[prev in list] [next in list] [prev in thread] [next in thread]
List: gentoo-dev
Subject: [gentoo-dev] Tree-signing GLEPS review notes
From: "Robin H. Johnson" <robbat2 () gentoo ! org>
Date: 2010-01-31 10:11:52
Message-ID: robbat2-20100131T100444-075623426Z () orbis-terrarum ! net
[Download RAW message or body]
The GLEP numbering represents the order in which I wrote the GLEPs. It
originally started off as just two very large GLEPs. The informational
GLEP and the changes GLEP. I split it out BECAUSE I realized that many
of the parts should stand on their own merits.
For anybody looking for a hand in reviewing these, I suggest tackling
them in the following order:
Phase 0, background:
--------------------
GLEP57 - Security overview
Phase 1, isolated improvements to Manifest2:
--------------------------------------------
GLEP59 - Manifest2 hashes
GLEP61 - Manifest2 compression
Phase 2, adding to Manifest2 infrastructure:
--------------------------------------------
GLEP60 - Manifest2 filetypes
Phase 3, Infra->User security:
------------------------------
GLEP58 - MetaManifest
Phase 4, Dev->infra security:
-----------------------------
I still need to write the following:
GLEPxx - Developer Process Security
GLEPxx - GnuPG Policies and Handling
--=20
Robin Hugh Johnson
Gentoo Linux: Developer, Trustee & Infrastructure Lead
E-Mail : robbat2@gentoo.org
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic