Open Telos-sa opened 3 months ago
question - need to understand something
There are three tables in the SSP Appendix Q template for cryptographic modules (https://www.fedramp.gov/assets/resources/templates/SSP-Appendix-Q-Cryptographic-Modules-Table.docx). Data at Rest, Data in Transit, and Other. FedRAMP has provided guidance with props for data-at-rest and data-in-transit. There is no instruction for how to handle the other cryptographic components.
Should the prop[@name= cryptographic-module-usage] be excluded when the module has not been identified as in transit, or at rest. Or should we leverage "other" to denote the other elements.
components[@type=validation]props[prop@name=cryptographic-module-usage]
No response
This is a ...
question - need to understand something
This relates to ...
What is your feedback?
There are three tables in the SSP Appendix Q template for cryptographic modules (https://www.fedramp.gov/assets/resources/templates/SSP-Appendix-Q-Cryptographic-Modules-Table.docx). Data at Rest, Data in Transit, and Other.
FedRAMP has provided guidance with props for data-at-rest and data-in-transit. There is no instruction for how to handle the other cryptographic components.
Should the prop[@name= cryptographic-module-usage] be excluded when the module has not been identified as in transit, or at rest. Or should we leverage "other" to denote the other elements.
Where, exactly?
components[@type=validation]props[prop@name=cryptographic-module-usage]
Other information
No response