I wasn't able to find the security@ alias, otherwise would've emailed y'all there. I didn't hear back before publication but happy to make any corrections if needed. I'm also willing to include a statement from Coreboot if you want to send one over.

On Sun, Dec 8, 2019 at 1:40 PM David Hendricks <david.hendricks@gmail.com> wrote:

On Sun, Dec 8, 2019 at 12:00 AM Mike Banon <mikebdp2@gmail.com> wrote:
>
> Yes, feel free to send more advanced questions to this list, would be
> an interesting discussion!

Looks like the article has already gone out:
https://the-parallax.com/2019/12/06/bootloader-security-pacsec/

In any case, if there are undisclosed vulnerabilities or any other
urgent security issue that requires an immediate fix then please
notify security@coreboot.org (also mentioned on the coreboot.org
homepage).

For general inquiries then this mailing list is fine.

Seth Rosenblatt

Editor-in-Chief, The Parallax

Phone/Signal/WhatsApp: 415-730-3194

Follow me: Twitter | Facebook | Instagram | LinkedIn | Google+

Follow The Parallax: Twitter | Facebook | Instagram | LinkedIn | Google+