Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Certification content: first draft #49

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Certification content: first draft #49

wants to merge 1 commit into from

Conversation

cecille
Copy link
Contributor

@cecille cecille commented Feb 24, 2025

First three sections and index are ready for full review (membership, development and self-pre-test).

Remaining documentation is placeholders based on the spreadsheet.

@cecille
Certification content: first draft
ce7f1ae 
First three sections and index are ready for full review
(membership, development and self-pre-test).

Remaining documentation is placeholders based on the spreadsheet.
@github-actions GitHub Actions
Copy link

Preview deployed at https://d2doqw88td69eq.cloudfront.net/pr-49

cecille
cecille commented Feb 24, 2025
View reviewed changes
content/Certification/certifying_a_product/development.md
The certification declaration is provided by the CSA after a device is
certified. It is tied to the vendor and product ID (or IDs) of the certified
device, and is signed by CSA. The public key corresponding to the signing key is
well known and distributed by the CSA (TODO: It shows up everywhere, but where's
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jcps07 - do you know where the cert for this key is published officially?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Production CD Signing Certs are publicly available in the Distributed Compliance Ledger (DCL) (Main-Net):

CD Signing Certs Root CA:

CD Signing Cert SKIDs:

content/Certification/certifying_a_product/development.md

### Matter on-boarding materials (QR codes and manual codes)

- TODO: need a way to address custom flow and the different requirements for
Copy link
Contributor Author

@cecille cecille Feb 24, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@amolivo - Do you know if there is material that covers this already? The tricky part is that i'm pretty sure this was just wrong in prior revisions of the specification. see https://github.com/CHIP-Specifications/connectedhomeip-spec/pull/10582

content/Certification/certifying_a_product/development.md

Product manufacturers should be aware that the CSA has a sunset policy in effect
for prior specification revisions. The sunset policy is available in full at
(TODO: where's the sunset policy?).
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@amolivo - this is an SC thing right? Is this actually published anywhere?

content/Certification/certifying_a_product/development.md
certification planning for the product since all updates need to be
re-certified.

[//]: #(TODO: do we want to talk about factory shipping image / 0-day split?
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe a question for RS re: proposals around OTA during commissioning.

content/Certification/certifying_a_product/factory_market.md
- add links to the marketing requirements for setup codes
- additional badging? WW programs?
### Works-with programs
- TODO: is that a universal name?
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@amolivo ??

content/Certification/certifying_a_product/development.md

## Other

ANN - any other MP TTs that should fall into this bucket?
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@amolivo

content/Certification/certifying_a_product/ota_recert.md
![](../imgs/ota_recert.png)

Placeholder with questions:
- ANN - do you have text around why OTAs and recertification are important
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@amolivo

content/Certification/certifying_a_product/ota_recert.md

Placeholder with questions:
- ANN - do you have text around why OTAs and recertification are important
- PETR - does the compatibility matrix cover which ecosystems pick up OTAs from the DCL vs. internal?
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

uh...no idea what Petr's github is, but imagine I tagged him here.

jcps07
jcps07 reviewed Feb 26, 2025
View reviewed changes
content/Certification/certifying_a_product/factory_market.md

## DCL
- add links to the DCL how-to information
- still missing - timeline of when updates should happen and a simplified text around who has to make the updates
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd recommend adding a link to the DCL Guide within the Handbook: https://handbook.buildwithmatter.com/guides/distributedcomplianceledger/

Additionally, I have these steps to validate the following FAQ: Why is my product still showing the "not certified" message?
It could be added as a FAQ or as a "Next Steps"...

After a product completes the certification process, verify the following steps:

  1. Submit the Model and Model-Version data to the DCL for the Alliance to create its associated Compliance entry in the DCL. Refer to HowTo - Writing to the DCL.pdf

  2. After the Compliance entry has been added to the DCL by the Alliance, ensure the following steps are completed for a commissioner to recognize the product as certified:

  • The Vendor information is present in the Vendor Info schema in the DCL.
  • The firmware's Certification Declaration (CD) and Basic Information Cluster match the information in the DCL 'Model' and 'Model-Version' entries.
  • The CD includes the VID and PID used in the Device Attestation Credential (DAC).
  • The DACs are properly chained to a PAA approved in the DCL

The final step is to wait for commissioners to update their local DCL image. This process typically takes no longer than 24 hours, though the timing may vary based on each manufacturer's implementation. If the "uncertified device" warning persists after this period, contact the Commissioner's support team to confirm if additional steps are required on their platform.

@jcps07 jcps07 requested a review from amolivo February 26, 2025 19:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jcps07 jcps07 jcps07 left review comments

@amolivo amolivo Awaiting requested review from amolivo

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cecille @jcps07 @amolivo