1789
Comment:
|
1892
|
Deletions are marked like this. | Additions are marked like this. |
Line 13: | Line 13: |
||01|| || || || || || || || || || || || || || || || || || | ||01|| Helen Koike || helen.koike@collabora.com || koike || || || || || || || || || || || || || || || ||02|| || || || || || || || || || || || || || || || || || |
Secure Boot 2018 Sprint
Date, Location
- when: March 1st-4th, 2018
where: Linux Hotel, Essen
Participants
Please fill in the table below with your details.
# |
Name |
Nick |
Arrival |
Departure |
Confirmed |
(Long) PGP ID |
Thu |
Fri |
Sat |
Sun |
Need travel sponsor? |
Need accomodation sponsor? |
Need food sponsor? |
Notes |
|||
01 |
Helen Koike |
koike |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
02 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Agenda
- Secure Boot goal
- Current state
- Signing infrastructure proposals
- Integration with Dak and potential issues
- Integration with Buildd, concerns with the NEW queue and other potential issues
- Potential issues with embargoes packages / security uploads
- Potential issues with binNMU uploads
- Signing duration time concerns, resource management
- Reproducible builds
- Revocation process
- Manual process vs automated (security concerns)
- Signing box, extending beyond secure boot (should everything be signed in the ideal future?)
- Packages to be signed (grub, kernel, fwupdate)
- Architectures (amd64, i386, arm64, ...?)
- Credentials, who can upload files to be signed, update shim, access the signing key?
Reports
sprint: Secure Boot Sprint
- announcement: Secure Boot Sprint Mar 2018 Announcement
- report: Secure Boot Sprint 2018-03 Report
Acknowledgements
the sprint has been possible thanks to:
donations to the Debian project
Hosting alternatives
- Linux Hotel
Food alternatives
- Linux Hotel