Update certificate-governance.md

guides/certificate-governance.md

@@ -134,9 +134,9 @@ In case that a CSCA must be revoked, member states SHALL inform the DGCG operato
 In case that the DGCG<sub>TLS</sub> certificate or the DGCG<sub>TA</sub> certificate must be revoked, the DGCG operator and the Member States must work together to establish a new trusted TLS connection and trust list.
 
 ## 3.4	Certificates for Staging Environments
-The member states and the DCC operator will use staging- (i.e. preproduction-) and test-environments to test the system before they move to production or when new features are released. It is strongly RECOMMENDED that public key certificates and the related key material is not reused between the environments. Hence, member states SHOULD use different public key certificates and private keys for all environments (i.e. test, staging, production). This applies to all certificates of the member states, i.e. NB<sub>CSCA</sub>, NB<sub>TLS</sub>, NB<sub>UP</sub> and all DSCs. The DCCG<sub>TA</sub> certificates will be different for test, staging and production environments. All other certificates used by the DCCG SHOULD be different across all the environments as well.
+The connected countries and the DCC operator will use staging- (i.e. preproduction-) and test-environments to test the system before they move to production or when new features are released. All newly on-boarded countries MUST ensure that public key certificates and the related key material is not reused between the environments. Hence, countries MUST use different public key certificates and private keys for all environments (i.e. test, staging, production). This applies to all certificates of the connected countries, i.e. NB<sub>CSCA</sub>, NB<sub>TLS</sub>, NB<sub>UP</sub> and all DSCs. The DCCG<sub>TA</sub> certificates will be different for test, staging and production environments. All other certificates used by the DCCG MUST be different across all the environments as well.
 
-There are multiple reasons why certificates should not be reused across different environments. One reason is that the corresponding private keys must be copied from one system to the other and typically staging and test environments do not enjoy the same level of protection as production environments. This puts the security of the private keys at risk. In the scope of the DCC system there is an additional risk that DSCs issued for testing purpose are published on the production DCCG and these DSCs could be used to issue valid DCCs. Other member states cannot differentiate between a test and production DSC when the same CSCA is used in both environments. Using different CSCAs in staging and production environments avoids this problem altogether.
+There are multiple reasons why certificates should not be reused across different environments. One reason is that the corresponding private keys must be copied from one system to the other and typically staging and test environments do not enjoy the same level of protection as production environments. This puts the security of the private keys at risk. In the scope of the DCC system there is an additional risk that DSCs issued for testing purpose are published on the production DCCG and these DSCs could be used to issue valid DCCs. Other countries cannot differentiate between a test and production DSC when the same CSCA is used in both environments. Using different CSCAs in staging and production environments avoids this problem altogether.
 
 # 4	 Certificate Templates
 The following sections contain cryptographic requirements and guidance as well as requirements on certificate templates. For the DGCG certificates, this section defines the certificate templates. Please also refer to the certificate generation examples in this [guide](https://github.com/eu-digital-green-certificates/dgc-participating-countries/blob/main/gateway/CertificatePreperation.md).