Security Working Group meeting - Wednesday September 18
Joseph Reynolds
jrey at linux.ibm.com
Thu Sep 19 06:51:06 AEST 2019
On 9/17/19 6:32 PM, Joseph Reynolds wrote:
> This is a reminder of the OpenBMC Security Working Group meeting
> scheduled for this Wednesday September 18 at 10:00am PDT.
>
> Current topics:
> - Development work:
> 1. IPMI authority question -
> https://lists.ozlabs.org/pipermail/openbmc/2019-August/017905.html
> 2. Multiple admin security question -
> https://lists.ozlabs.org/pipermail/openbmc/2019-August/017910.html
> - OCP Secure Firmware Development Best Practices (goo.gl/uEoAh4)
> - Expired password design
Thanks to everyone who attended the meeting. The minutes are in the
link below. Click the link, then click "Meeting Minutes". Highlights:
- We discussed the design and implementation of IPMI authority
Role=admin access.
- We discussed the expired password design, including interfaces that
will be able to change the password.
- We briefly reviewed the existence of the OpenBMC network threat model
and the overall BMC threat model currently in review.
- We glanced at the mutual TLS (mTLS) reviews in progress
- We discussed the desire and plans to deprecate out-of-band IPMI
network access to the BMC. I'll send an email with more on this topic.
- We discussed emerging firmware recommendations such as the "CSIS
Secure Firmware Development Best Practices" and how we would use those
recommendations.
- Joseph
>
> Access, agenda, and notes are in the wiki:
> https://github.com/openbmc/openbmc/wiki/Security-working-group
>
> - Joseph
More information about the openbmc
mailing list