DPDK website maintenance
 help / color / Atom feed
* [dpdk-web] [PATCH] add my gpg key id
@ 2020-05-20 20:41 Stephen Hemminger
  2020-05-22 19:37 ` Ferruh Yigit
  2020-08-05  9:57 ` Thomas Monjalon
  0 siblings, 2 replies; 5+ messages in thread
From: Stephen Hemminger @ 2020-05-20 20:41 UTC (permalink / raw)
  To: web; +Cc: Stephen Hemminger

Put my current GPG key id on the security web page.
Keep maintainers names in alphabetical order here.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 content/security/_index.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/content/security/_index.md b/content/security/_index.md
index 79349dbb66a6..264de573698f 100644
--- a/content/security/_index.md
+++ b/content/security/_index.md
@@ -19,4 +19,5 @@ The Security Team can be reached at [security@dpdk.org](mailto:security@dpdk.org
 For any security report, the message should be encrypted with the following GPG keys:
 
 - `F933EB43DF13611F` - *Ferruh Yigit*
+- `80A77F6095CDE47E` - *Stephen Hemminger*
 - `683000CC50B9E390` - *Thomas Monjalon*
-- 
2.26.2


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [dpdk-web] [PATCH] add my gpg key id
  2020-05-20 20:41 [dpdk-web] [PATCH] add my gpg key id Stephen Hemminger
@ 2020-05-22 19:37 ` Ferruh Yigit
       [not found]   ` <20200522134615.1dae119b@hermes.lan>
  2020-08-05  9:57 ` Thomas Monjalon
  1 sibling, 1 reply; 5+ messages in thread
From: Ferruh Yigit @ 2020-05-22 19:37 UTC (permalink / raw)
  To: Stephen Hemminger, web

On 5/20/2020 9:41 PM, Stephen Hemminger wrote:
> Put my current GPG key id on the security web page.
> Keep maintainers names in alphabetical order here.
> 
> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> ---
>  content/security/_index.md | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/content/security/_index.md b/content/security/_index.md
> index 79349dbb66a6..264de573698f 100644
> --- a/content/security/_index.md
> +++ b/content/security/_index.md
> @@ -19,4 +19,5 @@ The Security Team can be reached at [security@dpdk.org](mailto:security@dpdk.org
>  For any security report, the message should be encrypted with the following GPG keys:
>  
>  - `F933EB43DF13611F` - *Ferruh Yigit*
> +- `80A77F6095CDE47E` - *Stephen Hemminger*
>  - `683000CC50B9E390` - *Thomas Monjalon*
> 

Hi Stephen,

A theoretical question, how can we be sure you are you? (Not a malicious person
sending an email from your email address and trying to add its key to steal all
DPDK security secrets J)

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [dpdk-web] [PATCH] add my gpg key id
       [not found]   ` <20200522134615.1dae119b@hermes.lan>
@ 2020-06-17 14:01     ` Ferruh Yigit
  2020-06-17 16:25       ` Luca Boccassi
  0 siblings, 1 reply; 5+ messages in thread
From: Ferruh Yigit @ 2020-06-17 14:01 UTC (permalink / raw)
  To: Stephen Hemminger; +Cc: web

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


On 5/22/2020 9:46 PM, Stephen Hemminger wrote:
> On Fri, 22 May 2020 20:37:28 +0100
> Ferruh Yigit <ferruh.yigit@intel.com> wrote:
>
>> On 5/20/2020 9:41 PM, Stephen Hemminger wrote:
>>> Put my current GPG key id on the security web page.
>>> Keep maintainers names in alphabetical order here.
>>>
>>> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
>>> ---
>>>  content/security/_index.md | 1 +
>>>  1 file changed, 1 insertion(+)
>>>
>>> diff --git a/content/security/_index.md b/content/security/_index.md
>>> index 79349dbb66a6..264de573698f 100644
>>> --- a/content/security/_index.md
>>> +++ b/content/security/_index.md
>>> @@ -19,4 +19,5 @@ The Security Team can be reached at [security@dpdk.org](ma
ilto:security@dpdk.org
>>>  For any security report, the message should be encrypted with the following
 GPG keys:
>>>
>>>  - `F933EB43DF13611F` - *Ferruh Yigit*
>>> +- `80A77F6095CDE47E` - *Stephen Hemminger*
>>>  - `683000CC50B9E390` - *Thomas Monjalon*
>>>
>>
>> Hi Stephen,
>>
>> A theoretical question, how can we be sure you are you? (Not a malicious pers
on
>> sending an email from your email address and trying to add its key to steal a
ll
>> DPDK security secrets J)
>
> I could send the patch via signed email, but git send-email doesn't do that by
 default.
> But that would not answer your question which is a web of trust issue.
> My key is in the Linux kernel web of trust already, it is rather old
>

(re-sending, since mail list rejected signature file)

