<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p><span class="mx_MTextBody mx_EventTile_content"><span
          class="mx_EventTile_body" dir="auto">Here is the OpenBMC
          security work group status.</span></span></p>
    <p><span class="mx_MTextBody mx_EventTile_content"><span
          class="mx_EventTile_body" dir="auto">The OpenBMC security work
          has been partitioned into four areas: hardware, firmware
          (Linux, phosphor, etc.), OpenBMC development activity, and
          downstream development.  Reviews are out for three areas; see
          <a href="https://gerrit.openbmc-project.xyz/#/c/11120/"
            class="linkified" target="_blank" rel="noopener">https://gerrit.openbmc-project.xyz/#/c/11120/</a>
          and 11164.  Work to sketch out firmware security topics is
          beginning.  We are also beginning to look at topics such as
          release planning and how to handle security flaws.  For more
          details, see the group’s agenda and minutes at <a
href="https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI"
            class="linkified" target="_blank" rel="noopener">https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI</a>.</span></span></p>
    <div class="moz-signature">- Joseph Reynolds</div>
  </body>
</html>