Modify validation for telephone-numbers>number

[Telos-sa]

User Story:

We have outlined the user story and goals for this enhancement on NIST OSCAL Repo issue 2041

There are validation constraints the oscal-cli uses for telephone-numbers>number that are not outlined in the OSCAL SSP json schema

Acceptance Criteria

• [ ] All website and readme documentation affected by the changes in this issue have been updated.
• [ ] A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
• [ ] The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.

[iMichaela]

@Telos-sa - in general none of the OSCAL constraints are implemented in the schemas because it is not possible. The Schematron rules were used for the OSCAL XML to validate the artifacts and ensure the constraints are following the OSCAL Reference (documentation) for the JSON constraints. Please review https://pages.nist.gov/OSCAL-Reference/models/v1.1.2/system-security-plan/json-reference/#/system-security-plan/metadata/parties/telephone-numbers - in particular the information presented below.

I am not sure what is the purpose of this issue. @Telos-sa - could you please clarify the expectations? Thank you.

[Telos-sa]

@iMichaela I guess we're just confused with where these constraints are coming from and how we could apply them programmatically. I understand that this is all covered in the outline on the link you provided - we are very familiar with this resource.

The concern is how will we be able to programmatically implement these constraints in the module we've created for exporting OSCAL. We currently leverage the JSON schemas for the different models - so our hope is that these various constraints for specific fields could be represented in the schemas somehow.