# 03 November 2021 - coreboot Leadership meeting minutes

Edited for clarity and formatting.

* Attendees: Christian Walter, David Hendricks, Felix Held, Felix Singer, Jason Glenesk, Jay Talbott, Martin Roth, Matt DeVillier, Patrick Georgi, Piotr Król, Ron Minnich, Sean Rhodes, Stefan Reinauer, Tim Crawford, Werner Zeh

## Ongoing Items

* New videoconferencing system?     The desire for a new way of having meeting is because the current Google Meet platform requires a Google Employee to allow access.   It would also be nice to use an open platform instead of a proprietary one, but we need something stable that we can all access.      * BigBlueButton was used for the last coreboot EFI working group meeting and worked relatively well for most people, though some still seemed to have issues.      * Matt - BBB did a poor job of filtering background noise.  Not as good from an audio perspective.      * Felix - same.  Audio is much better in meet.      * We probably do not want to use BBB at this time.    * Should we try Jitsi?  Limits:  100 ppl is free limit      * [https://meet.jit.si/%5D(https://meet.jit.si/)      * Does this work with firefox?  It used to have issues with some browsers.      * We'll test this for the next EFI working group meeting    * So far Google Meet seems to offer the best quality.      * Can we use the Public version of google Meet?      * 1 hour limit?      * Number of people?    * Can coreboot make an Google workspace account and host the meetings with Google Meet?      * Yes, it has a free tier for non-profits.  We'd need to work this out with SFC as they're the actual non-profit.

## Agenda:

### [martin] Trademark issues with starlabs. * StarLabs used the coreboot name in a way that creates confusion. * What would a reasonable release name be?   * Starboot   * Add "Star Labs" prefix before "coreboot" to make clear that it's a distro   * coreboot version 4.15-company-7 (recommended naming scheme when not doing their own distro like libreboot, pureboot, ...) * We should document acceptable use and naming of the coreboot trademark. * Should coreboot go back to quarterly releases?   * [Sean (Star Labs)] Yes, this would help.

### [Martin] 2022 coreboot (only) conference/hackathon/summit

It’s been several years since we had a coreboot summit, and the thought is that this would be mostly focused on hacking and discussing improvements to the project instead of having a significant number of talks.

* [Chris] Do we need another in person event? OSFF is willing to plan/take over costs   * [Martin]Yes, after looking at the agenda for the latest OSFC, it was felt that a coreboot-only conference might be useful. If OSFF wants to pay for it, that’d be great, but I don’t think that OSFF should replace coreboot.   * [Werner] Sounds like a good plan   * [David] Choose a place with fewer restrictions (needs to be predictable). * In April after OCP regional summit - OSFF Meetup with hackathon ~40 ppl   * [Ron] 4-day thing in Prague already planned for the week after OCP. April 21-24.  Do this in parallel with the OSFF meeting.   * Martin, Ron, and Chris will meet soon to discuss expanding this meeting. * [Chris] OSFC 2022 will be (hopefully) in south korea

### [Martin] Use of pseudonyms at coreboot.

We currently require the use of real names at coreboot for legal reasons.  This bothers some people.  Could we introduce a method to allow reasonable pseudonyms by having a verified name held privately to associate with the name used in gerrit?  I’d rather not have everyone switch and end up with code checked in as booty-mcbootface, but it seems reasonable to protect people’s privacy if desired.

* [Werner] Is there a trust for source code?  Basically a broker who submits the patches for people.   * This is suggesting “Code laundering”.     * Things like this are just being established now, but maybe shouldn't be allowed.     * The entity submitting code would be responsible for this (this is supported by the [Developer’s Certificate of Origin](https://coreboot.org/Development_Guidelines#Sign-off_Procedure), part (b) or (c)) * [Martin] Can we have a company audit the code?  Then it wouldn't matter as much if someone anonymously submitted code because troublesome code could be caught. * The coreboot server is in Germany, so the codebase is following their laws. * It might be best not to have a policy because then if there are issues, lawyers could actually come after us for the policy not being sufficient.   * What does Linux do?     * They have the linux foundation and with ~70% (estimate drawn from thin air) of big IT corporations being members, they play by different rules.   * What do other projects do?   * Let’s ask the SFC. * The important thing is to make sure that we’re making an effort to keep questionable content out.

### U&EFI - Usable & Effective Firmware Initiative.  Created to create standards that coreboot can use. This originated because of the rumor that linux will soon require EFI interfaces to boot, a few patches that tried to change core coreboot concepts into something different (e.g. [https://review.coreboot.org/c/coreboot/+/51770%5D(https://review.coreboot.or...)), and more pushes in a similar direction (such as the “universal” “scalable” firmware “standard” driven by Intel). This seems like it’s boxing coreboot into a corner.  Additionally there have been efforts to push EFI blocks further into coreboot. * [David] I think this has more to do with distros and OEMs expecting them for their manufacturing and testing purposes, for example [https://odm.ubuntu.com/docs/ubuntu-bios-uefi-requirements.pdf%5D(https://odm...) * Recently there have been a number of initiatives defining “industry standards” that affect coreboot, we’re then told that we need to support these “standards” * This will allow coreboot to define our own de-facto standards of similar legitimacy.  These will then allow coreboot to continue with what we’re doing. * UPF - [Usable-Payload-Format](https://github.com/Usable-Effective-Firmware-Initiative/Usable-PayLoad-Forma...): Recommendations for providing means to pass information on to the OS and payloads. * Join #uefi in libre.chat, also visit its home (for now) at GitHub: [https://github.com/Usable-Effective-Firmware-Initiative%5D(https://github.co...)

* Note that this name is tongue-in-cheek though the project itself isn't.