Security Working Group - Wednesday April 29

[Joseph Reynolds]

This is a reminder of the OpenBMC Security Working Group meeting 
scheduled for this Wednesday April 29 at 10:00am PDT.

We'll discuss current development items, and anything else that comes up.

The current topics:

1. Skip May 13 meeting due to OCP Summit?

2. IPMI over DTLS.

3. Requirements for security audit logs.  Access, deleting, APIs.

4. Using mTLS for HTTPS access to BMCWeb.

5. Rate-limit BMCWeb authentication failures.

6. Review Dropbear (SSH server) settings.

7. OWASP dependency checker.


Access, agenda, and notes are in the wiki:

https://github.com/openbmc/openbmc/wiki/Security-working-group

- Joseph