[gentoo-project] Call for agenda items - Council meeting 2019-05-12

[gentoo-project] Call for agenda items - Council meeting 2019-05-12

[Thomas Deutschmann]

[-- Attachment #1.1: Type: text/plain, Size: 570 bytes --]

In two weeks from now, the council will meet again. This is the time
to raise and prepare items that the council should put on the agenda
to discuss or vote on.

Please respond to this message with agenda items. Do not hesitate to
repeat your agenda item here with a pointer if you previously
suggested one (since the last meeting).

The agenda for the meeting will be sent out on Sunday 2019-05-05.

Please reply to the gentoo-project list.


-- 
Regards,
Thomas Deutschmann / Gentoo Linux Developer
C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 618 bytes --]

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[Rich Freeman]

On Sun, Apr 28, 2019 at 6:42 PM Thomas Deutschmann <whissi@gentoo.org> wrote:
>
> Please respond to this message with agenda items. Do not hesitate to
> repeat your agenda item here with a pointer if you previously
> suggested one (since the last meeting).
>

I would like the council to consider my patch to GLEP 63 to allow a
single combined primary/signing key when the key is stored on a
smartcard, so that keys may be generated on a Nitrokey without relying
on a primary key maintained offline in software, which I think will
not happen much in practice.  This should increase the security of
signing keys by reducing handling or even storage of primary keys on
internet-connected hosts (which the GLEP already allows for).

Patch and discussion at:
https://archives.gentoo.org/gentoo-dev/message/d05070a200e4f5858642d308d9b3e39f


-- 
Rich

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[Matthew Thode]

[-- Attachment #1: Type: text/plain, Size: 1195 bytes --]

On 19-04-28 21:46:24, Rich Freeman wrote:
> On Sun, Apr 28, 2019 at 6:42 PM Thomas Deutschmann <whissi@gentoo.org> wrote:
> >
> > Please respond to this message with agenda items. Do not hesitate to
> > repeat your agenda item here with a pointer if you previously
> > suggested one (since the last meeting).
> >
> 
> I would like the council to consider my patch to GLEP 63 to allow a
> single combined primary/signing key when the key is stored on a
> smartcard, so that keys may be generated on a Nitrokey without relying
> on a primary key maintained offline in software, which I think will
> not happen much in practice.  This should increase the security of
> signing keys by reducing handling or even storage of primary keys on
> internet-connected hosts (which the GLEP already allows for).
> 
> Patch and discussion at:
> https://archives.gentoo.org/gentoo-dev/message/d05070a200e4f5858642d308d9b3e39f

My main concern here is devs needing to re-establish their keys with
infra in a trusted maner when the key is lost/stolen or otherwise
defunct.  Re-establishing that trust may be outside the scope of this
request though.

-- 
Matthew Thode (prometheanfire)

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[Rich Freeman]

On Mon, Apr 29, 2019 at 11:10 AM Matthew Thode
<prometheanfire@gentoo.org> wrote:
>
> On 19-04-28 21:46:24, Rich Freeman wrote:
> > On Sun, Apr 28, 2019 at 6:42 PM Thomas Deutschmann <whissi@gentoo.org> wrote:
> > >
> > > Please respond to this message with agenda items. Do not hesitate to
> > > repeat your agenda item here with a pointer if you previously
> > > suggested one (since the last meeting).
> > >
> >
> > I would like the council to consider my patch to GLEP 63 to allow a
> > single combined primary/signing key when the key is stored on a
> > smartcard, so that keys may be generated on a Nitrokey without relying
> > on a primary key maintained offline in software, which I think will
> > not happen much in practice.  This should increase the security of
> > signing keys by reducing handling or even storage of primary keys on
> > internet-connected hosts (which the GLEP already allows for).
> >
> > Patch and discussion at:
> > https://archives.gentoo.org/gentoo-dev/message/d05070a200e4f5858642d308d9b3e39f
>
> My main concern here is devs needing to re-establish their keys with
> infra in a trusted maner when the key is lost/stolen or otherwise
> defunct.  Re-establishing that trust may be outside the scope of this
> request though.
>

Probably better to discuss in the other thread, but re-establishing
the key is just a matter of logging into dev.gentoo.org and changing
your fingerprint.  I just did it the other week to create a new key
for the nitrokey.  That issue exists with software keys as well,
though I will concede that it is possible to back up a software key,
and it is not possible to do this if it is generated on a smartcard.

