Hello All, I have two topics (related). I rely on you, Don, and Shebu to decide if the Board of tomorrow or the TSC of Thursday is most appropriate meeting to discuss them:
-Process clarification to report security issue for MCUboot after the merge of the project in TF.org: https://github.com/mcu-tools/mcuboot/security vs https://developer.trustedfirmware.org/w/collaboration/security_center/report...
-How to manage certification constraints vs community vulnerability management ? -Today Certificates are Terminated in case of an trustedfirmware.org impacting issue (without any information for the customer to understand). Can members (if there are interested) team-up to see with labs how to improve this situation -Could we explore way to get "official" patches fixing a CVE recognized by labs so that applicating such patches avoid to get a certificates terminated ? Regards,
Eric
[Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: logo_big5] Eric FINCO | Tel: +33 (0)2 4402 7154 MDG | Technical Specialist
ST Restricted From: Dan Handley via TSC tsc@lists.trustedfirmware.org Sent: mardi 13 juin 2023 17:06 To: tsc@lists.trustedfirmware.org Cc: Olivier Deprez Olivier.Deprez@arm.com; Joanna Farley Joanna.Farley@arm.com Subject: [TF-TSC] TSC agenda 2023-06-15
Hi all
Please let me know if you have any urgent agenda topics for tomorrow. I have these so far:
* Completion of "Use of Rust at tf.org" discussion (Joanna, Dan) * Use of vector features in A-profile secure world, e.g. FP&SIMD, SVE, SME (Dan) * MCUBoot overview (David)
Regards
Dan.