Identifier Scoping and Uniqueness Documentation Review

[Rene2mt]

This issue is for a comprehensive review of the changes made in PR#941to ensure documentation describes identifier uniqueness and scoping clearly and accurately. The (peer) review should include the following:

Concepts - Identifier User Page Peer Review (see added Identifier Use page )

• [ ] Clear description of identifier types
• [ ] Clear description of identifier description
• [ ] Clear description of identifier scope (review tables)

Metaschemas to Peer Review: (see metaschema identifier description changes)

• [x] Common
  • [x] Oscal_metadata_metaschema.xml
• [x] Control Layer (#1331)
  • [x] Oscal_control-common_metaschema.xml
  • [x] Oscal_catalog_metaschema.xml
  • [x] Oscal_profile_metaschema.xml
• [ ] Implementation Layer
  • [ ] Oscal_implementation-common_metaschema.xml
  • [ ] Oscal_component_metaschema.xml
  • [ ] Oscal_ssp_metaschema.xml
    • [x] #1062
• [ ] Assessment Layer
  • [ ] Oscal_assessment-common_metaschema.xml
  • [ ] Oscal_assessment-plan_metaschema.xml
  • [ ] Oscal_assessment-results_metaschema.xml
  • [ ] Oscal_poam_metaschema.xml

Peer Review Checklist for each of the Metaschemas listed above:

• [ ] Check all "Identifier Declarations" for the following:
  • [ ] Description is satisfactory (e.g., specific enough, grammatically correct, etc.)
  • [ ] Description clearly states if identifier is "machine-oriented" or "human oriented"
  • [ ] Description clearly states the uniqueness of the identifier (e.g. locally vs globally unique)
  • [ ] Description clearly states if the scope (e.g. instance vs cross-instance)
  • [ ] Description is clear in how to externally reference the identifier (e.g. if the OSCAL resource where the identifier is defined is imported into another OSCAL instance)
  • [ ] Description clearly states how revision to the containing OSCAL instance impact the identifier
• [ ] Check all "Identifier References" for the following:
  • [ ] Description is satisfactory (e.g., specific enough, grammatically correct, etc.)
  • [ ] When applicable, indicates the source (local or imported document) of the identifier being referenced

[david-waltermire]

As follow-on work, we could normalize the description to be one or two sentences. The first sentence fragment might start with a verb that describes what the thing does. Such as "Describes what the thing does."

[david-waltermire]

Need to extract RMF constraints into an external constraints file.

[GaryGapinski]

Worthy of mention: UUIDs are not case-sensitive, thus uniqueness and comparisons are not simple equalities.

[aj-stein-nist]

As an epic predating usnistgov/OSCAL#1688 board reorganization, I will want to label this as needs refinement for now until it can be broken down, rescoped, and or closed.