Third JSST Meeting report 2020 (2020-03)

By Tobias Zulauf on 2020-07-04 08:07 in Security Strike Team

Time: Tuesday, 30th of June 2020, 5pm UTC - 6pm UTCAttendees: David Jardin, Claire Mandville, Tobias Zulauf

CMS Security Summit: The Update Framework (TUF)Kickoff-meeting for a cross-CMS signed-update initiative happened with Drupal and TYPO3 folks. Two code sprints (serverside- and clientside) for a PHP implementation of TUF are being scheduled.

Default password policy for the CMS (internal RFC)Internal feedback has been good so far; The suggestion for a new default password policy for 4.x is to be enforced in installer for super admin password and used as a default in com_users: min 12 characters, no complexity rules. An PR against 4.0 has been provided by the JSST in the public tracker.

- Redacted Topics -

 

Read more https://volunteers.joomla.org/teams/security-strike-team/reports/1276-third-jsst-meeting-report-2020-2020-03

Add comment
Be nice, No ovet advertising unless you agree to our rates. Posting indicates agreement and consent.