Differences between revisions 1 and 11 (spanning 10 versions)
Revision 1 as of 2018-01-12 17:08:27
Size: 948
Editor: HectorOron
Comment: Initial template for secure boot sprint
Revision 11 as of 2018-01-13 17:36:54
Size: 2103
Editor: LukeFaraone
Comment: add self
Deletions are marked like this. Additions are marked like this.
Line 12: Line 12:
||#||'''Name''' ||'''E-Mail''' ||'''Nick'''||'''Arrival'''||'''Departure'''||'''Confirmed'''||'''(Long) PGP ID''' ||'''Thu'''||'''Fri'''||'''Sat'''||'''Sun'''||'''Notes''' ||
||01|| || || || || || || || || || || || || ||
||#||'''Name''' ||'''E-Mail''' ||'''Nick'''||'''Arrival'''||'''Departure'''||'''Confirmed'''||'''(Long) PGP ID''' ||'''Thu'''||'''Fri'''||'''Sat'''||'''Sun'''||'''Need travel sponsor?'''|| '''Need accomodation sponsor?'''||'''Need food sponsor?'''||'''Notes''' ||
||01|| Helen Koike || helen.koike@collabora.com || koike || || || || || || || || || || || || || || ||
||02|| Chris Lamb || lamby@debian.org || lamby || || || If need be || || || || || || || || || || || ||
||03|| Luke Faraone || lfaraone@debian.org || lfaraone || || || || || || || || || ✓ || || || || || ||
||04|| || || || || || || || || || || || || || || || || ||
Line 17: Line 21:
 * TBD  * Secure Boot goal
 * Current state
 * Signing infrastructure proposals
 * Integration with Dak and potential issues
 * Integration with Buildd, concerns with the NEW queue and other potential issues
 * Potential issues with embargoes packages / security uploads
 * Potential issues with binNMU uploads
 * Signing duration time concerns, resource management
 * Reproducible builds
 * Revocation process
 * Manual process vs automated (security concerns)
 * Signing box, extending beyond secure boot (should everything be signed in the ideal future?)
 * Packages to be signed (grub, kernel, fwupdate)
 * Architectures (amd64, i386, arm64, ...?)
 * Credentials, who can upload files to be signed, update shim, access the signing key?

Secure Boot 2018 Sprint

Date, Location

Participants

Please fill in the table below with your details.

#

Name

E-Mail

Nick

Arrival

Departure

Confirmed

(Long) PGP ID

Thu

Fri

Sat

Sun

Need travel sponsor?

Need accomodation sponsor?

Need food sponsor?

Notes

01

Helen Koike

helen.koike@collabora.com

koike

02

Chris Lamb

lamby@debian.org

lamby

If need be

03

Luke Faraone

lfaraone@debian.org

lfaraone

04

Agenda

  • Secure Boot goal
  • Current state
  • Signing infrastructure proposals
  • Integration with Dak and potential issues
  • Integration with Buildd, concerns with the NEW queue and other potential issues
  • Potential issues with embargoes packages / security uploads
  • Potential issues with binNMU uploads
  • Signing duration time concerns, resource management
  • Reproducible builds
  • Revocation process
  • Manual process vs automated (security concerns)
  • Signing box, extending beyond secure boot (should everything be signed in the ideal future?)
  • Packages to be signed (grub, kernel, fwupdate)
  • Architectures (amd64, i386, arm64, ...?)
  • Credentials, who can upload files to be signed, update shim, access the signing key?

Reports

  • sprint: Secure Boot Sprint

  • announcement: Secure Boot Sprint Mar 2018 Announcement
  • report: Secure Boot Sprint 2018-03 Report

Acknowledgements

the sprint has been possible thanks to:

Hosting alternatives

  • Linux Hotel

Food alternatives

  • Linux Hotel


CategorySprint