We will cover into that talk a new proposal to design and distribute open source firmware in the datacenter world by relying on secure boot from a single component (the BMC) and extensive attestation from the remaining part of a server. The BMC will starts from a network boot and load all required firmware (from PCIe end points, to microcontroller) from a trusted source before starting target. This approach is currently implemented on HPE Gen11 servers which supports Open Source Firmware. Our goal is to enhance security by decoupling the firmware and hardware supply chain, and allowing easier update process.