Editorial Suggestions from Expert ZA/NM on OpenChain Security Assurance (WG3 N2348) 2022-09-08

[shanecoughlan]

Please see attached document for editorial adjustment suggestions.

Source: Expert ZA/NM on OpenChain Security Assurance (WG3 N2348) 2022-09-08 Editorial Suggestions from Expert ZA:NM on OpenChain Security Assurance (WG3 N2348) 2022-09-08.docx

[stephenkilbaneadi]

ZA/NNM01 Not in specification ZA/NM02 Sure. Or “is focused”. ZA/NM03 Disagree: “processes” is plural, so “are” is appropriate. ZA/NM04 2.12, not 2.4. Proposed change is possible. Could also do “Information in” at the start. ZA/NM05 Adding “certifying” to last bullet takes it a step further. Just “Exporting Information”?

[shanecoughlan]

These comments were reviewed on our work group call on 2022-09-27 and were either included as editorial feedback or marked out of scope for OpenChain Security Assurance Specification 1.0, with a memo to return to them when working on OpenChain Security Assurance Specification 2.0.

Rationale:

==

We will hold a special call to discuss ISO/IEC WG/SC27 comments on Tuesday the 27th of September 2022 at 08:00 UTC.

We are providing some guidance on the review of these comments and suggestions.

(1) Our specification was completed after a multi-month process in March 2022, and it was ratified by our board for ISO/IEC JTC-1 PAS submission on the 14th of September 2022 (2) Therefore OpenChain Security Assurance Specification 1.0 is functionally complete (3) We should review the ISO/IEC WG comments with this perspective (4) We are looking for editorial adjusts for clarity and errors (5) We are not looking to change the scope or function of OpenChain Security Assurance Specification 1.0 or any immediate clarity / error adjusted successor (6) This is because we want to proceed with our JTC-1 PAS submission as approved by the OpenChain Governing Board (7) But we can place any comments for scope and function adjustment into a deferred status (8) And we will return to them for discussion around inclusion in OpenChain Security Assurance Specification 2.0

[shanecoughlan]

Issue moved to Spec 2.0 discussion.

[shanecoughlan]

Moved Scope / Rewording to https://github.com/OpenChain-Project/Security-Assurance-Specification/issues/18