Versions Compared

Old Version 8

changes.mady.by.user Linda Horn

Saved on

compared with

New Version 9

changes.mady.by.user Samuli Kuusela

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • When certificates are used, LDAPv3 shall be supported as the primary method of authorization of a NF in ONAP.

  • When certificates are used, HTTP shall be used as an alternative method of authorization of an NF when LDAP is not available.

  • LDAPv3 format or HTTP format shall be used to access file repositories of TLS certificates.

  • LDAPv3 and HTTP formats shall be supported for checking the revocation status of TLS certificates.

  • When SSH/SFTP is used, public key authentication shall be supported by NF to authenticate ONAP access; password authentication shall not be supported for SSH/SFTP access into the NF.

  • ONAP shall support both TLS and SSH as the transport protocol for NetConf.  

  • TLS shall be the preferred transport protocol for NetConf.

  • It shall be possible to specify the configuration management protocol supported by a NF at design time (NetConf/TLS, Netconf/SSH, Ansible/SSH or Chef/SSH).
  • If a configuration management protocol is not specified for a NF, ONAP shall try NetConf/TLS first as the default.

May 31, 2018 Agreed to the following Recommendations:

  • Suggestion on VNF integration, in a manner logically similar to legacy eNB/gNB autointegration (plug and play). Also discussion on VNF root of trust. PNF autointegration and root of trust are included as reference info. The suggestions are in line with ETSI and 3GPP.
    View file
    nameONAP secure communication to NFs - VNF bootstrapping etc.pptx
    height250

Meeting Minutes:

May 24, 2018

...