948
Comment: Initial template for secure boot sprint
|
3550
|
Deletions are marked like this. | Additions are marked like this. |
Line 5: | Line 5: |
* when: March 1st-4th, 2018 * where: [[http://linuxhotel.de/|Linux Hotel]], Essen |
* when: April 5th-8th, 2018 (Final dates) * where: [[http://www.office-factory.net//|Office Factory]], Fulda |
Line 12: | Line 12: |
||#||'''Name''' ||'''E-Mail''' ||'''Nick'''||'''Arrival'''||'''Departure'''||'''Confirmed'''||'''(Long) PGP ID''' ||'''Thu'''||'''Fri'''||'''Sat'''||'''Sun'''||'''Notes''' || ||01|| || || || || || || || || || || || || || |
||# ||'''Name''' ||'''E-Mail''' ||'''Nick'''||'''Arrival'''||'''Departure'''||'''Confirmed'''||'''(Long) PGP ID''' ||'''Thu'''||'''Fri'''||'''Sat'''||'''Sun'''||'''Need travel sponsor?'''|| '''Need accomodation sponsor?'''||'''Need food sponsor?'''||'''Notes''' || ||01|| Helen Koike || helen.koike@collabora.com || koike || || || || || || || || || ✓ || ✓ || ✓ || || ||02|| Chris Lamb || lamby@debian.org || lamby || || || If need be || || || || || || || || || || || ||03|| Luke Faraone || lfaraone@debian.org || lfaraone || || || || || || || || || ✓ || || || || ||04|| SteveMcIntyre|| 93sam@debian.org || Sledge || || || || || || || || || || || || || ||05|| Philipp Hahn || pmhahn@debian.org || pmhahn || || || || || || || || || - || - || - || || ||06|| || || || || || || || || || || || || || || || |
Line 17: | Line 23: |
* TBD | * Secure Boot goal * Current state * Signing infrastructure proposals * Integration with Dak and potential issues * Integration with Buildd, concerns with the NEW queue and other potential issues * Potential issues with embargoes packages / security uploads * Potential issues with binNMU uploads * Signing duration time concerns, resource management * Reproducible builds * Revocation process * Manual process vs automated (security concerns) * Signing box, extending beyond secure boot (should everything be signed in the ideal future?) * Packages to be signed (grub, kernel, fwupdate) * Architectures (amd64, i386, arm64, ...?) * Credentials, who can upload files to be signed, update shim, access the signing key? |
Line 33: | Line 53: |
* Linux Hotel | * Linuxhotel (Essen) * Office Factory (Fulda) |
Line 37: | Line 58: |
* Linux Hotel | * Linuxhotel, Unperfecthaus * Office Factory |
Secure Boot 2018 Sprint
Date, Location
- when: April 5th-8th, 2018 (Final dates)
where: Office Factory, Fulda
Participants
Please fill in the table below with your details.
# |
Name |
Nick |
Arrival |
Departure |
Confirmed |
(Long) PGP ID |
Thu |
Fri |
Sat |
Sun |
Need travel sponsor? |
Need accomodation sponsor? |
Need food sponsor? |
Notes |
||
01 |
Helen Koike |
koike |
|
|
|
|
|
|
|
|
✓ |
✓ |
✓ |
|
||
02 |
Chris Lamb |
lamby |
|
|
If need be |
|
|
|
|
|
|
|
|
|
|
|
03 |
Luke Faraone |
lfaraone |
|
|
|
|
|
|
|
|
✓ |
|
|
|
||
04 |
Sledge |
|
|
|
|
|
|
|
|
|
|
|
|
|||
05 |
Philipp Hahn |
pmhahn |
|
|
|
|
|
|
|
|
- |
- |
- |
|
||
06 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Agenda
- Secure Boot goal
- Current state
- Signing infrastructure proposals
- Integration with Dak and potential issues
- Integration with Buildd, concerns with the NEW queue and other potential issues
- Potential issues with embargoes packages / security uploads
- Potential issues with binNMU uploads
- Signing duration time concerns, resource management
- Reproducible builds
- Revocation process
- Manual process vs automated (security concerns)
- Signing box, extending beyond secure boot (should everything be signed in the ideal future?)
- Packages to be signed (grub, kernel, fwupdate)
- Architectures (amd64, i386, arm64, ...?)
- Credentials, who can upload files to be signed, update shim, access the signing key?
Reports
sprint: Secure Boot Sprint
- announcement: Secure Boot Sprint Mar 2018 Announcement
- report: Secure Boot Sprint 2018-03 Report
Acknowledgements
the sprint has been possible thanks to:
donations to the Debian project
Hosting alternatives
- Linuxhotel (Essen)
- Office Factory (Fulda)
Food alternatives
- Linuxhotel, Unperfecthaus
- Office Factory