...
- The original vendor package contents between the Adapters and SVNFMs/NFVOs could be one of the following.
- Vendor package including certificate and signature (Zip format)
- Vendor package without certificate and signature (CSAR format)
- Open Issues:
- Distribution of vendor VNF packages with certificates and signatures to SVFNM need to be sorted out.
- Currently, VF-C supports CSAR-format without certificate or signature – TBD
- The following diagram depicts the ETSI package distribution.
- The following sequence diagram depicts the Package Information Flows.
Package Security
A VNF package uses the signature and certificate to ensure package integrity and validity. A CSAR file is digitally signed with the VNF provider private key. During the VNF package onboarding to SDC, SDC validates the package and then does the following:
...