- Short summary of the change and the exact section(s) modified (e.g., “Updated Section 3.1.6: Key Usage wording”).
- One or two sentences explaining why the change is required (policy update, audit alignment, editorial fix, etc.).
- Bullet list of files modified (e.g.,
Requirements.md: Section 3.1.6 updated).
- Links to authoritative sources (CABForum, WebTrust/ETSI, CCADB, aka.ms links).
- Proposed
Changelog.mdline (version | YYYY-MM-DD | Short summary): | 1.x | YYYY-MM-DD | Short summary: "..." |
- If this change affects audit, trust, or program behavior, @msroot@microsoft.com must be added as a reviewer and explicit sign-off requested.
- Does this change affect Audit Requirements? If yes, indicate which standard applies: WebTrust / ETSI / Equivalent.
- Have you included proposed attestation wording or the text required for auditors?
- Have you documented any CCADB actions required (upload, attestation metadata) and who will perform them?
- Have you added timelines for auditor/CCADB contact and expected completion dates?
- Did you add
msroot@microsoft.comas a reviewer and request explicit Program sign-off? - Opened an Audit submission issue using
.github/ISSUE_TEMPLATE/audit-submission.mdand linked it here (issue #...)
- Updated
Requirements.mdwith the final wording and section number(s) - Added or updated
Changelog.mdwith version, date, and short summary - Provided a short rationale and authoritative reference link(s) in the PR body
- Marked Program-team reviewers and requested
msroot@microsoft.comsign-off if policy- or audit-affecting - Verified Markdown renders correctly (preview) and tables align
Tip: Use PR titles following the pattern REQ:, ADD:, or CHG: (e.g., REQ: Update Section 3.1.6 Key Usage wording).