Security Working Group meeting - Wednesday November 13
Joseph Reynolds
jrey at linux.ibm.com
Wed Nov 27 03:58:16 AEDT 2019
On 11/11/19 3:50 PM, Joseph Reynolds wrote:
> This is a reminder of the OpenBMC Security Working Group meeting
> scheduled for this Wednesday November 13 at 10:00am PDT.
>
> * * NOTE - the USA went off daylight savings time since the previous
> meeting * *
> This means the meeting may be an hour later for you. Please check
> your caneldar.
>
> As usual, we'll discuss current development items, and anything else
> that comes up. There are currently three topics:
> 1. Allow BMC Admin to enable and disable BMC interfaces.
> 2. BMC secure boot design.
> 3. Disable SSL Renegotiation.
We spent the entire time discussing the BMC's interfaces. The full
meeting minutes (such as they are) are in the google doc 2019-11-13
Highlights: - Interfaces which should be enabled by default: BMC network
interface, HTTPS, Redfish. - However, the question of which interfaces
which should be enabled by default depends on the use case for
provisioning and operation of the BMC. A counter example is a BMC
operated by its host system (which may not need network). - Next steps:
1. Refine the list of interfaces and figure out which we are willing
to implement controls for.
2. Work to understand how the interfaces are structured, including
various use cases.
3. Continue to look for standards from Redfish, etc.
- Joseph
>
> NOTE: * * There is some level of excitement to discuss the BMC's
> interfaces, and some new folks may be joining the call.
>
> Access, agenda, and notes are in the wiki:
> https://github.com/openbmc/openbmc/wiki/Security-working-group
>
> - Joseph
More information about the openbmc
mailing list