From b79508ba0618af22947823a5f1527a731f8e0535 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:07:00 +0200 Subject: [PATCH 01/15] ARF: Remove stray "ng" --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index 4c9fcfe..05ba9b9 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -917,7 +917,7 @@ If all the legal and technical criteria have been met, including: - ex-ante supervisory activities by Member State supervisory bodies, -- both the body providing EUDI Wallets and the ng PID Providers have +- both the body providing EUDI Wallets and the PID Providers have been published by the Commission (in accordance with Article 5d), - the information notified by Member States for publication of lists From a7f97e261bb469ff72046e4ba0e25c54c694d690 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:07:33 +0200 Subject: [PATCH 02/15] ARF: Remove extraneous article --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index 05ba9b9..b5f5214 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -1206,7 +1206,7 @@ updates and adoption: obligation or automatic acceptance by any third party, or automatically means cross-border recognition. -- The Attestation Rulebooks catalogue can be the in the same +- The Attestation Rulebooks catalogue can be in the same environment as the catalogue of attributes. Implementation of these principals will be discussed further in detail. From 25fdef226ef82067fe25f5b1e2fba4e2d16f7241 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:08:24 +0200 Subject: [PATCH 03/15] ARF: Fix spelling and plurals --- docs/arf.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/arf.md b/docs/arf.md index b5f5214..1a0584f 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -1218,9 +1218,9 @@ that will be implemented in the eco-system. \[Topic 25\] and \[Topic 26\] (combined into one topic), present the current and foreseen status of the catalogues, their creation, -distribution, discover, management and maintenance, that will allow -simple updates procedures, not burdening the process on the one hand, -while ensuring consistent and on-going mechanism to keep the catalogues +distribution, discovery, management and maintenance, will allow +simple update procedures, not burdening the process on the one hand, +while ensuring consistent and on-going mechanisms to keep the catalogues updated and accessible to the relevant actors, both those that create the content and those that use, consume and process the attributes and the attestations, and - last but not least - for the general public. From 6f8c435f1878672790f7abb356a0bdc05a208014 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:08:39 +0200 Subject: [PATCH 04/15] ARF: Missing "r" on Provider --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index 1a0584f..3ae6f07 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -1475,7 +1475,7 @@ These two aspects are discussed in the next two subsections. A PID Provider Access Certificate Authority or Attestation Provider Access Certificate Authority (CA) issues one or more access certificates -to the PID Provider or to the Attestation Provide. A PID Provider or an +to the PID Provider or to the Attestation Provider. A PID Provider or an Attestation Provider needs such a certificate to authenticate itself towards a Wallet Instance when issuing a PID or an attestation to it, as described in [section 6.6.2.2](#6622-wallet-instance-authenticates-the-pid-provider-or-attestation-provider). A PID Provider access certificate From ceedda04f5e001bb29561be2ddd818d02a01f446 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:09:48 +0200 Subject: [PATCH 05/15] ARF: Drop erroneous plural --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index 3ae6f07..55ecb6a 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -1505,7 +1505,7 @@ Subsequently, each Registrar includes the CA in a PID Provider Access CA Trusted List or Attestation Provider Access CA Trusted List. This Trusted List contains at least the trust anchor(s) of the CA. A Wallet Instance can use these trust anchors to verify the authenticity of a PID -Provider or an Attestation Provider access certificates during the +Provider or an Attestation Provider access certificate during the issuance of a PID or an attestation. For more information, see \[Topic 31\]. From 137afa15f197f6b48effc4a86f81c8beb6318770 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:10:30 +0200 Subject: [PATCH 06/15] ARF: Missing possessive apostrophe --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index 55ecb6a..084b059 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -1798,7 +1798,7 @@ Provider. The Wallet Provider is responsible at least to: The User will be able to request the Wallet Provider to suspend or revoke the Wallet Instance at least in case of loss or theft of the -Users device. See \[Topic 38\]. +User's device. See \[Topic 38\]. In case the Wallet Instance contains a PID, the PID Provider may request the Wallet Provider to revoke the Wallet Instance in case the natural From 09f8775c88094cf09a2ba570e43557942126373c Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:10:55 +0200 Subject: [PATCH 07/15] ARF: Insert missing article --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index 084b059..a487854 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -2416,7 +2416,7 @@ User before allowing the User to present the attributes. Note that: - This trust is not based on the outcome of any verification by the Relying Party but is a-priori trust in (in particular) the certified - WSCD used by Wallet Instance. + WSCD used by the Wallet Instance. - Using this method implies that Relying Parties also trust device binding, as described in section [6.5.3](#653-wallet-instance-activation). The Relying Party Instance From 36f951d2d47d27d5ba75ea762e9f49a8fe37c8aa Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:14:05 +0200 Subject: [PATCH 08/15] ARF: Fix conjugation for future tense --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index a487854..d922319 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -2667,7 +2667,7 @@ national certification schemes (following [Article 5c](https://eur-lex.europa.eu which will serve as a harmonised guideline for the development of these transitory national