Bug 1234268

Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.

Authoring a guide to writing SCAP content would be akin to authoring a guide to writing C++ code. It's a bit out of scope for Red Hat. Such material can be bought on Amazon (e.g. http://www.amazon.com/Security-Automation-Essentials-Streamlined-Enterprise/dp/0071772510/ref=sr_1_3?ie=UTF8&qid=1435168817&sr=8-3&keywords=scap).

With that said, perhaps this BugZilla could pivot to create documentation on "Using SCAP Workbench to Create Custom Security Configuration Baselines." With SCAP Workbench now shipping in RHEL7, this seems much more in scope and useful.

(In reply to Shawn Wells from comment #3)
> Authoring a guide to writing SCAP content would be akin to authoring a guide
> to writing C++ code. It's a bit out of scope for Red Hat. Such material can
> be bought on Amazon (e.g.
> http://www.amazon.com/Security-Automation-Essentials-Streamlined-Enterprise/
> dp/0071772510/ref=sr_1_3?ie=UTF8&qid=1435168817&sr=8-3&keywords=scap).
> 
> With that said, perhaps this BugZilla could pivot to create documentation on
> "Using SCAP Workbench to Create Custom Security Configuration Baselines."
> With SCAP Workbench now shipping in RHEL7, this seems much more in scope and
> useful.

Disclaimer: I don't know much about SCAP.

I do, however, completely agree with this sentiment. Our documentation resources are spread so thin we can't properly cover what's expected of us; we don't need to branch out into writing books of this nature when there are already suitable works available.

I think we should be focusing on what our customers are doing or want to do with our products, and writing content that helps them to achieve that. 
1. Here is the task. 
2. Here is the tool for the job. 
3. This is how you use 2. to achieve 1.

Sounds all very reasonable to me.

Reassigning BZ to the SCAP Workbench queue, since the goal is to author documentation on using Workbench to tailor SCAP content that's shipping natively in RHEL.

(this also adds Martin Priesler, the maintainer of SCAP Workbench, into the conversation)

We can use the existing SCAP Workbench User Manual as source material for this documentation, see https://fedorahosted.org/scap-workbench/raw-attachment/wiki/UserManual/user_manual.html

I'd appreciate any feedback about what's missing in the manual.

Hello Martin,
I would welcome explicit section in SCAP Workbench manual [or anywhere on open-scap.org portal] describing how to introduce new rules [even by frankensteining rules present in content]. Basically what to do, when I have custom system, and want to use openscap for my own purposes.

Because right now, the information about this scenario is simply not there. [even the information that you have to do it either by hand, or via SCE engine, or cannot do it at all].

This BZ has been kicked down the road for multiple years and is just embarrassing at this point. Suggest closing as WONTFIX. 

Refer to comment #3.

With the endless backlog that exists today, having this linger for multiple more years is not useful to anyone.