2019-10-08 Security Subcommittee Meeting Notes

Owned by Paweł Pawlak
Oct 10, 2019
1 min read

Please see the Minutes of Meetings and recording for the  SECCOM meeting that was held on 8th of October 2019.

Jira No

Summary

Description

Status

Solution

Jira No

Summary

Description

Status

Solution

-

Review of El Alto key deliverables

-Known vulnerabilities analysis - ongoing

-Synch with Portal team on their components upgradesit seems that only few were upgradedstill waiting for a feedback from Portal team.

-OJSI tickets tracking – Jim/Pawel/Krzysztof/Amy

  • OJSI Dashboard - Krzysztof

  • Krzysztof investigating the optimal way to incorporate the test

-CII Badging updatesfirst positive feedbacks

-Communication matrix

-Recommended upgrades

-Nexus IQ vs. Whitesoftware

  • Waiting for Dan’s feedback for effectice/ineffective

  • Waiting for Renan’s analysis for WS results

  • LFN is willing to add all ONAP projects under WS jenkins jobs

-ODL synch meetingwaiting for a feedback from ODL – meeting was proposed on 10th of October

-What do we do with MSB or other kind of projects? – security implications

  • Meeting with Huabing from MSB was doneaction was agreed on his side to contact VFC and Multicloud projects to synch on

  • Action with TSC was taken! List of projects with lack of reaction on security best practices to be provided.

 

 

-

 Automatic generation of certificate by Pavel Paroulek

Short re-review with Jonathan of the options proposed by Pavel who should join AAF meeting for further exchanges.

 

 

 

Synch meeting with Architecture Subcommittee

Topics that require further confirmation by its owners:

ISTIO & Service Mesh, Certificate Management, Ingress controller

 

 

 

SO OJSI and AAF

To be further checked by Jonathan if Seshu provided updates in his OJSI jiras taht are referring to next steps on AAF side.