narrative links

docs/compliance/reference/800-53/CA.md

@@ -219,11 +219,11 @@ The organization develops a continuous monitoring strategy and implements a cont
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf02nqis000atr5h0">Engine</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vapgr5uce000dismbg">Engine</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf02nqis000atr5h0" class="tab-pane fade in active">
+<div id="b5vapgr5uce000dismbg" class="tab-pane fade in active">
 The CIS Docker Benchmark can be used as a baseline for securing Docker
 Enterprise Edition and for helping the organization meet the
 continuous monitoring requirements of this control. Additional

docs/compliance/reference/800-53/CP.md

@@ -525,12 +525,12 @@ The information system implements transaction recovery for systems that are tran
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0anqis000atr5v0">DTR</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0anqis000atr5vg">UCP</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaph35uce000dismpg">DTR</a></li>
+<li><a data-toggle="tab" data-target="#b5vaph35uce000dismq0">UCP</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0anqis000atr5v0" class="tab-pane fade in active">
+<div id="b5vaph35uce000dismpg" class="tab-pane fade in active">
 Docker Trusted Registry maintains its cluster state via an internal
 key-value store. This, and other DTR transactions can be backed up and
 recovered. Additional information can be found at the following
@@ -539,7 +539,7 @@ resources:
 - https://docs.docker.com/datacenter/dtr/2.2/guides/admin/backups-and-disaster-recovery/
 - https://success.docker.com/Architecture/Docker_Reference_Architecture%3A_Docker_EE_Best_Practices_and_Design_Considerations#DTR_Backup
 </div>
-<div id="b5vaf0anqis000atr5vg" class="tab-pane fade">
+<div id="b5vaph35uce000dismq0" class="tab-pane fade">
 Universal Control Plane maintains its cluster state via an internal
 key-value store. This, and other UCP transactions can be backed up and
 recovered. Additional information can be found at the following

docs/compliance/reference/800-53/RA.md

@@ -114,19 +114,19 @@ The organization employs vulnerability scanning tools that include the capabilit
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6dg">DSS</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0inqis000atr6e0">DTR</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphb5uce000disn80">DSS</a></li>
+<li><a data-toggle="tab" data-target="#b5vaphb5uce000disn8g">DTR</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6dg" class="tab-pane fade in active">
+<div id="b5vaphb5uce000disn80" class="tab-pane fade in active">
 To assist the orgnization in meeting the requirements of this control, the Docker Security Scanning (DSS) component of Docker Trusted Registry
 (DTR) that is included with the Docker Enterprise Edition Advanced
 tier can be used to scan Docker images for vulnerabilities against
 known vulnerability databases. Scans can be triggered either manually
 or when Docker images are pushed to DTR.
 </div>
-<div id="b5vaf0inqis000atr6e0" class="tab-pane fade">
+<div id="b5vaphb5uce000disn8g" class="tab-pane fade">
 The Docker Security Scanning tool allows for the scanning of Docker
 images in Docker Trusted Registry against the Common Vulnerabilities
 and Exposures (CVE) dictionary.
@@ -159,11 +159,11 @@ The organization updates the information system vulnerabilities scanned [Selecti
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6eg">DSS</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphb5uce000disn90">DSS</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6eg" class="tab-pane fade in active">
+<div id="b5vaphb5uce000disn90" class="tab-pane fade in active">
 To assist the orgnization in meeting the requirements of this
 control, the Docker Security Scanning component of Docker Trusted
 Registry (DTR) that is included with the Docker Enterprise Edition
@@ -208,19 +208,19 @@ The organization employs vulnerability scanning procedures that can identify the
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6f0">DSS</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0inqis000atr6fg">DTR</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphb5uce000disn9g">DSS</a></li>
+<li><a data-toggle="tab" data-target="#b5vaphb5uce000disna0">DTR</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6f0" class="tab-pane fade in active">
+<div id="b5vaphb5uce000disn9g" class="tab-pane fade in active">
 To assist the orgnization in meeting the requirements of this
 control, the Docker Security Scanning component of Docker Trusted
 Registry (DTR) that is included with the Docker Enterprise Edition
 Advanced tier identifies vulnerabilities in a Docker image and marks
 them against predefined criticality levels; critical major and minor.
 </div>
-<div id="b5vaf0inqis000atr6fg" class="tab-pane fade">
+<div id="b5vaphb5uce000disna0" class="tab-pane fade">
 The Docker Security Scanning tool allows for the scanning of Docker
 images in Docker Trusted Registry against the Common Vulnerabilities
 and Exposures (CVE).&#39; dictionary
@@ -263,11 +263,11 @@ The information system implements privileged access authorization to [Assignment
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6g0">DSS</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphb5uce000disnag">DSS</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6g0" class="tab-pane fade in active">
+<div id="b5vaphb5uce000disnag" class="tab-pane fade in active">
 Only the appropriate users that the organization has provided Docker
 Trusted Registry access to are able to view and interpret
 vulnerability scan results.
@@ -300,11 +300,11 @@ The organization employs automated mechanisms to compare the results of vulnerab
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6gg">DSS</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphb5uce000disnb0">DSS</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6gg" class="tab-pane fade in active">
+<div id="b5vaphb5uce000disnb0" class="tab-pane fade in active">
 For each Docker image pushed to Docker Trusted Registry at a given
 time, Docker Security Scaninng retains a list of vulnerabilities
 detected. The DTR API can be queried to retrieve the vulnerability

