Re: [open-regulatory-compliance] [REMINDER] CRA FAQ Monthly meeting toda

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [open-regulatory-compliance] [REMINDER] CRA FAQ Monthly meeting today!

From: Steffen Zimmermann <steffen.zimmermann@xxxxxxxx>
Date: Wed, 2 Oct 2024 15:19:12 +0000
Accept-language: de-DE, en-US
Arc-authentication-results: i=3; mx.microsoft.com 1; spf=pass (sender ip is 52.17.62.50) smtp.rcpttodomain=eclipse.org smtp.mailfrom=vdma.org; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=vdma.org; dkim=pass (signature was verified) header.d=vdma.org; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=vdma.org] dkim=[1,1,header.d=vdma.org] dmarc=[1,1,header.from=vdma.org])
Arc-authentication-results: i=2; mx.avanan.net; arc=pass; dkim=none header.d=none
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=vdma.org; dmarc=pass action=none header.from=vdma.org; dkim=pass header.d=vdma.org; arc=none
Arc-message-signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8/mJdeHRsIPyUTJzkKUlcfU4qK+2boJFQ+CLZSZt+AA=; b=QKUVzak8uZIANDyWhA6M23cEOjj86yWa/fZcgMHsc21XRUHXqq8CfnbIbgyvkeYblTq6yVLIlReq75N576b7aE8fig59lP6TvtGdGcaUZK7WJhtBjZQOx8Y09fMJAyjJzivevZ/3fcHSvdiQIJB352i+zth8NObhsZU40cJaHPaO0Nl0SHYk6XrwR2MIzt41feHNzuC+MoYQS42Bm13PD4qymIPeayg3xpLNCKUkxi1v6/Gzei3n6Czo0Yqy2YnLsztBv1P3+JlbDXrL/BC/Zg5HiIS2zpQIAeyAEauXbzvETmnEpUyuqEX5lTNsT2g4dn7KHu2CEe70cf/zhhmGig==
Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=avanan.net; s=arcselector01; t=1727882479; h=from : to : subject : date : message-id : content-type : mime-version; bh=8/mJdeHRsIPyUTJzkKUlcfU4qK+2boJFQ+CLZSZt+AA=; b=HOXb/h0F8frYcEgHJaGcoiJqCG1+LmRhar/LY7AHH+F2YPsvUvBNBOtf0TgEcfkrrRRXg rD19G8B/RY0K1UwyFSJ2APVo1fW+3YyhAeM/ozia+dfBsgVuaWD2R7eeOXVeGgsjty7rg/D 1aHDUU4UTe2+pdoy/Tt0a0ZhEBmsHd8=
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8/mJdeHRsIPyUTJzkKUlcfU4qK+2boJFQ+CLZSZt+AA=; b=dEye9TeDBfbydxCAlD8VX35zmIAqz+ocSWQMGbtPm27wARq6Bi6XEbfgjFWLghN6xRuBpl/ByOLrVvbpBU8AK2zYQVJyIB8nZYDAMdRfo4GEbaJnXDlNNBXfwuMB97hKriE2Nt9+wub/Wam/fzd18+NKJRGLnbHzoqZq9Q9Ixiu6vECOpcftVVhja25YqRkqGQ5pvtKgul8f89DFFr0sQ5FMHbSIsjPM8mzOdV2+WNxE9gyozcS7tqt+BxAi766WUB1KdtBxoDQxgtth4f+U8i5lvRKsiHc4uCpclMSUmyPp3bxvpXyfCnZkK93NfmwFlWW2qjc/mzN/FYSAqBxfrg==
Arc-seal: i=3; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass; b=KeDscrEsPKakbad0V/cdeP18hPAZViC4tqF5x7WutUPmnnT+L+vtUrkSxYhtJ1W44m4gglie/V1D9w6jsqYHFY0SEicNN2oNpOOj/5Dsx6ZgwK076+K/yAxOYPv7Sk7YSE+Xh+uZVVdwPYJdJ+NugzHwCm62TDp9B64O9mgwey1nLjMycsd5jdhmdtlmRPKvwSeTBqkCANd8al3S5VFaAjdc1N/SogiG0i53Bi+hgt1YdpGHEvderq+RV9duN8HAjS67+ICWTsjMFQEONeYkxPIXICQ/Jt5alfe2GC5h1YS0/10tLITfKwrE4SPnkc5fFPSXORchSikR2GanybNExQ==
Arc-seal: i=2; cv=pass; a=rsa-sha256; d=avanan.net; s=arcselector01; t=1727882479; b=OuYeMKVLcStl+7eVM9G4jJvpMbBdWJZXwIYW0NODSq7F5rLcHfIXY0Q9VvQRWWgkHOLNe 6uRBYYU+93QnZONVkS2y6iPd8F7396bXxOqV6IZNMU9eqJNESk+yxbDMCzd1stg6ubY71PC A5cgotcEGhph/XpJsJgF323YxER86ak=
Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=lbUKwKK9o5OvG/++yQE5asabC4y39wBiyKMROtVxRH011/zEntLmEA1rlTqlEiqO3hCn1Dz1UpNBfBvq3fmtGNMusCVT98JP1BsDsgjbvwIaMZ/tuUmLE+KuYhcNMO4O0Bw1dwF7PglJD4uNXoMlO+1YvBegQu04ngZ1QGr5wzltt6/T8C42Dndb+/W48ghwk+q4nVwR06tUimrUooGwmxHZH3IPO/jNDhP5jp6yiGTIwhQ3Q+DQ76CmOReFftTm3L3WKHsLanlSWPDh7C52aVf9yDEIm9FjZOc3UAq2lzmF469FlRQSkDwKwrtDLyMpqOQGUX4bGF8vF+rK/Ew9Xg==
Delivered-to: open-regulatory-compliance@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/open-regulatory-compliance/>
List-help: <mailto:open-regulatory-compliance-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/open-regulatory-compliance>, <mailto:open-regulatory-compliance-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/open-regulatory-compliance>, <mailto:open-regulatory-compliance-request@eclipse.org?subject=unsubscribe>
Thread-index: AQHbExREnadcfQn0+kqkhVB/+EqZjrJzlnvQ
Thread-topic: [open-regulatory-compliance] [REMINDER] CRA FAQ Monthly meeting today!

