Hello,

Currently for references (STIGID, NIST, CUI, etc.) in our yaml content, we use a form of shortening

the reference for STIGID and CCI e.g.

For CCI, we do something like the following:

```

disa: 2165,2696

```

For STIGID, we do something like the following:

```

stigid: "020210"

```

This is was nice in the day that we only had just RHEL content, but now, we have Oracle, SuSE, Ubuntu, and the framework for macOS. Also, it would be nice to keep the build system agnostic

of different reference identifiers formats for different platforms. Many users just copy/paste the

references or use script changes in some way. Other repos use the full notation. As the STIGID

and CCI are the only 2 references we short form, I am thinking that we should remove this short

form notation and replace with the full notation to make it easier to script and copy/paste changes

in addition to making it an easier experience for users coming from different repositories. 

What do you think? Keep the same form? Use the full notation?

Thanks for your time,

Gabe

_______________________________________________
scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org
To unsubscribe send an email to scap-security-guide-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org