From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NbWmz-0002WE-EF for garchives@archives.gentoo.org; Sun, 31 Jan 2010 10:12:21 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B4567E0997; Sun, 31 Jan 2010 10:11:59 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 6BE07E0997 for ; Sun, 31 Jan 2010 10:11:59 +0000 (UTC) Received: from mail.isohunt.com (b01.ext.isohunt.com [208.71.112.51]) by smtp.gentoo.org (Postfix) with ESMTP id D35B867F06 for ; Sun, 31 Jan 2010 10:11:58 +0000 (UTC) Received: (qmail 17782 invoked from network); 31 Jan 2010 10:11:54 -0000 Received: from tsi-static.orbis-terrarum.net (HELO grubbs.orbis-terrarum.net) (76.10.188.108) by mail.isohunt.com (qpsmtpd/0.33-dev on beta01) with (CAMELLIA256-SHA encrypted) ESMTPS; Sun, 31 Jan 2010 10:11:54 +0000 Received: (qmail 9918 invoked by uid 10000); 31 Jan 2010 10:11:52 -0000 Date: Sun, 31 Jan 2010 10:11:52 +0000 From: "Robin H. Johnson" To: gentoo-dev@lists.gentoo.org Subject: [gentoo-dev] Tree-signing GLEPS review notes Message-ID: References: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Ublo+h3cBgJ33ahC" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) X-Archives-Salt: 6d846f6a-980f-4f2a-8dcd-ed6b88ac43dc X-Archives-Hash: 01b853feacc4417307cd97f2d671cce6 --Ublo+h3cBgJ33ahC Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable The GLEP numbering represents the order in which I wrote the GLEPs. It originally started off as just two very large GLEPs. The informational GLEP and the changes GLEP. I split it out BECAUSE I realized that many of the parts should stand on their own merits. For anybody looking for a hand in reviewing these, I suggest tackling them in the following order: Phase 0, background: -------------------- GLEP57 - Security overview Phase 1, isolated improvements to Manifest2: -------------------------------------------- GLEP59 - Manifest2 hashes GLEP61 - Manifest2 compression Phase 2, adding to Manifest2 infrastructure: -------------------------------------------- GLEP60 - Manifest2 filetypes Phase 3, Infra->User security: ------------------------------ GLEP58 - MetaManifest Phase 4, Dev->infra security: ----------------------------- I still need to write the following: GLEPxx - Developer Process Security GLEPxx - GnuPG Policies and Handling --=20 Robin Hugh Johnson Gentoo Linux: Developer, Trustee & Infrastructure Lead E-Mail : robbat2@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 --Ublo+h3cBgJ33ahC Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Robbat2 @ Orbis-Terrarum Networks - The text below is a digital signature. If it doesn't make any sense to you, ignore it. iEYEARECAAYFAktlV2gACgkQPpIsIjIzwizsYQCg55P52wfKBtkcmb0Lt5P0eXVU KiYAn0J3O5xaLxNHnOug6l9md4FZMXMN =bNaL -----END PGP SIGNATURE----- --Ublo+h3cBgJ33ahC--