Security Working Group meeting - Wednesday Feb 5

Joseph Reynolds jrey at
Thu Feb 6 03:06:11 AEDT 2020

This is a reminder of the OpenBMC Security Working Group meeting 
scheduled for this Wednesday Feb 5 at 10:00am PDT.

We'll discuss current development items, and anything else that comes 
up.  The current topics:

1. Moving forward with security assurance work at the OpenBMC project 
level.  ("How do we know what is most important to work on?")  Review 
steps forward.

2. BMCWeb intermediate site identity certificates.

3. BMCWeb account management privilege changes (following the latest 
Redfish spec) allow account enumeration.

4. BMCWeb address CWE-307 (unlimited password guessing) via 
rate-limiting authentication attempts.

5. Discuss progress in setting up an alternate meeting time.

Access, agenda, and notes are in the wiki:

- Josep

More information about the openbmc mailing list