certification schemes. It will leverage the use of relevant and existing CSA certification schemes by establishing -specifications, procedures and references technical standards for +specifications, procedures and reference technical standards for certification. This can include procedures and methods on how to derive evaluation activities from an architecture analysis, as well as a reference certification or a minimum set of risks to be mitigated. From 3a3c83e30dee892f05ae2d550fde417b025ba3ea Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:14:36 +0200 Subject: [PATCH 09/15] ARF: Fix phrasing Unsure whether the intent is "supported by" or "support for." --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index d922319..4db023e 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -2736,7 +2736,7 @@ external components, such as the Wallet users' devices. Finally, non-cybersecurity requirements should ensure functional interoperability of the EUDI Wallet. To this end, the IA aims to define -a requirement to CABs for functional testing, for example support by +a requirement to CABs for functional testing, for example supported by test-suites or test cases. #### 7.2.2 Certification of EUDI Wallet solutions in the long term From 25c408056e1b5010a7db8b2875c7f433ff967e9b Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:16:13 +0200 Subject: [PATCH 10/15] ARF: Plural "threats" as summed up --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index 4db023e..d366a17 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -2852,7 +2852,7 @@ Cryptographic Application (WSCA) and Wallet Secure Cryptographic Device Threats can be defined according to different threat models, such as the STRIDE approach for security threat risks, and the LINDDUN framework for privacy threat modelling. Such models allow to inspire and categorise -threat such as spoofing, tampering, information disclosure, or linking. +threats such as spoofing, tampering, information disclosure, or linking. While security and privacy are closely related, they do start from a different mindset. Both security threat modelling and privacy threat modelling aim to create a system model, identify threats systematically From 9d1c6b78788b4370f225fb693662b5d3cc97e985 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:22:17 +0200 Subject: [PATCH 11/15] ARF: Fix "wallet architectures" plural --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index d366a17..feb745f 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -2888,7 +2888,7 @@ through work in the CSG: Wallet to reach that level of assurance. - The transitory schemes are defined by the Member States which may - tailor them to their specific Wallets architectures However, the aim + tailor them to their specific Wallet architectures. However, the aim is to harmonise the underlying principles through the IA and provide guidance or common requirements where relevant as no mutual recognition of the national certification schemes is provided. From 1db7dcb6d30abdbf29a514edef185a0897e6e084 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:23:13 +0200 Subject: [PATCH 12/15] ARF: Fix plural for "certification schemes" --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index feb745f..1517353 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -2896,7 +2896,7 @@ through work in the CSG: - The certification scheme will be a composite scheme. The object certification will be the entire system (eID scheme, EUDI Wallet, management thereof). It will therefore have to align with and rely - on other available international standards, certifications schemes, + on other available international standards, certification schemes, and conformity assessments. - Certification should cover both cross-functional requirements, From 3be647867c1d9a925bb696f584699f1d6150fa95 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:23:28 +0200 Subject: [PATCH 13/15] ARF: Substitute multiplication I believe the intended meaning is closer to "multitude" or "abundance." Multiplication begs the question of what is being multiplied. --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index 1517353..9ee5010 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -2903,7 +2903,7 @@ through work in the CSG: including security and privacy, as well as functional requirements in order to ensure European interoperability. -- The final EUDI Wallet certification implies a multiplication of +- The final EUDI Wallet certification implies a multitude of certificates, however, the aim is to minimise this number to the extent possible. From 8ef58a61187e6761eae0ff50cae88321b103b628 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:26:20 +0200 Subject: [PATCH 14/15] ARF: Add missing article --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index 9ee5010..e2f4280 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -3034,7 +3034,7 @@ contributions are valued and recognised. ### 8.3 Document Versioning To avoid interoperability issues and changes to the ARF going unnoticed, -version control system and the following semantic versioning scheme +a version control system and the following semantic versioning scheme (https://semver.org) will be used for the ARF. The ARF document will be published under a standardized release From 54e4efc7b80ec83cb6c837e15bea2bccbb0c35c8 Mon Sep 17 00:00:00 2001 From: toonn Date: Mon, 10 Jun 2024 14:26:40 +0200 Subject: [PATCH 15/15] ARF: Drop erroneous possessive apostrophe --- docs/arf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/arf.md b/docs/arf.md index e2f4280..1883805 100644 --- a/docs/arf.md +++ b/docs/arf.md @@ -3112,7 +3112,7 @@ For undated references, the latest version available applies. | \[Topic 19\] | Annex 2 - EUDI Wallet User Navigation requirements (Dashboard logs for transparency) | | \[Topic 23\] | Annex 2 - PID issuance and (Q)EAA issuance | | \[Topic 25\] | Annex 2 - Unified definition and controlled vocabulary for attestation attributes | -| \[Topic 26\] | Annex 2 - Attestations' Catalogue | +| \[Topic 26\] | Annex 2 - Attestations Catalogue | | \[Topic 27\] | Annex 2 - Relying Party registry | | \[Topic 30\] | Annex 2 - Interaction between EUDI Wallets | | \[Topic 31\] | Annex 2 - PID, Wallet and Attestation Providers registration |