Our regular monthly meeting continued our work to edit the next generation of our license compliance and security assurance specifications. Our focus this time was on some open issues around the next generation of the Security Assurance Specification.
The specific issues we covered:
Add triage entry to specific situations where vulnerability not applicable:
Outcome: improved language suggested, needs work to further tighten phrasing.
Comments on the Known Vulnerability in the proposed Security Assurance Specification:
Outcome: issue closed with adjustment to language in the specification.
Current draft of next generation security specification here: