Gentoo Logo
Gentoo Spaceship

Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-dev
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
To: gentoo-dev@g.o
From: "Robin H. Johnson" <robbat2@g.o>
Subject: Tree-signing GLEPS review notes
Date: Sun, 31 Jan 2010 10:11:52 +0000
The GLEP numbering represents the order in which I wrote the GLEPs.  It
originally started off as just two very large GLEPs. The informational
GLEP and the changes GLEP. I split it out BECAUSE I realized that many
of the parts should stand on their own merits.

For anybody looking for a hand in reviewing these, I suggest tackling
them in the following order:

Phase 0, background:
GLEP57 - Security overview

Phase 1, isolated improvements to Manifest2:
GLEP59 - Manifest2 hashes
GLEP61 - Manifest2 compression

Phase 2, adding to Manifest2 infrastructure:
GLEP60 - Manifest2 filetypes

Phase 3, Infra->User security:
GLEP58 - MetaManifest

Phase 4, Dev->infra security:
I still need to write the following:
GLEPxx - Developer Process Security
GLEPxx - GnuPG Policies and Handling

Robin Hugh Johnson
Gentoo Linux: Developer, Trustee & Infrastructure Lead
E-Mail     : robbat2@g.o
GnuPG FP   : 11AC BA4F 4778 E3F6 E4ED  F38E B27B 944E 3488 4E85
pgpyYmpsYpgfz.pgp (PGP signature)
Tree-signing GLEPs update
-- Robin H. Johnson
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: GLEP61 - Manifest2 compression
Next by thread:
Automated Package Removal and Addition Tracker, for the week ending 2010-01-31 23h59 UTC
Previous by date:
GLEP61 - Manifest2 compression
Next by date:
Re: EAPI-3 times and dates

Updated Jun 29, 2012

Summary: Archive of the gentoo-dev mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.