Title: REQ: Update Section 4.1 Audit Requirements — require explicit WebTrust attestation for server authentication EKU
- Updated
Requirements.mdSection 4.1 to require explicit WebTrust attestation language for server authentication EKU.
- Aligns Microsoft Audit Requirements with recent clarifications in EN 319 411-2 and ensures consistency with CCADB automation parsing requirements.
Requirements.md: Section 4.1 — added clause that specifies the required attestation wording and upload process.Changelog.md: appended a row proposing the change.
- EN 319 411-2: https://www.etsi.org
- https://aka.ms/auditreqs
| 1.1 | 2025-12-22 | Updated Audit Requirements in Section 4.1 to require WebTrust attestation for server authentication EKU |
- Added
msroot@microsoft.comas a reviewer and requested explicit sign-off.
- This change affects Audit Requirements; WebTrust selected
- Proposed attestation wording included in the PR body
- CCADB actions documented in related issue #456 (example)
- Timelines added and owner named
- Audit submission issue opened: #456
- Updated
Requirements.mdwith the final wording and section number(s) - Added or updated
Changelog.mdwith version, date, and short summary - Provided a short rationale and authoritative reference link(s) in the PR body
- Marked Program-team reviewers and requested
msroot@microsoft.comsign-off - Verified Markdown renders correctly (preview) and tables align
This PR is an example to demonstrate the expected fields and approach for audit-related changes.