Security Working Group - Wednesday April 29

Joseph Reynolds jrey at linux.ibm.com
Wed Apr 29 02:12:15 AEST 2020


This is a reminder of the OpenBMC Security Working Group meeting 
scheduled for this Wednesday April 29 at 10:00am PDT.

We'll discuss current development items, and anything else that comes up.

The current topics:

1. Skip May 13 meeting due to OCP Summit?

2. IPMI over DTLS.

3. Requirements for security audit logs.  Access, deleting, APIs.

4. Using mTLS for HTTPS access to BMCWeb.

5. Rate-limit BMCWeb authentication failures.

6. Review Dropbear (SSH server) settings.

7. OWASP dependency checker.


Access, agenda, and notes are in the wiki:

https://github.com/openbmc/openbmc/wiki/Security-working-group

- Joseph


More information about the openbmc mailing list