The task goal is to identify list of the security related topics we would like to cover with Frankfurt release. So far, during the SECCOM on 13th of August we identified following Frankfurt security goals and SoW:
Ingress controller (Krzysztof/Lucjan) - TBC
ISTIO POC? - limited ONAP deployment scope (Hampus)
Containers and Kubernetes secure configuration (Amy)
Coverity integration by end of Frankfurt (Amy)
HTTP communication vs. HTTPS (preferred, recommended, target), only Jonathan justification was presented so far
Secure communication (Hampus)
Password removal from OOM HELM charts (Krzysztof)
update: 03/09/19
Joint synch meeting with ODL on fixing upstream security vulnerabilities
ISTIO POC? - limited ONAP deployment scope (Hampus) ~ to be synchronized with concerned people. To be added to wiki after sync with contributors.
Coverity integration by end of Frankfurt (Amy / Artem)
? HTTP communication vs. HTTPS (preferred, recommended, target), only Jonathan justification was presented so far
Password removal from OOM HELM charts (Krzysztof) To be discussed during next F2F meeting.