Domain 1 comments

[pve]

notes on CSA guidance v4 update D1

line 76 I like the buildup in de explanation of the 5 characteristics. It is a good sequence from an instructional perspective.

line 136
https://raw.githubusercontent.com/cloudsecurityalliance/CSA-Guidance/master/Images/1.1.3.1-1.png

In training I find this picture a bit confusing. The main points presumably are that compute and storage are separate pools (for most IaaS providers), that each have a management and orchestration layer as well as having a combined (consumer facing) management layer on top of that.
From a semantical perspective, the picture combines layering of functionality with networking thrown in. I propose to delete the networking aspect.
You would then need to adapt the 2 subsequent paragraphs to talk about the orchestration layer instead of the controller.

line 156. see comment at line 136

line 179. "metastructure" , "infostructure", and "applistructure" are neologisms that have confusing and contradictory meanings. Best to avoid.

line 211 good picture.

line 234. Good addition to version 3.

line 294
This part of the domain structure reflects a much needed update to some of the old-school thinking.

What happened to "interoperability and portability"? It does not look like it is included anymore.