Giters
OpenChain-Project
/
Security-Assurance-Specification
Geek Repo:
Geek Repo
Github PK Tool:
Github PK Tool
Stargazers:
19
Watchers:
8
Issues:
33
Forks:
6
OpenChain-Project/Security-Assurance-Specification Issues
Scope Suggestions from Expert RU/OP on OpenChain Security Assurance Specification 1.0 (WG3 N2348) 2022-09-17
Closed
21 days ago
Comments count
7
Comments on OpenChain security specification 1.1 - Maturity model consideration
Closed
21 days ago
Comments count
1
[Improvement] SMK10 - Suggested addition of documented review process
Closed
21 days ago
Comments count
3
[Improvement] Expand definitions section for (1) Secure Software Development to include Secure Programming Techniques and (2) Security Testing to include Static and Dynamic
Closed
2 months ago
Comments count
14
[New Material] What is a quality or complete SBOM for licensing or security use cases?
Closed
3 months ago
Comments count
8
Add triage entry to specific situations where vulnerability not appliable
Closed
3 months ago
Comments count
10
[Improvement] ZA/NM05 - Proposed rewording for 3.1.5
Closed
3 months ago
Comments count
6
[Improvement] SMK15 - First bullet of 3.1.5 seems to be asking for more than Known Vulnerabilities
Closed
4 months ago
[Improvement] SMK20 - Customer agreement ask may be too much
Closed
4 months ago
Comments count
1
[Improvement] Change review period to 12 months to align with ISO 17021 for certification of management systems
Closed
6 months ago
Comments count
6
[Improvement] SMK24 - Check if time limits are consistent
Closed
9 months ago
Comments count
4
[Bug] "Scope" section mixed with Definitions in earlier edit cycle
Closed
10 months ago
Comments count
4
[Improvement] SMK04 - Adjustment to Language
Closed
10 months ago
Comments count
1
[Improvement] Adjust SBOM definition to align with Licensing Spec 3.0
Closed
a year ago
Comments count
4
[Improvement] Align "Terms and Definitions" in Section 2 with Licensing Spec 3.0
Closed
a year ago
Comments count
6
[Improvement] Clarify Stated Purpose (Github) and Scope (specification)
Closed
a year ago
Comments count
2
[Improvement] SMK13 - Add program objectives
Closed
a year ago
Comments count
7
[Improvement] Comments on the Known Vulnerability in the proposed Security Assurance Specification
Closed
a year ago
Comments count
4
[Improvement] Clarifying the "Get Customer" requirement in Section 3.3.2 to make the logic clearer
Closed
a year ago
Comments count
2
[Improvement] Revisit Definitions 2.7 - Open Source
Closed
a year ago
Comments count
5
[Improvement] CERT #2 - Please add definitions for “remediate” and “mitigate”
Closed
a year ago
Comments count
4
[Improvement] Include "mitigation" in Section 3.3.2 - Security Assurance
Closed
a year ago
Comments count
1
[Improvement] Include "remediation" and "mitigation" in Section 3.1.5 - Standard Practice Implementation
Closed
a year ago
Comments count
1
[Improvement] CERT #3 - Under the Competence category, add requirements
Closed
a year ago
Comments count
2
[Improvement] CERT #4 - Add references to ISO/IEC Standards
Closed
a year ago
Comments count
2
Scope Suggestions from Expert CERT on OpenChain Security Assurance Specification 1.0 (WG3 N2348) 2022-09-07
Closed
a year ago
Comments count
5
Editorial Suggestions from Expert ZA/NM on OpenChain Security Assurance (WG3 N2348) 2022-09-08
Closed
2 years ago
Comments count
4
Various comments
Closed
2 years ago
Comments count
6
Comments on the proposed Security Assurance Specification
Closed
2 years ago
Comments count
5
TOC would be possible, but there are blocking items
Closed
2 years ago
Comments count
2
Commentary on architecture-based and model-based approach for developing the security and the assurance for a generic OpenSource Supply Chain
Closed
2 years ago
Comments count
1
Security Assurance Reference Guide 2.0 / Specification Release Candidate 1 - Defining SBOM
Closed
2 years ago
Comments count
1
Security Assurance Reference Guide 2.0 DRAFT - Defining Security Testing
Closed
2 years ago
Comments count
1