New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Improvement] SMK24 - Check if time limits are consistent #17
Comments
Potential issue in 3.4.2 verification materials vs main requirement in 3.4.2 |
As per call 2023-10-17, take language from Licensing 2.1: == A program that is OpenChain conformant with this version of the specification shall last 18 months from the date conformance validation was obtained. The conformance validation registration procedure can be found on the OpenChain project's website. 3.6.2.1 - A document affirming the program meets all the requirements of this security specification, within the past 18 months of obtaining conformance validation. == ADJUSTED FOR BOTH SPECS with rationale that reference material (how to validate conformance) should be clearly non-prescriptive because it is a "how" item that may vary across industries: == A program that is OpenChain conformant with this version of the specification shall last 18 months from the date conformance validation was obtained. 3.6.2.1 - A document affirming the program meets all the requirements of this specification, within the past 18 months of obtaining conformance validation. == A CONSIDERATION item is whether we should we "A document affirming the program meets all the requirements of this specification, within the past 18 months of obtaining conformance validation." or "A document affirming the program meets all the requirements of this [security][licensing] specification, within the past 18 months of obtaining conformance validation." Perhaps the former is easier and clearer. Included in this revision for that reason. A TODO item is to create better conformance validation information in the FAQ. |
Adjustment due to numbering difference between Licensing and Security Spec. Security Spec will look as follows: A program that is OpenChain conformant with this version of the specification shall last 18 months from the date conformance validation was obtained. 3.4.2.1 - A document affirming the program meets all the requirements of this specification, within the past 18 months of obtaining conformance validation. |
As per call 2023-10-17 addressed via this issue: #17
Addressed here: |
SMK24: 3.4.2.1: The 18m time limit is now consistent with the range of time limits given in 3.4.2.
The text was updated successfully, but these errors were encountered: