From: Luca Boccassi <bluca@debian.org>
To: Ferruh Yigit <ferruh.yigit@intel.com>,
Stephen Hemminger <stephen@networkplumber.org>
Cc: web@dpdk.org
Subject: Re: [dpdk-web] [PATCH] add my gpg key id
Date: Wed, 17 Jun 2020 17:25:48 +0100 [thread overview]
Message-ID: <40e1679fa61043764dfa8fe4715282b1305e91e1.camel@debian.org> (raw)
In-Reply-To: <86a9d2d2-156e-d6ea-4a00-ccbb7d71b3da@intel.com>
On Wed, 2020-06-17 at 15:01 +0100, Ferruh Yigit wrote:
> On 5/22/2020 9:46 PM, Stephen Hemminger wrote:
> > On Fri, 22 May 2020 20:37:28 +0100
> > Ferruh Yigit <ferruh.yigit@intel.com> wrote:
> >
> > > On 5/20/2020 9:41 PM, Stephen Hemminger wrote:
> > > > Put my current GPG key id on the security web page.
> > > > Keep maintainers names in alphabetical order here.
> > > >
> > > > Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> > > > ---
> > > > content/security/_index.md | 1 +
> > > > 1 file changed, 1 insertion(+)
> > > >
> > > > diff --git a/content/security/_index.md b/content/security/_index.md
> > > > index 79349dbb66a6..264de573698f 100644
> > > > --- a/content/security/_index.md
> > > > +++ b/content/security/_index.md
> > > > @@ -19,4 +19,5 @@ The Security Team can be reached at [security@dpdk.org](ma
> ilto:security@dpdk.org
> > > > For any security report, the message should be encrypted with the following
> GPG keys:
> > > > - `F933EB43DF13611F` - *Ferruh Yigit*
> > > > +- `80A77F6095CDE47E` - *Stephen Hemminger*
> > > > - `683000CC50B9E390` - *Thomas Monjalon*
> > > >
> > >
> > > Hi Stephen,
> > >
> > > A theoretical question, how can we be sure you are you? (Not a malicious pers
> on
> > > sending an email from your email address and trying to add its key to steal a
> ll
> > > DPDK security secrets J)
> >
> > I could send the patch via signed email, but git send-email doesn't do that by
> default.
> > But that would not answer your question which is a web of trust issue.
> > My key is in the Linux kernel web of trust already, it is rather old
> >
>
> (re-sending, since mail list rejected signature file)
>
> For this patch
> Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
>
>
> But for the overall trust issue, should we also have a "web of trust" and what
> needs to be done for it?
We can check by uploading to https://keys.openpgp.org/about which
checks that you own the email address before allowing the key to be
added
--
Kind regards,
Luca Boccassi
next prev parent reply other threads:[~2020-06-17 16:25 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-20 20:41 Stephen Hemminger
2020-05-22 19:37 ` Ferruh Yigit
[not found] ` <20200522134615.1dae119b@hermes.lan>
2020-06-17 14:01 ` Ferruh Yigit
2020-06-17 16:25 ` Luca Boccassi [this message]
2020-08-05 9:57 ` Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=40e1679fa61043764dfa8fe4715282b1305e91e1.camel@debian.org \
--to=bluca@debian.org \
--cc=ferruh.yigit@intel.com \
--cc=stephen@networkplumber.org \
--cc=web@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).