...
| Jira No | Summary | Description | Status | Solution | 5G Super Blueprint - Martial | ongoing | TSC meeting update - September 1st | M3 and M4 moved by 1 week New PTL for CLI and VNFSDK TAC is looking for security expert – Amy in touch with Ranny Project Lifecycle was approved | ongoing | Ticket created by Thomas Kulik | New request from Thomas: https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/IT-24491 | started | Vulnerabilities management | Single source of truth for recommended versions for ONAP components. | started | Update expected next week. | Recommended protocols vs. deprecated/retired | List of cryptographic protocols used in ONAP. | started | To be elaborated next week. Examination activity to be considered. | Please register if plan to participate: | ONE Summit NARegistration Open – Amy and Pawel submissionaccepted!
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Finishing the RACI Matrix | https://wiki.onap.org/display/DW/Project+State%3A+Unmaintained Some description modifications "or Delegated" in the TSC responsibility + TSC should be on updates. | ongoing | Present updates to TSC (Muddasar). | ||||||||||||||||||
List of cryptographic protocols used in ONAP | Currently existing Wiki is not updated: We could link to IANA with list of cypher up to date: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4 To consider default choice as best practice to use. We focus first on the external API communication for the cyphers. Tony proposed to make a direct reference per table to IANA in SECCOM Wiki. | ongoing | |||||||||||||||||||
| PTLs meeting | SECCOM Kohn upgrades status update:
DMaaP is finding false positive misidentification - waiting for more details from Fiachra. Update on the Security Logging Fields and Global Requirement - need PoC for Python based containers. For Java based containers PTLs should strat adopting that. | ongoing | We come back to PTLs at the next meeting with next update. | ||||||||||||||||||
| TSC meeting | Catherine moving to TAC, not clear who is going to be a new TSC chair 3GPP YANG models usage and licensing problem – storing source code | ongoing | |||||||||||||||||||
LFN projects after Amy’s discussion with Ranny | Security SME discussion for LFN TAC: https://wiki.lfnetworking.org/display/LN/2022+Security+SME+seat+role+definition
| started | |||||||||||||||||||
Update about Sonarcloud | Bob opened the ticket: https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/IT-24461?sda_source=notification-email, all languages that are supported, are enabled. Some test, demo or archived code was obsered. | closed | |||||||||||||||||||
| Ticket created by Thomas Kulik | New request from Thomas: https://jira.linuxfoundation.org/plugins/servlet/theme/portal/2/IT-24491 | resolved - not an issue | Security cloud detailed record concept | Could be presented by Muddasar's colleague from Mitre. It is planned to be presented at the upcoming DTF. | SABRES, OPS-5G Task order, correct? Dr. Kline (USC) work on Super Blueprint. | Muddasar to share the links | started | https://www.darpa.mil/program/open-programmable-secure-5g https://www.darpa.mil/news-events/2020-02-05 OUSD(R&E) Mini TEM MOJITO and Linux Foundation 5G ...https://wiki.onap.org › download › attachments Contract Announcement Task Details HR001120S0026-Amendment-02.pdf - GovTribehttps://govtribe.com › file › government-file | |||||||||||||
SECCOM MEETING CALL WILL BE HELD ON 20th OF September'22. | Architecture review template to be reviewed. MITRE SCDR discussion. |
Recordings:
| View file | ||||
|---|---|---|---|---|
|
SECCOM presentation:
| View file | ||||
|---|---|---|---|---|
|