docs/compliance/reference/800-53/SA.md

@@ -341,13 +341,13 @@ The organization requires the developer of the information system, system compon
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6h0">DTR</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0inqis000atr6hg">Engine</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0inqis000atr6i0">UCP</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphj5uce000disnbg">DTR</a></li>
+<li><a data-toggle="tab" data-target="#b5vaphj5uce000disnc0">Engine</a></li>
+<li><a data-toggle="tab" data-target="#b5vaphj5uce000disncg">UCP</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6h0" class="tab-pane fade in active">
+<div id="b5vaphj5uce000disnbg" class="tab-pane fade in active">
 Docker Content Trust gives you the ability to verify both the
 integrity and the publisher of all the data received from a Docker
 Trusted Registry over any channel. It allows operations with a remote
@@ -358,7 +358,7 @@ client-side verification of the integrity and publisher of specific
 image tags. Docker Trusted Registry includes an integrated imaging
 signing service.
 </div>
-<div id="b5vaf0inqis000atr6hg" class="tab-pane fade">
+<div id="b5vaphj5uce000disnc0" class="tab-pane fade">
 Docker Content Trust gives you the ability to verify both the
 integrity and the publisher of all the data received from a Docker
 Trusted Registry over any channel. It allows operations with a remote
@@ -369,7 +369,7 @@ client-side verification of the integrity and publisher of specific
 image tags.
 
 </div>
-<div id="b5vaf0inqis000atr6i0" class="tab-pane fade">
+<div id="b5vaphj5uce000disncg" class="tab-pane fade">
 The organization is responsible for meeting the requirements of this
 control. To assist with these requirements, Docker Content Trust gives
 you the ability to verify both the integrity and the publisher of all

docs/compliance/reference/800-53/SC.md

@@ -59,12 +59,12 @@ The information system separates user functionality (including user interface se
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6ig">DTR</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0inqis000atr6j0">UCP</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphj5uce000disnd0">DTR</a></li>
+<li><a data-toggle="tab" data-target="#b5vaphj5uce000disndg">UCP</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6ig" class="tab-pane fade in active">
+<div id="b5vaphj5uce000disnd0" class="tab-pane fade in active">
 Docker Trusted Registry is made up of a number of backend services
 that provide for both user functionality (including user interface
 services) and system management functionality. Each of these services
@@ -74,7 +74,7 @@ found at the following resources:
 - https://docs.docker.com/datacenter/dtr/2.2/guides/architecture/
 - https://success.docker.com/Architecture/Docker_Reference_Architecture%3A_Docker_EE_Best_Practices_and_Design_Considerations#Docker_Trusted_Registry
 </div>
-<div id="b5vaf0inqis000atr6j0" class="tab-pane fade">
+<div id="b5vaphj5uce000disndg" class="tab-pane fade">
 Universal Control Plane is made up of a number of backend services
 that provide for both user functionality (including user interface
 services) and system management functionality. Each of these services
@@ -442,11 +442,11 @@ The information system provides the capability to dynamically isolate/segregate
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6jg">Engine</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphj5uce000disne0">Engine</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6jg" class="tab-pane fade in active">
+<div id="b5vaphj5uce000disne0" class="tab-pane fade in active">
 Docker Enterprise Edition is designed to run application containers
 whose content can be completely isolated/segregated from other
 application containers within the same node/cluster. This is
@@ -617,11 +617,11 @@ The organization produces, controls, and distributes symmetric cryptographic key
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6k0">Engine</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphj5uce000disneg">Engine</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6k0" class="tab-pane fade in active">
+<div id="b5vaphj5uce000disneg" class="tab-pane fade in active">
 Docker Enterprise Edition can be installed on the following operating systems:
 CentOS 7.1&#43;, Red Hat Enterprise Linux 7.0&#43;, Ubuntu 14.04 LTS&#43;, and
 SUSE Linux Enterprise 12&#43;. In order to meet the requirements of this
@@ -667,11 +667,11 @@ The information system implements [Assignment: organization-defined cryptographi
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6kg">Engine</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphj5uce000disnf0">Engine</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6kg" class="tab-pane fade in active">
+<div id="b5vaphj5uce000disnf0" class="tab-pane fade in active">
 Docker Enterprise Edition can be installed on the following operating systems:
 CentOS 7.1&#43;, Red Hat Enterprise Linux 7.0&#43;, Ubuntu 14.04 LTS&#43;, and
 SUSE Linux Enterprise 12&#43;. In order to meet the requirements of this
@@ -914,28 +914,28 @@ The information system protects the authenticity of communications sessions.
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6l0">DTR</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0inqis000atr6lg">Engine</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0inqis000atr6m0">UCP</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphj5uce000disnfg">DTR</a></li>
+<li><a data-toggle="tab" data-target="#b5vaphj5uce000disng0">Engine</a></li>
+<li><a data-toggle="tab" data-target="#b5vaphj5uce000disngg">UCP</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6l0" class="tab-pane fade in active">
+<div id="b5vaphj5uce000disnfg" class="tab-pane fade in active">
 All remote access sessions to Docker Trusted Registry are protected
 with Transport Layer Security (TLS) 1.2 with the AES GCM cipher. This
 is included at both the HTTPS application layer for access to the DTR
 user interface and for command-line based connections to the registry.
 In addition to this, all communication to DTR is enforced by way of
 two-way mutual TLS authentication.
 </div>
-<div id="b5vaf0inqis000atr6lg" class="tab-pane fade">
+<div id="b5vaphj5uce000disng0" class="tab-pane fade">
 All remote access sessions to Docker Enterprise Edition are protected with
 Transport Layer Security (TLS) 1.2 with the AES GCM cipher. In
 addition to this, all communication to and between Docker Enterprise Editions
 is enforced by way of two-way mutual TLS authentication.
 
