uucp - unix to unix copy. Not needed if the packages are not installed
games - used to hold records of games not needed
gopher - original "web" interface. Not needed.
ftp - used for managing anonymous ftp. Not needed if ftp not installed
nobody - required. Too many packages (and NFS) use this to indicate an anonymous use. Don't delete.
rpc - only if you use remote procedure calls
Vcsa - virtual console memory. I believe this one is required.
polkituser - used for an authorization framework. (man polkit). I think this one is mandatory, but not sure.
nscd - name service cache daemon. This is only needed if running a local cache only name server (nscd).
rpcuser - the UID used with remote procedure calls. I believe this is to sandbox the service daemon.
nfsnobody - Newer version of nobody. This one is specific for NFS.
postfix - only needed if you use the postfix mail service.
mailnull - account for mail spool files
smmsp - same as mailnull (different UIDs for different use)
sshd - used to protect against ssh login hacking.
haldaemon - hardware device database support. I think this one is still mandatory.
Some of this may be a bit dated - I'm sure stevea will correct me.
Many of these are only present to give applications/utilities an owner other than root. If you are a DoD site, you should only need to document their usage, AND show that they cannot be logged in, either remotely or locally. One explanation for them is as "placeholder" UID assignments that prevent them from being accidentally used improperly.
Some of these (well, sshd at least) have specific mandatory SELinux labels associated with the accounts.