The main downsides to having your primary key generated on a smartcard
and losing it are:
1. You do need to generate a new key and change the fingerprint on
dev.gentoo.org.  In practice the root of our security isn't actually
the gpg key but the ssh key, and ldap password.
2. You lose any WoT signatures from other devs or individuals on your
gpg key.  You will regain the signoff from infra when you change your
key in LDAP.
3. You lose the ability to decrypt any data that you are storing
encrypted to your lost key.  If you do use the key for encryption then
it would be better to either have a backup for this key, or to archive
this data unencrypted or encrypted with a key you can recover (the
latter isn't an equivalent problem, because you can encrypt that using
a key you never need to routinely use, and can also choose to encrypt
that data with multiple keys so that even if stored on hardware you
could have backups in practice).

I will also note, that the current GLEP already allows generating
primary keys on a smartcard, and thus already exposes us to the issue
of key loss without the possibility of backups.  It just requires two
different smartcards to accomplish, unless there is some way to hack
gpg to use an authentication key for the signing or primary role.  The
change is to allow a single combined primary/signing key when it is
generated on hardware, the existing policy says nothing about
maintaining backups of the primary key.

I would really suggest that the hardware-only key is most appropriate
when you're only signing commits, and not depending on a WoT.
However, in practice for most devs I think this is going to end up
being more secure than how they would otherwise end up managing their
keys (either not using hardware at all, or keeping their primary key
online, which basically defeats the point of having the hardware).

-- 
Rich

[gentoo-project] Re: [gentoo-dev-announce] Call for agenda items - Council meeting 2019-05-12

[Michał Górny]

On Mon, 2019-04-29 at 00:42 +0200, Thomas Deutschmann wrote:
> In two weeks from now, the council will meet again. This is the time
> to raise and prepare items that the council should put on the agenda
> to discuss or vote on.
> 
> Please respond to this message with agenda items. Do not hesitate to
> repeat your agenda item here with a pointer if you previously
> suggested one (since the last meeting).
> 
> The agenda for the meeting will be sent out on Sunday 2019-05-05.
> 
> Please reply to the gentoo-project list.
> 

I would like to request the Council to approve GLEP 48 update giving QA
the power to request short-term bans directly through Infra, rather than
going through ComRel [1].

[1]:https://archives.gentoo.org/gentoo-project/message/20aa5ce4fe2305d7569f68d9b77d4485

-- 
Best regards,
Michał Górny

Re: [gentoo-project] Re: [gentoo-dev-announce] Call for agenda items - Council meeting 2019-05-12

[Ulrich Mueller]

>>>>> On Mon, 29 Apr 2019, Michał Górny wrote:

> I would like to request the Council to approve GLEP 48 update giving QA
> the power to request short-term bans directly through Infra, rather than
> going through ComRel [1].

You say "short-term bans", but in [1] there is no limit for the length
of the ban.

Ulrich

> [1]:https://archives.gentoo.org/gentoo-project/message/20aa5ce4fe2305d7569f68d9b77d4485

Re: [gentoo-project] Re: [gentoo-dev-announce] Call for agenda items - Council meeting 2019-05-12

[Michał Górny]

On Mon, 2019-04-29 at 09:37 +0200, Ulrich Mueller wrote:
> > > > > > On Mon, 29 Apr 2019, Michał Górny wrote:
> > I would like to request the Council to approve GLEP 48 update giving QA
> > the power to request short-term bans directly through Infra, rather than
> > going through ComRel [1].
> 
> You say "short-term bans", but in [1] there is no limit for the length
> of the ban.
> 

Fixed in v3 [1].

[1]:https://archives.gentoo.org/gentoo-project/message/a9d6dc3cf28345a2e96c2cfd164226f2

-- 
Best regards,
Michał Górny

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[Matthias Maier]

[-- Attachment #1: Type: text/plain, Size: 929 bytes --]


On Sun, Apr 28, 2019, at 17:42 CDT, Thomas Deutschmann <whissi@gentoo.org> wrote:

> In two weeks from now, the council will meet again. This is the time
> to raise and prepare items that the council should put on the agenda
> to discuss or vote on.
>
> Please respond to this message with agenda items. Do not hesitate to
> repeat your agenda item here with a pointer if you previously
> suggested one (since the last meeting).
>
> The agenda for the meeting will be sent out on Sunday 2019-05-05.
>
> Please reply to the gentoo-project list.

I request that the council takes action and writes an e-mail to register
the /EFI/Gentoo namespace as outlined here:

  https://uefi.org/registry

Rationale: We recommend to use /EFI/Gentoo at least for the grub
installation [1]. Furthermore, a sizable number of Linux distributions
as well as FreeBSD have already registered.

Best,
Matthias

[1] https://wiki.gentoo.org/wiki/GRUB2

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 850 bytes --]

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[Alec Warner]

[-- Attachment #1: Type: text/plain, Size: 1104 bytes --]

On Mon, Apr 29, 2019 at 1:17 PM Matthias Maier <tamiko@gentoo.org> wrote:

>
> On Sun, Apr 28, 2019, at 17:42 CDT, Thomas Deutschmann <whissi@gentoo.org>
> wrote:
>
> > In two weeks from now, the council will meet again. This is the time
> > to raise and prepare items that the council should put on the agenda
> > to discuss or vote on.
> >
> > Please respond to this message with agenda items. Do not hesitate to
> > repeat your agenda item here with a pointer if you previously
> > suggested one (since the last meeting).
> >
> > The agenda for the meeting will be sent out on Sunday 2019-05-05.
> >
> > Please reply to the gentoo-project list.
>
> I request that the council takes action and writes an e-mail to register
> the /EFI/Gentoo namespace as outlined here:
>
>   https://uefi.org/registry
>
> Rationale: We recommend to use /EFI/Gentoo at least for the grub
> installation [1]. Furthermore, a sizable number of Linux distributions
> as well as FreeBSD have already registered.
>

I just emailed them to register it ;)

-A


>
> Best,
> Matthias
>
> [1] https://wiki.gentoo.org/wiki/GRUB2
>

[-- Attachment #2: Type: text/html, Size: 1936 bytes --]

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[Matthias Maier]

On Mon, Apr 29, 2019, at 12:28 CDT, Alec Warner <antarus@gentoo.org> wrote:

> I just emailed them to register it ;)

*yay*

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 575 bytes --]

>>>>> On Mon, 29 Apr 2019, Matthias Maier wrote:

> I request that the council takes action and writes an e-mail to
> register the /EFI/Gentoo namespace as outlined here:

>   https://uefi.org/registry

> Rationale: We recommend to use /EFI/Gentoo at least for the grub
> installation [1]. Furthermore, a sizable number of Linux distributions
> as well as FreeBSD have already registered.

> [1] https://wiki.gentoo.org/wiki/GRUB2

Shouldn't that be /EFI/gentoo with lowercase "g"? At least that's what
the wiki page says (and file names in vfat are case sensitive).

Ulrich

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[Michał Górny]

On Mon, 2019-04-29 at 00:42 +0200, Thomas Deutschmann wrote:
> In two weeks from now, the council will meet again. This is the time
> to raise and prepare items that the council should put on the agenda
> to discuss or vote on.
> 
> Please respond to this message with agenda items. Do not hesitate to
> repeat your agenda item here with a pointer if you previously
> suggested one (since the last meeting).
> 

I would like to request the Council to vote on making 17.1 profiles
stable.  The profiles were present for a 1.5 yr now, and are in dev for
half a year.  The most important obstacles on the course to migration
have been removed, the remaining bugs being either 'cleanup to be done
once we switch' or dead packages.

