Extended Security Assessment

[gerbrand-bosch]

Summary

The prepare to move beyond the PoC state of this reference implementation an assessment should be done by security to determine any risk when running this application in an organization infrastructure.

Any work that comes out of this security assessment should either be resolved or documented in this issue.

Definition of Done

• Security assessed the mcsd update client
• All issues from this assessment are resolved or documented.

[thomas-samoht]

Aangevraagd bij security: https://github.com/minvws/rdo-security-coordination/issues/527

[jaytaph]

@thomas-samoht any progress on this??

[thomas-samoht]

@MauriceM0ss any progress on this??

[MauriceM0ss]

Yes, progress as in: discussions are still ongoing whether or not it's useful to do security assessments for MCSD in it's current state. If GF wants to remove the POC label then the SA will be done around December. Gerbrand is discussing this with Nathalie.