/
2025-05-13 SIG Security Minutes

2025-05-13 SIG Security Minutes

 

Community Attendees:

@Byung-Woo Jun

@Prashant Mishra

@Gaurav Kumar

@Francois Duthilleul

Community Attendees:

@Tom Kivlin

@Phil Porras

@Rahul Jadhav

LF Staff:

Agenda

Antitrust Policy

  • Action Items Review

  • Vault Integration

  • IaC scans

Minutes

  • @Prashant Mishra provided an update on vault integration

    • Currently he is modifying the user requirements doc to include topics such as how Nephio Data plane workloads could leverage the integration

    • Prashant mentioned that OpenBao might not have SPIFFE support added as yet unlike Hashicorp value. (ref)

    • Prashant will reach out to SIG-Automation to explain the rationale for use of cop and the ideal design pattern we are looking for. This would also be documented.

    • @Francois Duthilleul mentioned that he will arrange a discussion with a subject matter expert so that we can verify the design rationale. Hopefully we will have Prashant’s document in good shape that can form the basis of this discussion

    • @Prashant Mishra will upload the ESO/SSCID comparison pdf to the documentation section

  • @Gaurav Kumar will raise a PR for primary Nephio repository for the IaC scanning.

    • SIG-Security will then trigger a discussion on the PR itself

    • Gaurav will get the scan of the catalog repository as well however the PR would be first raised on the primary nephio repo.

Topic 1

  • Comments

Action items

@Prashant Mishra will upload the ESO/SSCID comparison pdf to the documentation section
@Gaurav Kumar will help get the IaC scan for ‘catalog’ repo as well (apart from the currently selected nephio repo).