Security Working Group - Wednesday January 20

Joseph Reynolds jrey at linux.ibm.com
Wed Jan 20 04:56:53 AEDT 2021


This is a reminder of the OpenBMC Security Working Group meeting 
scheduled for this Wednesday January 20 at 10:00am PDT.

We'll discuss the following items on the agenda 
<https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI/edit>, 
and anything else that comes up:

 1.

    (email) Call for OpenBMC 2.9.0 release.

 2.

    Yocto email: Dropped openssl support for deprecated algorithms,
    including TLS 1.0 and TLS 1.1.  I (Joseph) believe we already have
    dropped TLS below TLSv1.2, but let’s take a look to see if we want
    any changes in this area.

 3.

    (gerrit review): Does anyone have a use case to allow customers to
    disable HTTPS?
    https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/39006
    <https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/39006>

 4.

    (gerrit review): Linux-PAM dropped support for pam_cracklib and
    pam_tally2.  These are being removed from OpenBMC usage because they
    are no longer available from yocto, but the function is not yet
    replaced.  See https://github.com/openbmc/openbmc/issues/3750
    <https://github.com/openbmc/openbmc/issues/3750>.


Access, agenda and notes are in the wiki:
https://github.com/openbmc/openbmc/wiki/Security-working-group 
<https://github.com/openbmc/openbmc/wiki/Security-working-group>


More information about the openbmc mailing list