Do not require a protocol/@name for usnistgov#1772

Per discussion with community members and the nature of port, protocol, and service declarations in a OSCAL SSP model instances for RMF use cases, like FedRAMP and others. It would appear the model, per the Metaschema declarations and documentation, require a port range has a name that is commonly the IANA service name, which should be optional. Otherwise, developers and security officials will need to create an arbitrary name that does not strictly conform to the documentation. More details can be found in the issue thread referenced below by URL. usnistgov#1772 (comment)
aj-stein-gsa · Nov 13, 2024 · 0178480 · 0178480
1 parent 4f02dac
commit 0178480
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/metaschema/oscal_implementation-common_metaschema.xml b/src/metaschema/oscal_implementation-common_metaschema.xml
@@ -254,7 +254,7 @@
                   <!-- Identifier Declaration -->
                   <description>A <a href="https://pages.nist.gov/OSCAL/concepts/identifier-use/#machine-oriented">machine-oriented</a>, <a href="https://pages.nist.gov/OSCAL/concepts/identifier-use/#globally-unique">globally unique</a> identifier with <a href="https://pages.nist.gov/OSCAL/concepts/identifier-use/#cross-instance">cross-instance</a> scope that can be used to reference this service protocol information elsewhere in <a href="https://pages.nist.gov/OSCAL/concepts/identifier-use/#scope">this or other OSCAL instances</a>. The locally defined <em>UUID</em> of the <code>service protocol</code> can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned <a href="https://pages.nist.gov/OSCAL/concepts/identifier-use/#consistency">per-subject</a>, which means it should be consistently used to identify the same subject across revisions of the document.</description>
             </define-flag>
-            <define-flag name="name" required="yes">
+            <define-flag name="name">
                   <formal-name>Protocol Name</formal-name>
                   <description>The common name of the protocol, which should be the appropriate "service name" from the <a href="https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml">IANA Service Name and Transport Protocol Port Number Registry</a>.
                   </description>