Gerrit review 28207 - Help define OpenBMC's security objectives
Joseph Reynolds
jrey at linux.ibm.com
Tue Jan 7 07:10:38 AEDT 2020
I meant to copy the OpenBMC email list.
On 1/6/20 11:59 AM, Joseph Reynolds wrote:
> OpenBMC TSC members and information security leads,
>
> A new OpenBMC document identifies information security programs which
> might be directed at OpenBMC. These are the highest-level programs
> such as national standards, industry best practices, and public-facing
> company-specific practices. The idea is to document OpenBMC's
> security objectives and provide references to appropriate actionable
> advice needed for development work. As the OpenBMC project reaches
> out for security standards to follow, and various agencies promote
> their requirements, we can document our efforts here. Details are in
> the document.
>
> The document is a first draft. I would be happy to add and remove
> material so it can be merged into the project. I think this should be
> merged before attempting to expand on any of the topics. This topic
> is on the agenda for this Wednesday's OpenBMC Security Working Group
> meeting.
>
> Please pass this on to your security leads to help define OpenBMC's
> security objectives.
>
> - Joseph
>
> The document is available in gerrit review 28207 here:
> https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/28207
>
> OpenBMC Security Working Group wiki is here:
> https://github.com/openbmc/openbmc/wiki/Security-working-group
More information about the openbmc
mailing list