From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <web-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 3D57EA04A5
	for <public@inbox.dpdk.org>; Wed, 17 Jun 2020 18:25:52 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id EC65A1252;
	Wed, 17 Jun 2020 18:25:51 +0200 (CEST)
Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com
 [209.85.128.67]) by dpdk.org (Postfix) with ESMTP id 094A01023
 for <web@dpdk.org>; Wed, 17 Jun 2020 18:25:51 +0200 (CEST)
Received: by mail-wm1-f67.google.com with SMTP id g10so2446258wmh.4
 for <web@dpdk.org>; Wed, 17 Jun 2020 09:25:50 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to
 :references:content-transfer-encoding:user-agent:mime-version;
 bh=m3MwALt7JVA3sMKUIgE4V/tfNwytBS2+zlsv2xls5A0=;
 b=WcvfkF61iux/DqLWC4FUWtL3OhtKuz0WktEHxjPkLY9vLF4A9QKx8WDCLYijUrqP87
 fn0ix7GmqDGPKjC4HKihSVkFJlbDxuNvNES9Pm9Fh7SLVF9lUB1RjPqXmlMuAxZaF5YC
 KEC/4ssB4jU434YZffq+XXpMpJ9Yvj5yznELTpHwgThS/anwVPfTLH2X+c31cM+E5wy7
 dWFHIifTi8vZCmRqIkSbq1q6ipfMHGw2hm4Boi2Wsviu2wYiTUilXam7WtdH3haOgpq5
 2YJJQenFwnxYQO5BF/MAZXEqDvwLP0WUiG+t8lXOed7EpnnHNq4ThHcPililCaKrs0vd
 IZcw==
X-Gm-Message-State: AOAM530FjAxGlN7zMcYra2ImchCloXh49Q+3M3vU1yacdx90GhpBKnnw
 5yx665R2KM37FQtMuuZSLq8=
X-Google-Smtp-Source: ABdhPJzQUC5ovxasPK4Zv+LVYySgLlC9CcCXUoEEqzmZvidbGntEKvL/KJuXpdLEG7HyQ5/CbuxQXA==
X-Received: by 2002:a1c:4302:: with SMTP id q2mr9396842wma.54.1592411150636;
 Wed, 17 Jun 2020 09:25:50 -0700 (PDT)
Received: from localhost ([88.98.246.218])
 by smtp.gmail.com with ESMTPSA id v19sm263447wml.26.2020.06.17.09.25.49
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 17 Jun 2020 09:25:49 -0700 (PDT)
Message-ID: <40e1679fa61043764dfa8fe4715282b1305e91e1.camel@debian.org>
From: Luca Boccassi <bluca@debian.org>
To: Ferruh Yigit <ferruh.yigit@intel.com>, Stephen Hemminger
 <stephen@networkplumber.org>
Cc: web@dpdk.org
Date: Wed, 17 Jun 2020 17:25:48 +0100
In-Reply-To: <86a9d2d2-156e-d6ea-4a00-ccbb7d71b3da@intel.com>
References: <20200520204136.29982-1-stephen@networkplumber.org>
 <9e609142-f3e0-328f-f6bf-c8d506d29b3c@intel.com>
 <20200522134615.1dae119b@hermes.lan>
 <86a9d2d2-156e-d6ea-4a00-ccbb7d71b3da@intel.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
User-Agent: Evolution 3.30.5-1.1 
MIME-Version: 1.0
Subject: Re: [dpdk-web] [PATCH] add my gpg key id
X-BeenThere: web@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK website maintenance <web.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/web>,
 <mailto:web-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/web/>
List-Post: <mailto:web@dpdk.org>
List-Help: <mailto:web-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/web>,
 <mailto:web-request@dpdk.org?subject=subscribe>
Errors-To: web-bounces@dpdk.org
Sender: "web" <web-bounces@dpdk.org>

On Wed, 2020-06-17 at 15:01 +0100, Ferruh Yigit wrote:
> On 5/22/2020 9:46 PM, Stephen Hemminger wrote:
> > On Fri, 22 May 2020 20:37:28 +0100
> > Ferruh Yigit <ferruh.yigit@intel.com> wrote:
> >=20
> > > On 5/20/2020 9:41 PM, Stephen Hemminger wrote:
> > > > Put my current GPG key id on the security web page.
> > > > Keep maintainers names in alphabetical order here.
> > > >=20
> > > > Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> > > > ---
> > > >  content/security/_index.md | 1 +
> > > >  1 file changed, 1 insertion(+)
> > > >=20
> > > > diff --git a/content/security/_index.md b/content/security/_index.m=
d
> > > > index 79349dbb66a6..264de573698f 100644
> > > > --- a/content/security/_index.md
> > > > +++ b/content/security/_index.md
> > > > @@ -19,4 +19,5 @@ The Security Team can be reached at [security@dpd=
k.org](ma
> ilto:security@dpdk.org
> > > >  For any security report, the message should be encrypted with the =
following
>  GPG keys:
> > > >  - `F933EB43DF13611F` - *Ferruh Yigit*
> > > > +- `80A77F6095CDE47E` - *Stephen Hemminger*
> > > >  - `683000CC50B9E390` - *Thomas Monjalon*
> > > >=20
> > >=20
> > > Hi Stephen,
> > >=20
> > > A theoretical question, how can we be sure you are you? (Not a malici=
ous pers
> on
> > > sending an email from your email address and trying to add its key to=
 steal a
> ll
> > > DPDK security secrets J)
> >=20
> > I could send the patch via signed email, but git send-email doesn't do =
that by
>  default.
> > But that would not answer your question which is a web of trust issue.
> > My key is in the Linux kernel web of trust already, it is rather old
> >=20
>=20
> (re-sending, since mail list rejected signature file)
>=20
> For this patch
> Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
>=20
>=20
> But for the overall trust issue, should we also have a "web of trust" and=
 what
> needs to be done for it?

We can check by uploading to https://keys.openpgp.org/about which
checks that you own the email address before allowing the key to be
added

--=20
Kind regards,
Luca Boccassi