For this patch
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>


But for the overall trust issue, should we also have a "web of trust" and what
needs to be done for it?
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE0jZTh0IuwoTjmYHH+TPrQ98TYR8FAl7qIikACgkQ+TPrQ98T
YR++CBAAqPh9kK+v+DJwJR6jwrV8pmpv8qNUF1kOkkrp/hCsr0SF+E8IFupqNMCC
2ULrIKINQLizpTFd7S/iQN72jnobfSsCfLsYW//vN6YL9VTYPTFJQzm+44RDHn0l
TDVETGqBnKeI9Vuw12Sicuj+5mHscW2uKOmsv+hB16jB0FoZsaaXpfYJMDfCpjr1
O4h1b2zQ7SrqdHd40HsiDkxO6qhypdm9L8NjOBxiewOYDGNCrdzCMPn+jqW/rfrr
jh+EDEEVlEWFOQHbOoRVX8cuXk84dL/W3C6/UlttSVN8nDqqFOolT30Fhmj1DT6W
SamBYjmHyH+ujIxe2w2+8O0+HeDQGj9/XRfZbVmPQP9/UOQGuzjHfA+kTTCKyz47
kS8/g7a4cmfQ6sU69ib5Ht7BjfCDFyA09v/prgLCd4Y56Mlqi6zWBMmAjHC+eTlv
3bXY9paMvGYNjKZ1jsA/hJMQwRkB/s9q8FnUcWfl3dZwcGPdtey0ucflKixibTHn
VouLGErbdjK6Xz1Ab8lmZQUY2E5nc3tlKPVU3aNMQKDa7X5TkmgoOkO7jwSE5a2b
DRdL05ga9mcepqOz8bYzKitEh8md00MIzfjG4pTZLMELLn4mie9VYJWnDdXN7lB0
C9iPNUweoWnrFdZNBbOeM9iFaus+uShThYKunDpuy1XIZ5qCy9w=
=udDF
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [dpdk-web] [PATCH] add my gpg key id
  2020-06-17 14:01     ` Ferruh Yigit
@ 2020-06-17 16:25       ` Luca Boccassi
  0 siblings, 0 replies; 5+ messages in thread
From: Luca Boccassi @ 2020-06-17 16:25 UTC (permalink / raw)
  To: Ferruh Yigit, Stephen Hemminger; +Cc: web

On Wed, 2020-06-17 at 15:01 +0100, Ferruh Yigit wrote:
> On 5/22/2020 9:46 PM, Stephen Hemminger wrote:
> > On Fri, 22 May 2020 20:37:28 +0100
> > Ferruh Yigit <ferruh.yigit@intel.com> wrote:
> > 
> > > On 5/20/2020 9:41 PM, Stephen Hemminger wrote:
> > > > Put my current GPG key id on the security web page.
> > > > Keep maintainers names in alphabetical order here.
> > > > 
> > > > Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> > > > ---
> > > >  content/security/_index.md | 1 +
> > > >  1 file changed, 1 insertion(+)
> > > > 
> > > > diff --git a/content/security/_index.md b/content/security/_index.md
> > > > index 79349dbb66a6..264de573698f 100644
> > > > --- a/content/security/_index.md
> > > > +++ b/content/security/_index.md
> > > > @@ -19,4 +19,5 @@ The Security Team can be reached at [security@dpdk.org](ma
> ilto:security@dpdk.org
> > > >  For any security report, the message should be encrypted with the following
>  GPG keys:
> > > >  - `F933EB43DF13611F` - *Ferruh Yigit*
> > > > +- `80A77F6095CDE47E` - *Stephen Hemminger*
> > > >  - `683000CC50B9E390` - *Thomas Monjalon*
> > > > 
> > > 
> > > Hi Stephen,
> > > 
> > > A theoretical question, how can we be sure you are you? (Not a malicious pers
> on
> > > sending an email from your email address and trying to add its key to steal a
> ll
> > > DPDK security secrets J)
> > 
> > I could send the patch via signed email, but git send-email doesn't do that by
>  default.
> > But that would not answer your question which is a web of trust issue.
> > My key is in the Linux kernel web of trust already, it is rather old
> > 
> 
> (re-sending, since mail list rejected signature file)
> 
> For this patch
> Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
> 
> 
> But for the overall trust issue, should we also have a "web of trust" and what
> needs to be done for it?

We can check by uploading to https://keys.openpgp.org/about which
checks that you own the email address before allowing the key to be
added

-- 
Kind regards,
Luca Boccassi

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [dpdk-web] [PATCH] add my gpg key id
  2020-05-20 20:41 [dpdk-web] [PATCH] add my gpg key id Stephen Hemminger
  2020-05-22 19:37 ` Ferruh Yigit
@ 2020-08-05  9:57 ` Thomas Monjalon
  1 sibling, 0 replies; 5+ messages in thread
From: Thomas Monjalon @ 2020-08-05  9:57 UTC (permalink / raw)
  To: Stephen Hemminger; +Cc: web

20/05/2020 22:41, Stephen Hemminger:
> Put my current GPG key id on the security web page.
> Keep maintainers names in alphabetical order here.
> 
> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> ---
>  - `F933EB43DF13611F` - *Ferruh Yigit*
> +- `80A77F6095CDE47E` - *Stephen Hemminger*
>  - `683000CC50B9E390` - *Thomas Monjalon*

Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>

Applied



^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, back to index

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-20 20:41 [dpdk-web] [PATCH] add my gpg key id Stephen Hemminger
2020-05-22 19:37 ` Ferruh Yigit
     [not found]   ` <20200522134615.1dae119b@hermes.lan>
2020-06-17 14:01     ` Ferruh Yigit
2020-06-17 16:25       ` Luca Boccassi
2020-08-05  9:57 ` Thomas Monjalon

DPDK website maintenance

Archives are clonable:
	git clone --mirror http://inbox.dpdk.org/web/0 web/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 web web/ http://inbox.dpdk.org/web \
		web@dpdk.org
	public-inbox-index web


Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.web


AGPL code for this site: git clone https://public-inbox.org/ public-inbox