Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

NFR003 - Security - Non-repudiation: unclear wording #41

Closed
8 of 31 tasks
bluesteens opened this issue May 1, 2023 · 1 comment · Fixed by #66
Closed
8 of 31 tasks

NFR003 - Security - Non-repudiation: unclear wording #41

bluesteens opened this issue May 1, 2023 · 1 comment · Fixed by #66
Labels
bug Something isn't working Steering - Review Proposal and Completed work must be reviewed by Steering.

Comments

@bluesteens
Copy link
Member

bluesteens commented May 1, 2023
edited by rceleste125
Loading

for Steering

NFR003 contains a mix of SHALL and SHOULD that makes it unclear whether the auditability and logging are obligations or -good-to-haves. suggest determining OCI's intention and reword accordingly.

wording:

Solution SHOULD implement an audit trail including non-repudiable digital signatures for all ATP Credential transactions realized on the system. User authentication and activities SHALL be logged. Audit trail SHALL be available for user inspection.

Triage:

  • Is Issue appropriate for OCI Architecture
  • Assign Size
  • Assign Priority
  • Assign Label (if needed)
  • OCI affected Artifacts Identified
  • Assign Triage - Artifact Version Target (v x.x.x Milestone)
  • Assign Triage - Interop Profile Version Target (v x.x.x Milestone)
  • Create sub-project (if needed)

Affected Parties (help determine Sunrise/Sunset):

  • Trading Partners
  • Issuers
  • Wallet Solutions
  • PI Verification Solutions

Affected OCI Artifact

  • Schema Document
  • Identity Schema
  • ATP Schema
  • Issuer Conformance Criteria
  • Wallet Conformance Criteria
  • VRS Solution Conformance Criteria
  • Wallet API Specification
  • Governance Document
  • Conformance Program
  • OCI Website
  • Internal Process

Change Category (Guides Steering Review)

- Steering/Industry Review

  • Business-Level (May affect business operations)
  • OCI Governance, Policy or website feature

- Steering/Industry Notification

  • Technical-Level (Does not affect business operations)
  • OCI Internal Process or Infrastructure

Communication

  • Website
  • Newsletter
  • email:
  • Other:
@bluesteens bluesteens added the bug Something isn't working label May 1, 2023
@bluesteens
Copy link
Member Author

already addressed by #43

@bluesteens bluesteens linked a pull request Jun 22, 2023 that will close this issue
NFR003-009-010 #66
Merged
@rceleste125 rceleste125 added the Steering - Review Proposal and Completed work must be reviewed by Steering. label Jul 17, 2023
@rceleste125 rceleste125 mentioned this issue Oct 5, 2023
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
bug Something isn't working Steering - Review Proposal and Completed work must be reviewed by Steering.
Projects
OCI Change Management
Status: Done - Published
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

NFR003-009-010 Open-Credentialing-Initiative/Digital-Wallet-Conformance-Criteria
2 participants
@bluesteens @rceleste125