Hi,
At the last TSC a question was raised that in principle was whether we could
regarding the secure network design and only exposed ports as sufficient
mechanism for secure communication between the ONAP components.
This was discussed today in the security sub-committee, and the conclusions
were:
* AAF can provide certificates to the users (projects). The implication
is that AAF has to be configured to route to a CA.
* Regarding relying on network design the means of security; It was not
considered as an appropriate assumption for secure communication in general. It
maybe a deployment option. Instead it was stated that the project should
support the capability to be configured to use TLS (either with their own
configured certificate or requesting it via AAF. Ideally it would be using
AAF).
Best Regards,
Steve.
[Ericsson]<http://www.ericsson.com/>
STEPHEN TERRILL
Technology Specialist
POA Architecture and Solutions
Business Unit Digital Services
Ericsson
Ericsson R&D Center, via de los Poblados 13
28033, Madrid, Spain
Phone +34 339 3005
Mobile +34 609 168 515
[email protected]
www.ericsson.com
[http://www.ericsson.com/current_campaign]<http://www.ericsson.com/current_campaign>
Legal entity: Ericsson EspaƱa S.A, compay registration number ESA288568603.
This Communication is Confidential. We only send and receive email on the basis
of the terms set out at
www.ericsson.com/email_disclaimer<http://www.ericsson.com/email_disclaimer>
_______________________________________________
ONAP-TSC mailing list
[email protected]
https://lists.onap.org/mailman/listinfo/onap-tsc
