Re: [open-regulatory-compliance] What is the practical drop dead date fo

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [open-regulatory-compliance] What is the practical drop dead date for knowing specific obligations to satisfy EU-CRA evidentiary materials for open-source stewards

From: Tobie Langel <tobie@xxxxxxxxxxxxxx>
Date: Wed, 8 Jan 2025 16:25:06 +0100
Delivered-to: open-regulatory-compliance@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/open-regulatory-compliance/>
List-help: <mailto:open-regulatory-compliance-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/open-regulatory-compliance>, <mailto:open-regulatory-compliance-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/open-regulatory-compliance>, <mailto:open-regulatory-compliance-request@eclipse.org?subject=unsubscribe>

On Wed, Jan 8, 2025 at 4:08 PM Dick Brooks via open-regulatory-compliance <open-regulatory-compliance@xxxxxxxxxxx> wrote:

Given the current EU-CRA timeline, what would people consider to be the “drop dead” date when open-source stewards MUST know what evidentiary materials are expected to be provided to comply?

I know that “lead time” will need to consider the level of effort required to produce evidentiary materials, so that will need to be factored into whatever drop dead date is determined.
There is a defined milestone for December 11, 2025. Will the evidentiary requirements for open-source software stewards need to be identified before this deadline?

You can find deadlines for CRA application in our FAQ: https://github.com/orcwg/cra-hub/blob/main/faq.md#q-when-does-the-cra-enter-into-force-and-when-does-the-regulation-start-to-apply

The one coming up the most quickly is the vulnerability management requirements.

--tobie

References:
- [open-regulatory-compliance] What is the practical drop dead date for knowing specific obligations to satisfy EU-CRA evidentiary materials for open-source stewards
  - From: Dick Brooks

Prev by Date: [open-regulatory-compliance] What is the practical drop dead date for knowing specific obligations to satisfy EU-CRA evidentiary materials for open-source stewards
Next by Date: [open-regulatory-compliance] Cyber Resilience SIG weekly calls start next Monday at 4pm CET
Previous by thread: [open-regulatory-compliance] What is the practical drop dead date for knowing specific obligations to satisfy EU-CRA evidentiary materials for open-source stewards
Next by thread: [open-regulatory-compliance] 🌟 Welcome to 2025: A Year of Collaboration and Growth for ORC WG!
Index(es):
- Date
- Thread

Breadcrumbs