Security Working Group meeting - Wednesday Feb 5
Joseph Reynolds
jrey at linux.ibm.com
Thu Feb 6 03:06:11 AEDT 2020
This is a reminder of the OpenBMC Security Working Group meeting
scheduled for this Wednesday Feb 5 at 10:00am PDT.
We'll discuss current development items, and anything else that comes
up. The current topics:
1. Moving forward with security assurance work at the OpenBMC project
level. ("How do we know what is most important to work on?") Review
steps forward.
2. BMCWeb intermediate site identity certificates.
3. BMCWeb account management privilege changes (following the latest
Redfish spec) allow account enumeration.
4. BMCWeb address CWE-307 (unlimited password guessing) via
rate-limiting authentication attempts.
5. Discuss progress in setting up an alternate meeting time.
Access, agenda, and notes are in the wiki:
https://github.com/openbmc/openbmc/wiki/Security-working-group
- Josep
More information about the openbmc
mailing list