Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Formalize ID Format #42

Open
eddie-knight opened this issue Nov 7, 2024 · 4 comments
Open

Formalize ID Format #42

eddie-knight opened this issue Nov 7, 2024 · 4 comments

Comments

@eddie-knight
Copy link
Contributor

A suggestion from @TheFoxAtWork is to consider incorporating the category into the ID.

overall this looks fine and it makes sense to reorganize. Perhaps it may be beneficial to alter the numbering scheme to reflect the category?
OSPS-AC-1.1
OSPS-AC-1.2
OSPS-AC-1.3
OSPS-AC-2.1
OSPS-AC-2.2

in doing this method, it allows for sorting by category. the numerical value also indicates the level and component under that level we're referring to. further, we can continue to add criteria for any we miss without having to rework criteria numbering and reorganization. this means in the event new categories need added, we have a schema for them.

#34 (review)

@TheFoxAtWork
Copy link

I would like to upvote this suggestion to save our future selves a lot of headache.

@david-a-wheeler
Copy link
Contributor

I recommend NOT using numbers for ids at ALL. Instead, use short names. Numbers have no intrinsic meaning, and using number ranges will mess up everything if a category overflows. Using simple names makes everything MUCH MUCH easier to follow.

E.g., instead of OSPS-01 use OSPS-MFA or similar.

@TheFoxAtWork
Copy link

Also perfectly acceptable so long as we don't have to recategorize these if we need to add or remove them.

@eddie-knight
Copy link
Contributor Author

@david-a-wheeler and @SecurityCRob have agreed to suggest some alternative formats.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants