-
Epic
-
Resolution: Unresolved
-
Medium
-
None
-
HTTPS communication vs. HTTP
-
1
According to scan executed on 25.10.2019 below HTTP ports are exposed by ONAP:
It is significantly less than number of open OJSI tickets related to HTTP exposed because some issues has been already fixed but PTL didn't provide any comment in the OJSI ticket which hurts our transparency and traceability.
This requirement requires two actions:
1) Review OJSI tickets open and if ticket is already fixed provide a comment with hash-id of commit that removed the HTTP exposure
2) If port is exposed work towards making it HTTPS instead of HTTP or removing it or providing SECCOM a good explanation why you need to expose HTTP and get a waiver.
- clones
-
REQ-1 ONAP Requirement Template
- To Do
-
REQ-537 Long-term IPv4/IPv6 dual stack networking support
- Done
- is blocked by
-
MUSIC-572 HTTP port open
- Closed
-
CCSDK-2147 HTTP port open
- Closed
-
CLI-254 HTTP port open
- Closed
-
DCAEGEN2-2129 Public HTTP port open
- Closed
-
DMAAP-1400 HTTP port open
- Closed
-
EXTAPI-375 Add support for HTTPS nbi port in OOM
- Closed
-
LOG-1207 HTTP port open
- Closed
-
PORTAL-848 HTTP port open
- Closed
-
USECASEUI-401 HTTP port open
- Closed
-
REQ-309 Upgrade common Cassandra cluster to version 3
- Done
- mentioned in
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...