DMaaP support of https in Casablanca: Message Router: Yes Data Router: Yes Buscontroller: Yes
-Dom From: onap-discuss@lists.onap.org [mailto:onap-discuss@lists.onap.org] On Behalf Of SONSINO, OFIR Sent: Tuesday, October 23, 2018 10:44 AM To: ZWARICO, AMY <az9...@att.com>; onap-discuss@lists.onap.org; NGUEKO, GERVAIS-MARTIAL <gervais-martial.ngu...@intl.att.com>; DRAGOSH, PAMELA L (PAM) <pdrag...@research.att.com>; HERNANDEZ-HERRERO, JORGE <jh1...@att.com> Subject: Re: [onap-discuss] ONAP Support for Secure Communication ***Security Advisory: This Message Originated Outside of AT&T *** Reference http://cso.att.com/EmailSecurity/IDSP.html for more information. Correct indeed. Sent from my Samsung Galaxy smartphone. -------- Original message -------- From: "ZWARICO, AMY" <az9...@att.com<mailto:az9...@att.com>> Date: 10/23/18 17:41 (GMT+02:00) To: "Sonsino, Ofir" <ofir.sons...@intl.att.com<mailto:ofir.sons...@intl.att.com>>, onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>, "Ngueko, Gervais-Martial" <gervais-martial.ngu...@intl.att.com<mailto:gervais-martial.ngu...@intl.att.com>>, "DRAGOSH, PAM" <pdrag...@research.att.com<mailto:pdrag...@research.att.com>>, "HERNANDEZ-HERRERO, JORGE" <jh1...@att.com<mailto:jh1...@att.com>> Subject: RE: [onap-discuss] ONAP Support for Secure Communication Am I correct that all of the APIs that are exposed through VID enable HTTPS? From: SONSINO, OFIR Sent: Tuesday, October 23, 2018 9:38 AM To: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>; NGUEKO, GERVAIS-MARTIAL <gervais-martial.ngu...@intl.att.com<mailto:gervais-martial.ngu...@intl.att.com>>; DRAGOSH, PAM <pdrag...@research.att.com<mailto:pdrag...@research.att.com>>; HERNANDEZ-HERRERO, JORGE <jh1...@att.com<mailto:jh1...@att.com>>; ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>> Subject: RE: [onap-discuss] ONAP Support for Secure Communication Hi Amy, VID front-end supports HTTPS (right in the browser). In the back-end, we support HTTPS communication to A&AI, and also to Portal if it's OOM deployment of ONAP. Communication to SO and SDC is still works with HTTP though, due to lack of HTTPS support from these components. Thanks, Ofir From: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> [mailto:onap-discuss@lists.onap.org] On Behalf Of Ngueko, Gervais-Martial Sent: Friday, October 19, 2018 7:40 PM To: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>; DRAGOSH, PAM <pdrag...@research.att.com<mailto:pdrag...@research.att.com>>; HERNANDEZ-HERRERO, JORGE <jh1...@att.com<mailto:jh1...@att.com>>; ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>> Subject: Re: [onap-discuss] ONAP Support for Secure Communication ***Security Advisory: This Message Originated Outside of AT&T *** Reference http://cso.att.com/EmailSecurity/IDSP.html for more information. Hi Amy, Here below more details on the secure communication on CLAMP, the reason behind my original "No" answer: CLAMP UI itself is https and communication between frontend and backend is secured. but * SDC communication is http and so not secure (sdc doesn't support AAF and has not exposed a secure API till now), similar to Policy we use the sdc client so it will be up to SDC team to provide us a secured client. * Call from CLAMP to DCAE inventory API is http so not secure(DCAE is not integrated with AAF and has not exposed this API in https). Other DCAE API, used by CLAMP for deployment triggering, are https and so are secured. * Policy calls are secured. Br, Martial From: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>> On Behalf Of DRAGOSH, PAM Sent: vendredi 19 octobre 2018 17:43 To: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>; DRAGOSH, PAM <pdrag...@research.att.com<mailto:pdrag...@research.att.com>>; HERNANDEZ-HERRERO, JORGE <jh1...@att.com<mailto:jh1...@att.com>> Subject: Re: [onap-discuss] ONAP Support for Secure Communication ***Security Advisory: This Message Originated Outside of AT&T *** Reference http://cso.att.com/EmailSecurity/IDSP.html for more information. Correction - the policy distribution application has 2 endpoints. One for HealthCheck that will need https, and the other I mentioned is the SDC Client SDK that will need to support https. Sorry Pam From: <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>> on behalf of "DRAGOSH, PAMELA L (PAM)" <pdrag...@research.att.com<mailto:pdrag...@research.att.com>> Reply-To: "onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>" <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>>, "DRAGOSH, PAMELA L (PAM)" <pdrag...@research.att.com<mailto:pdrag...@research.att.com>> Date: Friday, October 19, 2018 at 2:00 AM To: "onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>" <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>>, "HERNANDEZ-HERRERO, JORGE" <jh1...@att.com<mailto:jh1...@att.com>> Subject: Re: [onap-discuss] ONAP Support for Secure Communication ***Security Advisory: This Message Originated Outside of AT&T *** Reference http://cso.att.com/EmailSecurity/IDSP.html for more information. Amy - the policy distribution application uses the SDC Client SDK for http communication via dmaap. It will be up to that project to support https, not policy project. Our other component is not MVP to this release and will have https for Dublin. Pam From: <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>> on behalf of "HERNANDEZ-HERRERO, JORGE" <jh1...@att.com<mailto:jh1...@att.com>> Reply-To: "onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>" <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>>, "HERNANDEZ-HERRERO, JORGE" <jh1...@att.com<mailto:jh1...@att.com>> Date: Thursday, October 18, 2018 at 8:05 PM To: "onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>" <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>> Subject: Re: [onap-discuss] ONAP Support for Secure Communication ***Security Advisory: This Message Originated Outside of AT&T *** Reference http://cso.att.com/EmailSecurity/IDSP.html for more information. Yes, correct, that's the plan. -Jorge From: ZWARICO, AMY Sent: Thursday, October 18, 2018 8:49 PM To: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>; HERNANDEZ-HERRERO, JORGE <jh1...@att.com<mailto:jh1...@att.com>> Subject: RE: [onap-discuss] ONAP Support for Secure Communication Thank you. Are there plans to support https for the new components in Dublin? From: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> [mailto:onap-discuss@lists.onap.org] On Behalf Of HERNANDEZ-HERRERO, JORGE Sent: Thursday, October 18, 2018 7:13 PM To: onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> Subject: Re: [onap-discuss] ONAP Support for Secure Communication ***Security Advisory: This Message Originated Outside of AT&T *** Reference http://cso.att.com/EmailSecurity/IDSP.html for more information. Hello Amy, Responding on behalf of Pam D., Policy PTL, that is currently on vacations. https is supported across all policy components with the exception of the new ones introduced in Casablanca release (apex-pdp, policy-distribution). Jorge -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#13235): https://lists.onap.org/g/onap-discuss/message/13235 Mute This Topic: https://lists.onap.org/mt/27369768/21656 Group Owner: onap-discuss+ow...@lists.onap.org Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