Dear all,

a bit late, but here is some news regarding CRA from the German BSI. I did not found time to look into the docs.

On October 1, the BSI published the updated version of its technical report for SBOM. BSI sees this “TR”s as national standards.

But that's not all: the BSI has also published DRAFTS of a technical report on the requirements of the Cyber Resilience Act (Part 1) and a technical guideline for handling incoming vulnerability reports (Part 3).

There is an opportunity for public comment on the drafts for Parts 1 and 3.

Overview:

The Technical Guideline TR-03183: Cyber Resilience Requirements for Manufacturers and Products aims to make the type of requirements that manufacturers will face under the future Cyber Resilience Act accessible to them in advance. The Cyber Resilience Act was published as a draft of the EU Commission in September 2022 and is currently in the legislative process. The Technical Guideline can also be updated following possible changes to the Cyber Resilience Act compared to the draft text.

https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/Technische-Richtlinien/TR-nach-Thema-sortiert/tr03183/TR-03183_node.html

Parts 1 to 3 of the BSI TR 03183

Part 1 “General Requirements” compiles requirements for manufacturers and products based on the requirements from articles and annexes of the Cyber Resilience Act.

Download Technical Guideline TR-03183: Cyber Resilience Requirements for Manufacturers and Products - Part 1: General requirements Version 0.9.0 (PDF)

Part 2, “Software Bill of Materials (SBOM)”, describes formal and technical requirements for software bill of materials.
Download Technical Guideline TR-03183: Cyber Resilience Requirements for Manufacturers and Products - Part 2: Software Bill of Materials (SBOM) Version 2.0.0 (PDF)

Part 3, “Vulnerability Reports and Notifications”, describes how to handle incoming vulnerability reports.
Download Technical Guideline TR-03183: Cyber Resilience Requirements for Manufacturers and Products - Part 3: Vulnerability Reports and Notifications (PDF)

Parts 1 and 3 have been published as community drafts. Experts are invited to send comments and feedback to tr03183@xxxxxxxxxxx by November 30, 2024.

Mit den besten Grüßen,

Steffen Zimmermann

Industrial Security @ VDMA

Von: open-regulatory-compliance <open-regulatory-compliance-bounces@xxxxxxxxxxx> Im Auftrag von Tobie Langel via open-regulatory-compliance
Gesendet: Montag, 30. September 2024 10:39
An: Open Regulatory Compliance Working Group <open-regulatory-compliance@xxxxxxxxxxx>
Cc: Tobie Langel <tobie@xxxxxxxxxxxxxx>
Betreff: [open-regulatory-compliance] [REMINDER] CRA FAQ Monthly meeting today!

Hi all,

Quick reminder that we have our monthly meeting for the CRA FAQ later today at 5:30pm CEST. The zoom link is here: https://eclipse.zoom.us/j/83208483452

The agenda's on GitLab; we'll mostly be reviewing open issues and seeing how we can make progress on them.

Looking forward to seeing you there.

Best,

--tobie

---

Tobie Langel

Tech Lead Open Regulatory Compliance WG, Eclipse Foundation

Principal, UnlockOpen

References:
- [open-regulatory-compliance] [REMINDER] CRA FAQ Monthly meeting today!
  - From: Tobie Langel

Prev by Date: Re: [open-regulatory-compliance] [REMINDER] CRA FAQ Monthly meeting today!
Next by Date: Re: [open-regulatory-compliance] EU Open Source Week 2025 : Brussels & FOSDEM
Previous by thread: Re: [open-regulatory-compliance] [REMINDER] CRA FAQ Monthly meeting today!
Next by thread: [open-regulatory-compliance] Welcome Nokia!
Index(es):
- Date
- Thread

Breadcrumbs