Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 7th of February 2023.

Jira No
SummaryDescriptionStatusSolution

Logging security discussion by Byung

Node vs. pod level logging update, pods logs visible but not yet with content, kyverno used for policy management.

Meeting with Justin and Maggie scheduled later today by Byung.

ongoing

Next week conclusion expected.



CPS Security review questionaire by Tony

Slot for a meeting with CPS team still under setup.

ongoing

Security issues raised by External researchers
  • IT-24999 Security Issue - Sensitive information leakage – Fiachra was contacted, still waiting for his feedback
ongoing

Upcoming D&TF 

Please register!

-SECCOM proposals (TBD): https://wiki.lfnetworking.org/display/LN/2023-02+LFN+Developer+Event+Topics+February#id-202302LFNDeveloperEventTopicsFebruary-ONAPTopics 

ongoing

Python PoC by Bob

Environment for testing is available

ORAN SC is actively using Pylog, libraries under testing, 

ongoingWork in progress. Fiachra still to be contacted.

TSC meeting (26th January)

Architecture Subcommittee shared London status: niorttech.net




PTL meeting (30th January)

Review of Release Management tasks – started

  • Looks like there is overlap between Architecture Subcommittee and PTLs tasks.



Unmaintained projects update

Jira tickets to be issued for repos (34!) where no changes for last 12 months done.

ongoing

Adoption of security practices

TAC meeting will be addressing it on Wedesday.

  • SBOMs autogeneration
  • signing artifacts - Maven central does not support Sigstore - to be elaborated
  • ORAN Alliance has some signing recommendations already

NTIA recommendation on integrity protections on SBOMs to be reviewed by Amy


NSA has just joined ORAN Alliance.

Security logging support by Bob for AI/ML - 25 use cases proposed.




SECCOM MEETING CALL WILL BE HELD ON 14th February 2023. 

Node vs. pod level logging update by Byung.

CPS Security review questionaire by Tony.





Recordings: 



SECCOM presentation:






  • No labels