 </div>
-<div id="b5vaf0inqis000atr6m0" class="tab-pane fade">
+<div id="b5vaphj5uce000disngg" class="tab-pane fade">
 All remote access sessions to Universal Control Plane are protected
 with Transport Layer Security (TLS) 1.2 with the AES GCM cipher. This
 is included at both the HTTPS application layer for access to the UCP
@@ -971,11 +971,11 @@ The information system invalidates session identifiers upon user logout or other
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6mg">eNZi</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphj5uce000disnh0">eNZi</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6mg" class="tab-pane fade in active">
+<div id="b5vaphj5uce000disnh0" class="tab-pane fade in active">
 Docker Enterprise Edition invalidates session identifiers upon user
 logout per the requirements of this control.
 </div>
@@ -1067,11 +1067,11 @@ The information system protects the [Selection (one or more): confidentiality; i
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6n0">Engine</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphj5uce000disnhg">Engine</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6n0" class="tab-pane fade in active">
+<div id="b5vaphj5uce000disnhg" class="tab-pane fade in active">
 All remote access sessions to Docker Enterprise Edition are protected
 with Transport Layer Security (TLS) 1.2 with the AES GCM cipher. In
 addition to this, all communication to/from and between Docker
@@ -1119,28 +1119,28 @@ The information system implements cryptographic mechanisms to prevent unauthoriz
 **Implemenation Details:**
 
 <ul class="nav nav-tabs">
-<li class="active"><a data-toggle="tab" data-target="#b5vaf0inqis000atr6ng">DTR</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0inqis000atr6o0">Engine</a></li>
-<li><a data-toggle="tab" data-target="#b5vaf0inqis000atr6og">UCP</a></li>
+<li class="active"><a data-toggle="tab" data-target="#b5vaphj5uce000disni0">DTR</a></li>
+<li><a data-toggle="tab" data-target="#b5vaphj5uce000disnig">Engine</a></li>
+<li><a data-toggle="tab" data-target="#b5vaphj5uce000disnj0">UCP</a></li>
 </ul>
 
 <div class="tab-content">
-<div id="b5vaf0inqis000atr6ng" class="tab-pane fade in active">
+<div id="b5vaphj5uce000disni0" class="tab-pane fade in active">
 All remote access sessions to Docker Trusted Registry are protected
 with Transport Layer Security (TLS) 1.2 with the AES GCM cipher. This
 is included at both the HTTPS application layer for access to the DTR
 user interface and for command-line based connections to the registry.
 In addition to this, all communication to DTR is enforced by way of
 two-way mutual TLS authentication.
 </div>
-<div id="b5vaf0inqis000atr6o0" class="tab-pane fade">
+<div id="b5vaphj5uce000disnig" class="tab-pane fade">
 All remote access sessions to Docker Enterprise Edition are protected with
 Transport Layer Security (TLS) 1.2 with the AES GCM cipher. In
 addition to this, all communication to and between Docker Enterprise Editions
 is enforced by way of two-way mutual TLS authentication.
 
 </div>
-<div id="b5vaf0inqis000atr6og" class="tab-pane fade">
+<div id="b5vaphj5uce000disnj0" class="tab-pane fade">
 All remote access sessions to Universal Control Plane are protected
 with Transport Layer Security (TLS) 1.2 with the AES GCM cipher. This
 is included at both the HTTPS application layer for access to the UCP