Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 13th of September 2022.
| Jira No | Summary | Description | Status | Solution |
|---|---|---|---|---|
| Finishing the RACI Matrix | https://wiki.onap.org/display/DW/Project+State%3A+Unmaintained Some description modifications "or Delegated" in the TSC responsibility + TSC should be on updates. | ongoing | Present updates to TSC (Muddasar). | |
List of cryptographic protocols used in ONAP | Currently existing Wiki is not updated: We could link to IANA with list of cypher up to date: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4 To consider default choice as best practice to use. We focus first on the external API communication for the cyphers. Tony proposed to make a direct reference per table to IANA in SECCOM Wiki. | ongoing | ||
| PTLs meeting | SECCOM Kohn upgrades status update: DMaaP is finding false positive misidentification - waiting for more details from Fiachra. Update on the Security Logging Fields and Global Requirement - need PoC for Python based containers. For Java based containers PTLs should strat adopting that. | ongoing | We come back to PTLs at the next meeting with next update. | |
| TSC meeting | Catherine moving to TAC, not clear who is going to be a new TSC chair 3GPP YANG models usage and licensing problem – storing source code | ongoing | ||
LFN projects after Amy’s discussion with Ranny | Security SME discussion for LFN TAC: https://wiki.lfnetworking.org/display/LN/2022+Security+SME+seat+role+definition
| started | ||
Update about Sonarcloud | Bob opened the ticket: https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/IT-24461?sda_source=notification-email, all languages that are supported, are enabled. Some test, demo or archived code was obsered. | closed | ||
| Ticket created by Thomas Kulik | New request from Thomas: https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/IT-24491 | resolved - not an issue | ||
SECCOM MEETING CALL WILL BE HELD ON 20th OF September'22. | Architecture review template to be reviewed. MITRE SCDR discussion. |
Recordings:
SECCOM presentation: