mirror of
https://github.com/gocsaf/csaf.git
synced 2025-12-22 05:40:11 +01:00
207 lines
3.9 KiB
JSON
207 lines
3.9 KiB
JSON
[
|
|
{
|
|
"num": 1,
|
|
"description": "Valid CSAF documents",
|
|
"messages": [
|
|
{
|
|
"type": 1,
|
|
"text": "No remote validator configured"
|
|
},
|
|
{
|
|
"type": 0,
|
|
"text": "All advisories validated fine against the schema."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 2,
|
|
"description": "Filename",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "All found filenames are conforming."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 3,
|
|
"description": "TLS",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "All tested URLs were HTTPS."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 4,
|
|
"description": "TLP:WHITE",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "All advisories labeled TLP:WHITE were freely accessible."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 5,
|
|
"description": "TLP:AMBER and TLP:RED",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "No advisories labeled TLP:AMBER or TLP:RED tested for accessibility."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 6,
|
|
"description": "Redirects",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "No redirections found."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 7,
|
|
"description": "provider-metadata.json",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "Found good provider metadata."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 8,
|
|
"description": "security.txt",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "Performed no test of security.txt since the direct url of the provider-metadata.json was used."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 9,
|
|
"description": "/.well-known/csaf/provider-metadata.json",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "Performed no test on whether the provider-metadata.json is available under the .well-known path since the direct url of the provider-metadata.json was used."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 10,
|
|
"description": "DNS path",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "Performed no test on the contents of https://csaf.data.security.DOMAIN since the direct url of the provider-metadata.json was used."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 11,
|
|
"description": "One folder per year",
|
|
"messages": [
|
|
{
|
|
"type": 2,
|
|
"text": "No year folder found in {{.URL}}/white/avendor-advisory-0004.json"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 12,
|
|
"description": "index.txt",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "Found {{.URL}}/white/index.txt"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 13,
|
|
"description": "changes.csv",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "Found {{.URL}}/white/changes.csv"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 14,
|
|
"description": "Directory listings",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "All directory listings are valid."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 15,
|
|
"description": "ROLIE feed",
|
|
"messages": [
|
|
{
|
|
"type": 2,
|
|
"text": "ROLIE feed based distribution was not used."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 16,
|
|
"description": "ROLIE service document",
|
|
"messages": [
|
|
{
|
|
"type": 1,
|
|
"text": "No ROLIE service document found."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 17,
|
|
"description": "ROLIE category document",
|
|
"messages": [
|
|
{
|
|
"type": 1,
|
|
"text": "No ROLIE category document found."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 18,
|
|
"description": "Integrity",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "Fetching {{.URL}}/white/avendor-advisory-0004.json.sha256 failed: Status code 404 (404 Not Found)"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 19,
|
|
"description": "Signatures",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "All signatures verified."
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"num": 20,
|
|
"description": "Public OpenPGP Key",
|
|
"messages": [
|
|
{
|
|
"type": 0,
|
|
"text": "1 public OpenPGP key(s) loaded."
|
|
}
|
|
]
|
|
}
|
|
]
|
|
|