oasis-tcs · santosomar · Jul 23, 2021 · Jul 23, 2021 · Jul 23, 2021 · Jul 23, 2021
diff --git a/csaf_2.0/json_schema/aggregator_json_schema.json b/csaf_2.0/json_schema/aggregator_json_schema.json
@@ -1,6 +1,6 @@
 {
   "$schema": "https://json-schema.org/draft/2020-12/schema",
-  "$id": "https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/aggregator_json_schema.json",
+  "$id": "https://docs.oasis-open.org/csaf/csaf/v2.0/aggregator_json_schema.json",
   "title": "CSAF aggregator",
   "description": "Representation of information where to find CSAF providers as a JSON document.",
   "type": "object",
@@ -31,17 +31,17 @@
         "publisher": {
           "title": "Publisher",
           "description": "Provides information about the issuing party for this entry.",
-          "$ref": "https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/provider_json_schema.json#/properties/publisher"
+          "$ref": "https://docs.oasis-open.org/csaf/csaf/v2.0/provider_json_schema.json#/properties/publisher"
         },
         "role": {
           "title": "Role of the issuing party",
           "description": "Contains the role of the issuing party according to section 7 in the CSAF standard.",
-          "$ref": "https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/provider_json_schema.json#/properties/role"
+          "$ref": "https://docs.oasis-open.org/csaf/csaf/v2.0/provider_json_schema.json#/properties/role"
         },
         "url": {
           "title": "URL of the metadata",
           "description": "Contains the URL of the provider-metadata.json for that entry.",
-          "$ref": "https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/provider_json_schema.json#/properties/canonical_url"
+          "$ref": "https://docs.oasis-open.org/csaf/csaf/v2.0/provider_json_schema.json#/properties/canonical_url"
         }
       }
     },
@@ -54,7 +54,7 @@
       "items": {
         "title": "Mirror",
         "description": "Contains the base URL of the mirror for this issuing party.",
-        "$ref": "https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/provider_json_schema.json#/$defs/provider_url_t"
+        "$ref": "https://docs.oasis-open.org/csaf/csaf/v2.0/provider_json_schema.json#/$defs/provider_url_t"
       }
     }
   },
@@ -212,4 +212,4 @@
       "format": "date-time"
     }
   }
-}
+}
diff --git a/csaf_2.0/json_schema/csaf_json_schema.json b/csaf_2.0/json_schema/csaf_json_schema.json
@@ -1,6 +1,6 @@
 {
   "$schema": "https://json-schema.org/draft/2020-12/schema",
-  "$id": "https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/csaf_json_schema.json",
+  "$id": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json",
   "title": "Common Security Advisory Framework",
   "description": "Representation of security advisory information as a JSON document.",
   "type": "object",

diff --git a/csaf_2.0/json_schema/provider_json_schema.json b/csaf_2.0/json_schema/provider_json_schema.json
@@ -1,6 +1,6 @@
 {
   "$schema": "https://json-schema.org/draft/2020-12/schema",
-  "$id": "https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/provider_json_schema.json",
+  "$id": "https://docs.oasis-open.org/csaf/csaf/v2.0/provider_json_schema.json",
   "title": "CSAF provider metadata",
   "description": "Representation of metadata information of a CSAF provider as a JSON document.",
   "type": "object",
@@ -195,7 +195,7 @@
     "publisher": {
       "title": "Publisher",
       "description": "Provides information about the publisher of the CSAF documents in this repository.",
-      "$ref": "https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/csaf_json_schema.json#/properties/document/properties/publisher"
+      "$ref": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json#/properties/document/properties/publisher"
     },
     "role": {
       "title": "Role of the issuing party",

diff --git a/csaf_2.0/prose/csaf-v2-editor-draft.md b/csaf_2.0/prose/csaf-v2-editor-draft.md
@@ -6,7 +6,7 @@
 
 ## Committee Specification Draft 01 /<br>Public Review Draft 01
 
-## 20 July 2021
+## 23 July 2021
 
 #### Technical Committee:
 [OASIS Common Security Advisory Framework (CSAF) TC](https://www.oasis-open.org/committees/csaf/)
@@ -460,7 +460,7 @@ The CSAF schema Version 2.0 builds on the JSON Schema draft 2020-12 rules.
 The schema identifier is (before publication):
 
 ```
-    "$id": "https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/csaf_json_schema.json"
+    "$id": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json"
 ```
 
 The further documentation of the schema is organized via Definitions and Properties.
@@ -4755,7 +4755,7 @@ Redirects SHOULD NOT be used. If they are inevitable only HTTP Header redirects
 
 ### 7.1.7 Requirement 7: provider-metadata.json
 
-The party MUST provide a valid `provider-metadata.json` according to the schema [CSAF provider metadata](https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/provider_json_schema.json) for its own metadata. The `publisher` object SHOULD match the one used in the CSAF documents of the issuing party but can be set to whatever value a CSAF aggregator should display over any individual `publisher` values in the CSAF documents themselves.
+The party MUST provide a valid `provider-metadata.json` according to the schema [CSAF provider metadata](https://docs.oasis-open.org/csaf/csaf/v2.0/provider_json_schema.json) for its own metadata. The `publisher` object SHOULD match the one used in the CSAF documents of the issuing party but can be set to whatever value a CSAF aggregator should display over any individual `publisher` values in the CSAF documents themselves.
 
 > This information is used to collect the data for CSAF aggregators, listers and end users. The CSAF provider metadata schema ensures the consitency of the metadata for a CSAF provider across the ecosystem. Other approaches, like extracting the `publisher` object from CSAF documents, are likely to fail if the object differs between CSAf documents.
 >
@@ -5000,7 +5000,7 @@ The public part of the PGP key used to sign the CSAF documents MUST be available
 
 ### 7.1.21 Requirement 21: List of CSAF providers
 
-The file `aggregator.json` MUST be present and valid according to the JSON schema [CSAF aggregator](https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.0/json_schema/aggregator_json_schema.json). It MUST not be stored adjacent to a `provider-metadata.json`.
+The file `aggregator.json` MUST be present and valid according to the JSON schema [CSAF aggregator](https://docs.oasis-open.org/csaf/csaf/v2.0/aggregator_json_schema.json). It MUST not be stored adjacent to a `provider-metadata.json`.
 
 > Suggested locations to store the `aggregator.json` are:
 >
@@ -5605,7 +5605,7 @@ Zach | Turk | Microsoft
 
 | Revision | Date | Editor | Changes Made |
 | :--- | :--- | :--- | :--- |
-| csaf-v2.0-wd20210720-dev | 2021-07-20 | Stefan Hagen and Thomas Schmidt| Preparing next Editor revision for TC review |
+| csaf-v2.0-wd20210723-dev | 2021-07-23 | Stefan Hagen and Thomas Schmidt| Preparing next Editor revision for TC review and submittal as CSD for public review|
 
 # Appendix C. Guidance on the Size of CSAF Documents