Java SBOM requirements?


Hi Robert and Pawel,

We have also a work ongoing around SBOM within Anuket.

And we are strongly interested to align LFN views on this topic and rely on common requirements.
Please include me if you organize a session on this topic.

Best regards,
Karine Sevilla

-----Original Message-----
From: lfn-securitywg@... [mailto:lfn-securitywg@...] On Behalf Of Pawel Pawlak via
Sent: Tuesday, November 9, 2021 10:15 PM
To: lfn-securitywg@...
Subject: ODP: [lfn-securitywg] Java SBOM requirements?

We have in ONAP SECCOM already a work done in SBOMs.
Please check this Wiki:

If you would have any questions, please don't hesitate to come back to me. We may have a zoom session organized with leader for this topic.
Best regards

Paweł Pawlak | Product Owner | ONAP SECCOM Chair

M +48501501030


-----Wiadomość oryginalna-----
Od: lfn-securitywg@... <lfn-securitywg@...> W imieniu Robert Varga
Wysłano: wtorek, 9 listopada 2021 20:02
Do: LFN Security WG <lfn-securitywg@...>
Temat: [lfn-securitywg] Java SBOM requirements?

Hello everyone,

what is the LFN plan for SBOM use cases and baseline security requirements?

For OpenDaylight, this boils down to setting down a default policy that will do The Right Thing(tm) in odlparent. I would implement it in a heartbeat, except I am at a loss as to what exactly is it I should provide.



Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.