Ok perfect. I think the first point does not require a lot of discussion it should be fast.
The second (I hope
😊) is requiring more though from members so in a first step I just intend to share with other members some though we had internally to check if it is also a topic of interest (to not say concerns) for other members. If so, it will request further discussion and work.

 

Regards,

 

Eric

 

 

Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: logo_big5

Eric FINCO | Tel: +33 (0)2 4402 7154

MDG | Technical Specialist

 

 

 

ST Restricted

From: Shebu Varghese Kuriakose <Shebu.VargheseKuriakose@arm.com>
Sent: mercredi 14 juin 2023 11:48
To: Eric FINCO <eric.finco@st.com>; Dan Handley <Dan.Handley@arm.com>; tsc@lists.trustedfirmware.org; Don Harbin <don.harbin@linaro.org>; Matteo Carlini <Matteo.Carlini@arm.com>
Cc: nd <nd@arm.com>
Subject: RE: TSC agenda 2023-06-15 -> or Board 2023-06-14

 

Hi Eric,

 

Thanks for raising the topics.

 

The MCUboot topic can be covered in the MCUboot review at the TSC on Thursday.

 

As TSC agenda is almost full, okay to cover the 2nd topic in the board meeting today. We can discuss in future TSC as well if needed.

 

Regards,

Shebu

 

From: Eric FINCO <eric.finco@st.com>
Sent: Tuesday, June 13, 2023 9:14 PM
To: Dan Handley <Dan.Handley@arm.com>; tsc@lists.trustedfirmware.org; Don Harbin <don.harbin@linaro.org>; Shebu Varghese Kuriakose <Shebu.VargheseKuriakose@arm.com>; Matteo Carlini <Matteo.Carlini@arm.com>
Subject: RE: TSC agenda 2023-06-15 -> or Board 2023-06-14

 

Hello All,

I have two topics (related).

I rely on you, Don, and Shebu to decide if  the Board of tomorrow or the TSC of Thursday is most appropriate meeting to discuss them:

 

-Process clarification to report security issue for MCUboot after the merge of the project in TF.org:

https://github.com/mcu-tools/mcuboot/security

vs https://developer.trustedfirmware.org/w/collaboration/security_center/reporting/

 

-How to manage certification constraints vs community vulnerability management ?

-Today Certificates are Terminated in case of an trustedfirmware.org impacting issue (without any information for the customer to understand). Can members (if there are interested) team-up to see with labs how to improve this situation

-Could we explore way to get “official” patches fixing a CVE recognized by labs so that applicating such patches avoid to get a certificates terminated ?

Regards,

 

Eric

 

 

Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: logo_big5

Eric FINCO | Tel: +33 (0)2 4402 7154

MDG | Technical Specialist

 

 

 

ST Restricted

From: Dan Handley via TSC <tsc@lists.trustedfirmware.org>
Sent: mardi 13 juin 2023 17:06
To: tsc@lists.trustedfirmware.org
Cc: Olivier Deprez <Olivier.Deprez@arm.com>; Joanna Farley <Joanna.Farley@arm.com>
Subject: [TF-TSC] TSC agenda 2023-06-15

 

Hi all


Please let me know if you have any urgent agenda topics for tomorrow. I have these so far:

 

Regards


Dan.