From: Kristian Fiskerstrand <k_f@gentoo.org>
To: gentoo-project@lists.gentoo.org
Subject: [gentoo-project] Gentoo Council manifest for Kristian Fiskerstrand (K_F)
Date: Tue, 30 Jun 2015 09:54:52 +0200 [thread overview]
Message-ID: <55924B4C.5020902@gentoo.org> (raw)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Dear all,
The following is my manifest for the Gentoo council election:
I live in Oslo, Norway where I'm working in Finance. I have a wide
variety of hobbies, most notably a number related to computers, in
particular a strong interest in computer security; most focused on
OpenPGP, in which I run the sks-keyservers.net pool of keyservers, and
am one of the upstream developers of the synchronizing keyserver (SKS).
Although having been a Gentoo user for more than a decade, I didn't take
the step to become a gentoo developer until 2014, when I realized it was
easier than doing everything through proxy maintainers and decided to
dedicate even more of my time to the project.
For Gentoo I'm focusing on improving security; both when it comes to
our distributed packages (through participating in the Security team)
and overall infrastructure and method of distribution (helping out gkeys
with OpenPGP matters). Given my focus I naturally also contribute to the
crypto team for the related packages (gnupg, libgcrypt &c)[1]
As I'm running a decent number of Gentoo instances (spanning across both
desktop and server environments) I also like to see upgrade paths and
the overall user experience for the stable tree being in a good state,
including large scale rollouts on servers, i.e. if possible sane
defaults should be selected by the package maintainers[2] and the need
for sporadic manual interaction should be reduced to a minimum.
In terms of philosophy I prefer the modular approach of the UNIX
philosophy, in particular since this makes auditing the behavior of the
components more straight-forward.
Please don't hesitate to ask any question or opinions.
Best regards,
Kristian (K_F)
Current projects and herds:
Gentoo Linux Security Audit Project (Member)
Gentoo Keys (Member)
Gentoo Public Relations Project (GMN)
Gentoo Security Project (GLSA Coordinator)
Notes:
[1] short term I would very much like to see libgcrypt 1.6 going stable
to ensure that we don't end up with (EC)DSA leakage of private keys
through an improperly seeded entropy for the k variable (solved through
deterministic k as described in RFC6979) as well as a few side-channel
attacks being a thing of the past.
[2] security > optional features in making such decisions
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJVkktHAAoJECULev7WN52FSo8H/37L0VQJxK3POcURnQ4vObd3
lQuIIaviR8jez6LoRbu+Au7QLvQaiquASV2S9n0SU1AxFzss6UdgFIn4N9so+Rwb
N7LNQ4Kka/T0+0MthUPEpZ7peGksVS0kLY0ZnmROOHkNgNfMSOBy2GS0qbCFWOLn
BQlTZgtoeB0V89+s2DGSMpGVTE3gNIJU3pnyOeu5dQIYt6XwwkUTClfhtXKMSPRq
0LstrpE+gKAeLDvdfKCK3rRvB04rUKw/Q5YCpOrks7cG7Kjm6JKiZwGwdjiZVUqn
g4bQZGdL9uJGg+Pz4oKaIRdRQc+dcb1AXh8ZvDyDdahpVbDnY+0GqGh2NZpVm/4=
=Z2C9
-----END PGP SIGNATURE-----
reply other threads:[~2015-06-30 7:55 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55924B4C.5020902@gentoo.org \
--to=k_f@gentoo.org \
--cc=gentoo-project@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox