public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-09-18 22:14:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Process: provide hardware-security list details

Browse source 
Fill in "..." stubs with proper links to the mailing lists's encryption
keys and service description URLs. Similarly, fix wording to specify
that multiple members of Linux Foundation's IT team have access to
internal kernel.org infrastructure, and that all of them have similar
confidentiality obligations as the IT team director.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Link: https://lore.kernel.org/r/20191209192611.GA1688548@chatter.i7.local
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This commit is contained in:
Konstantin Ryabitsev 2019-12-09 14:26:11 -05:00 committed by Jonathan Corbet
parent d693b2883c
commit ab229d6202
1 changed files with 12 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
Documentation/process/embargoed-hardware-issues.rst
View file

@ -36,7 +36,10 @@ issue according to our documented process.
The list is encrypted and email to the list can be sent by either PGP or The list is encrypted and email to the list can be sent by either PGP or
S/MIME encrypted and must be signed with the reporter's PGP key or S/MIME S/MIME encrypted and must be signed with the reporter's PGP key or S/MIME
certificate. The list's PGP key and S/MIME certificate are available from certificate. The list's PGP key and S/MIME certificate are available from
https://www.kernel.org/.... the following URLs:
- PGP: https://www.kernel.org/static/files/hardware-security.asc
- S/MIME: https://www.kernel.org/static/files/hardware-security.crt
While hardware security issues are often handled by the affected hardware While hardware security issues are often handled by the affected hardware
vendor, we welcome contact from researchers or individuals who have vendor, we welcome contact from researchers or individuals who have
@ -55,14 +58,14 @@ Operation of mailing-lists
^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^
The encrypted mailing-lists which are used in our process are hosted on The encrypted mailing-lists which are used in our process are hosted on
Linux Foundation's IT infrastructure. By providing this service Linux Linux Foundation's IT infrastructure. By providing this service, members
Foundation's director of IT Infrastructure security technically has the of Linux Foundation's IT operations personnel technically have the
ability to access the embargoed information, but is obliged to ability to access the embargoed information, but are obliged to
confidentiality by his employment contract. Linux Foundation's director of confidentiality by their employment contract. Linux Foundation IT
IT Infrastructure security is also responsible for the kernel.org personnel are also responsible for operating and managing the rest of
infrastructure. kernel.org infrastructure.
The Linux Foundation's current director of IT Infrastructure security is The Linux Foundation's current director of IT Project infrastructure is
Konstantin Ryabitsev. Konstantin Ryabitsev.
@ -274,7 +277,7 @@ software decrypts the email and re-encrypts it individually for each
subscriber with the subscriber's PGP key or S/MIME certificate. Details subscriber with the subscriber's PGP key or S/MIME certificate. Details
about the mailing-list software and the setup which is used to ensure the about the mailing-list software and the setup which is used to ensure the
security of the lists and protection of the data can be found here: security of the lists and protection of the data can be found here:
https://www.kernel.org/.... https://korg.wiki.kernel.org/userdoc/remail.
List keys List keys
^^^^^^^^^ ^^^^^^^^^