Differences between revisions 1 and 13 (spanning 12 versions)
Revision 1 as of 2018-01-12 17:08:27
Size: 948
Editor: HectorOron
Comment: Initial template for secure boot sprint
Revision 13 as of 2018-01-15 17:36:27
Size: 2372
Comment:
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:
 * when: March 1st-4th, 2018  * when: ***MAYBE*** March 1st-4th, 2018 (tentative dates, not yet confirmed). Helen has started a [[https://doodle.com/poll/p2sbgmvnd65vaup8|Doodle poll]] to try and work out the best dates for people
Line 12: Line 12:
||#||'''Name''' ||'''E-Mail''' ||'''Nick'''||'''Arrival'''||'''Departure'''||'''Confirmed'''||'''(Long) PGP ID''' ||'''Thu'''||'''Fri'''||'''Sat'''||'''Sun'''||'''Notes''' ||
||01|| || || || || || || || || || || || || ||
||#||'''Name''' ||'''E-Mail''' ||'''Nick'''||'''Arrival'''||'''Departure'''||'''Confirmed'''||'''(Long) PGP ID''' ||'''Thu'''||'''Fri'''||'''Sat'''||'''Sun'''||'''Need travel sponsor?'''|| '''Need accomodation sponsor?'''||'''Need food sponsor?'''||'''Notes''' ||
||01|| Helen Koike || helen.koike@collabora.com || koike || || || || || || || || || || || || || || ||
||02|| Chris Lamb || lamby@debian.org || lamby || || || If need be || || || || || || || || || || || ||
||03|| Luke Faraone || lfaraone@debian.org || lfaraone || || || || || || || || || ✓ || || || || || ||
||05|| SteveMcIntyre|| 93sam@debian.org || Sledge || || || || || || || || || || || || || || ||
||04|| || || || || || || || || || || || || || || || || ||
Line 17: Line 22:
 * TBD  * Secure Boot goal
 * Current state
 * Signing infrastructure proposals
 * Integration with Dak and potential issues
 * Integration with Buildd, concerns with the NEW queue and other potential issues
 * Potential issues with embargoes packages / security uploads
 * Potential issues with binNMU uploads
 * Signing duration time concerns, resource management
 * Reproducible builds
 * Revocation process
 * Manual process vs automated (security concerns)
 * Signing box, extending beyond secure boot (should everything be signed in the ideal future?)
 * Packages to be signed (grub, kernel, fwupdate)
 * Architectures (amd64, i386, arm64, ...?)
 * Credentials, who can upload files to be signed, update shim, access the signing key?

Secure Boot 2018 Sprint

Date, Location

  • when: ***MAYBE*** March 1st-4th, 2018 (tentative dates, not yet confirmed). Helen has started a Doodle poll to try and work out the best dates for people

  • where: Linux Hotel, Essen

Participants

Please fill in the table below with your details.

#

Name

E-Mail

Nick

Arrival

Departure

Confirmed

(Long) PGP ID

Thu

Fri

Sat

Sun

Need travel sponsor?

Need accomodation sponsor?

Need food sponsor?

Notes

01

Helen Koike

helen.koike@collabora.com

koike

02

Chris Lamb

lamby@debian.org

lamby

If need be

03

Luke Faraone

lfaraone@debian.org

lfaraone

05

SteveMcIntyre

93sam@debian.org

Sledge

04

Agenda

  • Secure Boot goal
  • Current state
  • Signing infrastructure proposals
  • Integration with Dak and potential issues
  • Integration with Buildd, concerns with the NEW queue and other potential issues
  • Potential issues with embargoes packages / security uploads
  • Potential issues with binNMU uploads
  • Signing duration time concerns, resource management
  • Reproducible builds
  • Revocation process
  • Manual process vs automated (security concerns)
  • Signing box, extending beyond secure boot (should everything be signed in the ideal future?)
  • Packages to be signed (grub, kernel, fwupdate)
  • Architectures (amd64, i386, arm64, ...?)
  • Credentials, who can upload files to be signed, update shim, access the signing key?

Reports

  • sprint: Secure Boot Sprint

  • announcement: Secure Boot Sprint Mar 2018 Announcement
  • report: Secure Boot Sprint 2018-03 Report

Acknowledgements

the sprint has been possible thanks to:

Hosting alternatives

  • Linux Hotel

Food alternatives

  • Linux Hotel


CategorySprint