VNFRQTS - Security requirements batch 1

Issue-ID: VNFRQTS-691 Signed-off-by: Hagop Bozawglanian <hagop.bozawglanian@att.com> Change-Id: I928985bf65bb616a058b39ca874abb857e964949
author: Hagop Bozawglanian <hagop.bozawglanian@att.com> 2019-09-05 22:18:33 +0000
committer: Hagop Bozawglanian <hagop.bozawglanian@att.com> 2019-09-05 22:18:33 +0000
commit: c9031a7fe28b8b53f844de4e12bce03682855cf8 (patch)
tree: 34597e343f6b535113bbfa5a9b0aa75843c4920c /docs/Chapter7/Monitoring-And-Management.rst
parent: ce06279cbf236aa79b76473747b7433ce39fb69e (diff)
1 files changed, 15 insertions, 16 deletions
diff --git a/docs/Chapter7/Monitoring-And-Management.rst b/docs/Chapter7/Monitoring-And-Management.rst
index 24ad489..e6886aa 100755
--- a/docs/Chapter7/Monitoring-And-Management.rst
+++ b/docs/Chapter7/Monitoring-And-Management.rst
@@ -930,32 +930,31 @@ Security
     :target: VNF or PNF
     :keyword: MUST
     :introduced: casablanca
-    :updated: dublin
-
-    The VNF or PNF **MUST** support the provisioning of security and authentication
-    parameters (HTTP username and password) in order to be able to authenticate
-    with DCAE (in ONAP).
+    :updated: el alto
 
-    Note: In R3, a username and password are used with the DCAE VES Event
-    Listener which are used for HTTP Basic Authentication.
+    If the VNF or PNF is using Basic Authentication, then the VNF or
+    PNF **MUST** support the provisioning of security and authentication
+    parameters (HTTP username and password) in order to be able to
+    authenticate with DCAE VES Event Listener.
 
-    Note: The configuration management and provisioning software are specific
-    to a vendor architecture.
+    Note: The configuration management and provisioning software
+    are specific to a vendor architecture.
 
 .. req::
     :id: R-894004
     :target: VNF or PNF
     :keyword: MUST
     :introduced: casablanca
-    :updated: dublin
+    :updated: el alto
 
-    When the VNF or PNF sets up a HTTP or HTTPS connection to the collector, it **MUST**
-    provide a username and password to the DCAE VES Collector for HTTP Basic
-    Authentication.
+    If the VNF or PNF is using Basic Authentication, then when the VNF
+    or PNF sets up a HTTPS connection to the DCAE VES Event Listener,
+    the VNF or PNF **MUST** provide a username and password to the
+    DCAE VES Event Listener in the Authorization header and the VNF
+    or PNF MUST support one-way TLS authentication.
 
-    Note: HTTP Basic Authentication has 4 steps: Request, Authenticate,
-    Authorization with Username/Password Credentials, and Authentication Status
-    as per RFC7617 and RFC 2617.
+    Note: In one-way TLS authentication, the client (VNF or PNF)
+    must authentication the server (DCAE) certificate.
 
 Bulk Performance Measurement
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
author	Hagop Bozawglanian <hagop.bozawglanian@att.com>	2019-09-05 22:18:33 +0000
committer	Hagop Bozawglanian <hagop.bozawglanian@att.com>	2019-09-05 22:18:33 +0000
commit	c9031a7fe28b8b53f844de4e12bce03682855cf8 (patch)
tree	34597e343f6b535113bbfa5a9b0aa75843c4920c /docs/Chapter7/Monitoring-And-Management.rst
parent	ce06279cbf236aa79b76473747b7433ce39fb69e (diff)