[onap-tsc] TSC Meeting Updates - MoM/Action Items (Jan 17th) and Agenda (Jan 24th) #tsc

[Catherine LEFEVRE]

Dear ONAP Community,

Thank you to Ranny Haiby (Nokia TSC Member) for his great support/collaboration 
since ONAP’s inception.
Timo Perala will be acting as temporary TSC Member until a new TSC Member is 
elected.

Thank you to Stephen Terrill for his great contribution to the ONAP Security 
Subcommittee.
Stephen will pursue his ONAP activities as our ONAP Architecture Subcommittee 
Chair & Ericsson TSC Member.

Our Jan 17th TSC Meeting Notes have been posted: 
https://wiki.onap.org/display/DW/TSC+2019-01-17

Here are the Urgent Tasks to be completed within the next 2-3 weeks:

·Kick-Off TSC Vacant Seat Nomination - TSC-95  – Task Lead: Kenny Paul

·Kick-Off Security Subcommittee Chair Nomination - TSC-96  – Task Lead: 
Kenny Paul

·Review Dublin M1: PTLs & TSC

·Get feedback from Sonatype (CLM) – TSC-78  – Task Lead: Kenny Paul

·Review Technical Community Coordinators – TSC-19/TSC-15/TSC-76 - Task 
Lead: Alla Goldner and Srini

·Code of Conduct for CII Badging Silver Level – TSC-39 – Task Lead: 
Security Subcommittee

·Define an iterative approach concerning Logging specifications – 
TSC-27 - Task Lead: Jason Hunt

·Provide final feedback about the ONAP Maintenance Release Proposal to 
Stephen Terrill , Alexis de 
Talhouët – Target: January 31st, 
2019

·Finalize TSC vote/discussions about DataLake project proposal - 
https://lists.onap.org/g/onap-tsc/message/4484
TSC Dashboard:
https://jira.onap.org/secure/RapidBoard.jspa?projectKey=TSC=163

TSC Decisions
https://wiki.onap.org/display/DW/2019+TSC+Decisions

Next TSC Call(s)
The next TSC agenda will be reviewed on Wednesday (Jan 23rd, 2019).

Here is the wiki link: https://wiki.onap.org/display/DW/TSC+2019-01-24

Upcoming Event(s):

·San Jose, April 1st/2nd – To be confirmed by the Linux Foundation

TSC Chat
https://lists.onap.org/g/onap-tsc/chats

Many thanks & regards
Catherine

Catherine Lefèvre
AVP Software Development & Engineering

AT Labs – Network Cloud & Infrastructure
D2 Platform & Systems Development
ECOMP/RUBY/SPP-NEAM-Appl. Servers/SIA
ONAP TSC Chair


Phone: +32 81 84 09 08
Mobile: +32 475 77 36 73
catherine.lefe...@intl.att.com

TEXTING and DRIVING… It Can Wait

AT
BUROGEST OFFICE PARK SA
Avenue des Dessus-de-Lives, 2
5101 Loyers (Namur)
Belgium



NOTE: This email (or its attachments) contains information belonging to the 
sender, which may be confidential. proprietary and/or legally privileged. The 
information is intended only for the use of the individual(s) or entity(ies) 
named above. If you are not the intended recipient, you are hereby notified 
that any disclosure, distribution or taking of any action in reliance on the 
content of this is strictly forbidden. If you have received this e-mail in 
error please immediately notify the sender identified above



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#4498): https://lists.onap.org/g/onap-tsc/message/4498
Mute This Topic: https://lists.onap.org/mt/29399941/21656
Mute #tsc: https://lists.onap.org/mk?hashtag=tsc=2743226
Group Owner: onap-tsc+ow...@lists.onap.org
Unsubscribe: https://lists.onap.org/g/onap-tsc/leave/2743226/1412191262/xyzzy  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[onap-tsc] Integration PTL (Yang) is going to join today's meeting to discuss integration process/gaps for Dublin use cases and functional requirements

[Alla Goldner]

This email and the information contained herein is proprietary and confidential 
and subject to the Amdocs Email Terms of Service, which you may review at 
https://www.amdocs.com/about/email-terms-of-service 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#4496): https://lists.onap.org/g/onap-tsc/message/4496
Mute This Topic: https://lists.onap.org/mt/29380443/21656
Group Owner: onap-tsc+ow...@lists.onap.org
Unsubscribe: https://lists.onap.org/g/onap-tsc/leave/2743226/1412191262/xyzzy  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OpenDaylight TSC] [onap-tsc] CII Badging - Vulnerabilities

[Alexis de Talhouet]

Dear ODL community, Luke, all,

Could I get an update w.r.t. the vulnerabilities reported?

