Security functionality to cryptographically sign the BMC Firmware and BIOS
For the X10 and X11 Generation Systems we have added the capability to cryptographically sign the software to better ensure the authenticity of the software download. Upon installation of new BIOS or BMC Firmware, the software signature is checked to ensure the contents of the software have not been modified. We are already shipping these features for some customers and for all new platforms moving forward these features are enabled.
Due to issues of backward compatibility, we are making the upgrade to these new features optional for existing systems. Once the functionality is enabled customers cannot go back to previous, unsigned versions of the software which is problematic for customers who have locked-down their systems to a specific firmware version.
Please contact firstname.lastname@example.org to determine if upgrading to these features for software signing and limited rollbacks on your existing systems is appropriate.