| Requirement | commitment & strategy |
|---|---|
| Document current upgrade component strategy | AAF has an upgrade strategy, and belief it is documented. If not, then do. track on AAF-1044 |
| SECCOM Perform Software Composition Analysis - Vulnerability tables | AAF's SECCOM Vulnerabilities are generally clean, however, verify that nothing new has cropped up. track on AAF-1045 |
| SECCOM Password removal from OOM HELM charts | N/A AAF never had passwords in OOM... AAF enabled other apps to avoid passwords since Dublin. |
| SECCOM HTTPS communication vs. HTTP | N/A AAF has always been HTTP/S for all components, except "FS". FS (Fileserver) is documented exception... Needed for access to RCLs during TLS connection (TLS conversational requirement to be HTTP) |
Overview
Content Tools