Thanks,
Alexis

> On Jan 10, 2019, at 1:34 PM, Alexis de Talhouet via Lists.Onap.Org 
>  wrote:
> 
> Luke, all
> 
> Following up on this. What is the current status?
> 
> Regards,
> Alexis
> 
>> On Dec 10, 2018, at 8:13 AM, Luke Hinds > > wrote:
>> 
>> Hi Alexis,
>> 
>> We can see your email and you will see replies as your email will be in the 
>> reply all list , a reply is till pending, but its on our desk so to speak.
>> 
>> I discussed this with Stephen this morning and a reply will follow. initial 
>> analysis shows that a good number of false positives are reported.
>> 
>> Regards,
>> 
>> Luke
>> 
>> On Mon, Dec 10, 2018 at 1:10 PM Alexis de Talhouët > > wrote:
>> Everyone, Daniel,
>> 
>> So I did send the mail to ODL security list, but message is getting held 
>> waiting for “moderator approval” 
>> 
>>> Your mail to 'security' with the subject
>>> 
>>>CII Badging - Vulnerabilities
>>> 
>>> Is being held until the list moderator can review it for approval.
>>> 
>>> The reason it is being held:
>>> 
>>>Post by non-member to a members-only list
>> 
>> 
>> I don’t know if this is intended or not, but as there is no way to register 
>> to such list I’m wondering if I missed something..
>> 
>> Stephen T, in this case, I’m following ODL process are I’m reporting 
>> vulnerabilities to their project; vulnerabilities we have identified within 
>> ONAP as part of the CII Badging requirement.
>> 
>> Regards,
>> Alexis
>> 
>> 
>>> On Dec 10, 2018, at 6:44 AM, Michael Vorburger >> > wrote:
>>> 
>>> Hello everyone,
>>> 
>>> It's great to see that we do have a working formal security vulnerability 
>>> disclosure process in place in ODL.
>>> 
>>> I'll therefore let the members of that strucuture deal with this. If I can 
>>> be of any help for anything specific, please reach out to me.
>>> 
>>> Tx,
>>> M.
>>> --
>>> Michael Vorburger, Red Hat
>>> vorbur...@redhat.com  | IRC: vorburger 
>>> @freenode | ~ = http://vorburger.ch 
>>> 
>>> On Sun, Dec 9, 2018 at 2:52 AM Stephen Terrill 
>>> mailto:stephen.terr...@ericsson.com>> wrote:
>>> Hi,
>>> 
>>>
>>> 
>>> Thanks. This maybe a good opportunity to point to this wiki for this 
>>> process.  https://wiki.onap.org/display/DW/ONAP+Vulnerability+Management 
>>> 
>>>
>>> 
>>> This will be a good opportunity to test it out.
>>> 
>>>
>>> 
>>> BR,
>>> 
>>>
>>> 
>>> Steve
>>> 
>>>
>>> 
>>> From: onap-tsc@lists.onap.org  
>>> mailto:onap-tsc@lists.onap.org>> On Behalf Of 
>>> Kenny Paul
>>> Sent: Friday 7 December 2018 22:15
>>> To: onap-tsc@lists.onap.org ; Daniel 
>>> Farrell mailto:dfarr...@redhat.com>>
>>> Cc: Abhijit Kumbhare >> >; >> > >> >
>>> Subject: Re: [onap-tsc] [OpenDaylight TSC] CII Badging - Vulnerabilities
>>> 
>>>
>>> 
>>> Perfect! Thanks Daniel!
>>> 
>>>
>>> 
>>> Thanks!
>>> 
>>> -kenny
>>> 
>>>
>>> 
>>>
>>> 
>>> From: mailto:onap-tsc@lists.onap.org>> on behalf 
>>> of Alexis de Talhouet >> >
>>> Reply-To: mailto:onap-tsc@lists.onap.org>>
>>> Date: Friday, December 7, 2018 at 12:58 PM
>>> To: Daniel Farrell mailto:dfarr...@redhat.com>>
>>> Cc: Abhijit Kumbhare >> >, ">> >" >> >, >> >
>>> Subject: Re: [onap-tsc] [OpenDaylight TSC] CII Badging - Vulnerabilities
>>> 
>>>
>>> 
>>> Awesome. Thank you for the reminder Daniel. I’ll loop in that list.
>>> 
>>>
>>> 
>>> Regards,
>>> 
>>> Alexis
>>> 
>>>
>>> 
>>> On Dec 7, 2018, at 3:56 PM, Daniel Farrell >> > wrote:
>>> 
>>>
>>> 
>>> No, this list is exactly meant for this type of secret information. It's 
>>> the group of people the TSC has appointed as trusted to handle security 
>>> issues. They will follow all the normal security embargo best practices.
>>> 
>>>
>>> 
>>> Thanks,
>>> 
>>> Daniel
>>> 
>>> On Fri, Dec 7, 2018 at 9:52 PM Alexis de Talhouët >> > wrote:
>>> 
>>> Daniel,
>>> 
>>>
>>> 
>>> Is the content of information provided through that mailing list publicly 
>>> available? If yes, then I can’t provide the information to that list, as we 
>>> don’t want to share publicly the vulnerabilities.
>>> 
>>>
>>> 
>>> Alexis
>>> 
>>>
>>> 
>>>
>>> 
>>> On Dec 7, 2018, at 3:50 PM, Daniel Farrell >> > wrote:
>>> 
>>>
>>> 
>>> Hey Alexis,
>>> 
>>>
>>> 
>>> Reminder that we have a security response team that's meant to handle these 
>>> types of things. Stephen is on the security response team, but you