If large number of stable profiles is the problem, I'd suggest marking
17.0 dev simultaneously.  This shouldn't cause any major problems since
breakage relating to one category of profiles and not the other is
rather unlikely, and responsible devs use 'repoman full -d' anyway.

-- 
Best regards,
Michał Górny

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[William Hubbs]

[-- Attachment #1: Type: text/plain, Size: 1518 bytes --]

On Sun, May 05, 2019 at 08:51:10AM +0200, Michał Górny wrote:
> On Mon, 2019-04-29 at 00:42 +0200, Thomas Deutschmann wrote:
> > In two weeks from now, the council will meet again. This is the time
> > to raise and prepare items that the council should put on the agenda
> > to discuss or vote on.
> > 
> > Please respond to this message with agenda items. Do not hesitate to
> > repeat your agenda item here with a pointer if you previously
> > suggested one (since the last meeting).
> > 
> 
> I would like to request the Council to vote on making 17.1 profiles
> stable.  The profiles were present for a 1.5 yr now, and are in dev for
> half a year.  The most important obstacles on the course to migration
> have been removed, the remaining bugs being either 'cleanup to be done
> once we switch' or dead packages.
> 
> If large number of stable profiles is the problem, I'd suggest marking
> 17.0 dev simultaneously.  This shouldn't cause any major problems since
> breakage relating to one category of profiles and not the other is
> rather unlikely, and responsible devs use 'repoman full -d' anyway.

I don't know what happened on the ppc* side, it looks like they do not
have 17.1 profiles any more. The only arch this will affect is amd64.

I would suggest starting work on deprecating the older profiles instead
of marking them dev.

I think it should be time for the 13.0 profiles to go, and maybe the
17.0 profiles for amd64 once the 17.1 profiles are stable.

William


[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 195 bytes --]

Re: [gentoo-project] Call for agenda items - Council meeting 2019-05-12

[William Hubbs]

[-- Attachment #1: Type: text/plain, Size: 1855 bytes --]

On Sun, May 05, 2019 at 01:21:37PM -0500, William Hubbs wrote:
> On Sun, May 05, 2019 at 08:51:10AM +0200, Michał Górny wrote:
> > On Mon, 2019-04-29 at 00:42 +0200, Thomas Deutschmann wrote:
> > > In two weeks from now, the council will meet again. This is the time
> > > to raise and prepare items that the council should put on the agenda
> > > to discuss or vote on.
> > > 
> > > Please respond to this message with agenda items. Do not hesitate to
> > > repeat your agenda item here with a pointer if you previously
> > > suggested one (since the last meeting).
> > > 
> > 
> > I would like to request the Council to vote on making 17.1 profiles
> > stable.  The profiles were present for a 1.5 yr now, and are in dev for
> > half a year.  The most important obstacles on the course to migration
> > have been removed, the remaining bugs being either 'cleanup to be done
> > once we switch' or dead packages.
> > 
> > If large number of stable profiles is the problem, I'd suggest marking
> > 17.0 dev simultaneously.  This shouldn't cause any major problems since
> > breakage relating to one category of profiles and not the other is
> > rather unlikely, and responsible devs use 'repoman full -d' anyway.
> 
> I don't know what happened on the ppc* side, it looks like they do not
> have 17.1 profiles any more. The only arch this will affect is amd64.
> 
> I would suggest starting work on deprecating the older profiles instead
> of marking them dev.
> 
> I think it should be time for the 13.0 profiles to go, and maybe the
> 17.0 profiles for amd64 once the 17.1 profiles are stable.

After looking at this a bit further, the 13.0 profiles should definitely
be going away [1].

And I still think we should deprecate the 17.0 profiles for amd64.

Thanks,

William

[1] https://bugs.gentoo.org/672960

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 195 bytes --]