - Iterative Process

Selection of the next BLOCK of settings		[selection by SCAP Core Team]
Generation of a Ticket for each setting 		[for Tracking & Reference purposes]
Blog posting of next Settings Block			[announce posting of next block]
Daily Community Review & discussion		[Community review/discussion via List]
Weekly Closeout of Review				[Tickets closed one week after creation]
Post Curated Settings to Repository		[Post updated data repositories & feeds]

In addition to the users and developers in this community, this process will also have close involvement by individuals from NIST, NSA and SCAP Experts to ensure a solid review and submission process is accomplished.

You will notice that we are targeting a weekly closeout of settings.  This will give us a 'rolling review' and ONE FULL WEEK for review/feedback/modifications of each setting.  We do not anticipate any setting requiring more time than that for vetting, but if it does, we will place the settings ticket on hold for later followup.  

We plan to prefix the corresponding settings tickets with a designated CCE# which, among other things, will aid this community in long term tracking of activity and outcome for any given CCE / setting.

Data Feeds
The data feeds necessary for testing will also be pulled and hosted here as a 'developing authoritative data feed'.  Once we have completed our curated  

We have several hundred settings right now and anticipate throughout this process that some may be significantly modified, dropped, added or approved as is.  Guidance is that you jump right in on areas you are most knowledgable on and then progress to those you are unfamiliar or interested in learning more about with community discussion. 

Tool Vendors
We encourage all tool vendors to participating and contribute validation feedback on all data tested from here against your own available tool sets.  Right now this activity would be premature in the process, but keep this in mind for your organization's resource planning.

We want to Thank You all in advance for waiting on us for so long and for your willingness to actively engage in the SCAP-On-Apple Project.

If for any reason you have questions or comments, please do not hesitate to send them directly to this list for community feedback as well.  Contact / Admin email addresses are also in the signature below.

Shawn Geddis				  			 
Enterprise Security Consulting Engineer, Apple  					[geddis at apple.com]
SCAP-On-Apple Project/Dev Lead:		     		   
				Project Wiki		    			    [http://SCAP-On-Apple.MacOSForge.Org]
				Mailing Lists	      [http://scap-on-apple.macosforge.org/trac/wiki/MailingList]
				SCAP Contact						       [scap-cotact at macosforge.org]
				SCAP Admin							      [scap-admin at macosforge.org]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/scap-on-apple/attachments/20130529/d6fa7f41/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4418 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/scap-on-apple/attachments/20130529/d6fa7f41/attachment.p7s>

More information about the SCAP-On-Apple mailing list