1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA512 |
3 |
|
4 |
Dear all, |
5 |
|
6 |
The following is my manifest for the Gentoo council election: |
7 |
|
8 |
I live in Oslo, Norway where I'm working in Finance. I have a wide |
9 |
variety of hobbies, most notably a number related to computers, in |
10 |
particular a strong interest in computer security; most focused on |
11 |
OpenPGP, in which I run the sks-keyservers.net pool of keyservers, and |
12 |
am one of the upstream developers of the synchronizing keyserver (SKS). |
13 |
|
14 |
Although having been a Gentoo user for more than a decade, I didn't take |
15 |
the step to become a gentoo developer until 2014, when I realized it was |
16 |
easier than doing everything through proxy maintainers and decided to |
17 |
dedicate even more of my time to the project. |
18 |
|
19 |
For Gentoo I'm focusing on improving security; both when it comes to |
20 |
our distributed packages (through participating in the Security team) |
21 |
and overall infrastructure and method of distribution (helping out gkeys |
22 |
with OpenPGP matters). Given my focus I naturally also contribute to the |
23 |
crypto team for the related packages (gnupg, libgcrypt &c)[1] |
24 |
|
25 |
As I'm running a decent number of Gentoo instances (spanning across both |
26 |
desktop and server environments) I also like to see upgrade paths and |
27 |
the overall user experience for the stable tree being in a good state, |
28 |
including large scale rollouts on servers, i.e. if possible sane |
29 |
defaults should be selected by the package maintainers[2] and the need |
30 |
for sporadic manual interaction should be reduced to a minimum. |
31 |
|
32 |
In terms of philosophy I prefer the modular approach of the UNIX |
33 |
philosophy, in particular since this makes auditing the behavior of the |
34 |
components more straight-forward. |
35 |
|
36 |
Please don't hesitate to ask any question or opinions. |
37 |
|
38 |
Best regards, |
39 |
Kristian (K_F) |
40 |
|
41 |
Current projects and herds: |
42 |
Gentoo Linux Security Audit Project (Member) |
43 |
Gentoo Keys (Member) |
44 |
Gentoo Public Relations Project (GMN) |
45 |
Gentoo Security Project (GLSA Coordinator) |
46 |
|
47 |
Notes: |
48 |
[1] short term I would very much like to see libgcrypt 1.6 going stable |
49 |
to ensure that we don't end up with (EC)DSA leakage of private keys |
50 |
through an improperly seeded entropy for the k variable (solved through |
51 |
deterministic k as described in RFC6979) as well as a few side-channel |
52 |
attacks being a thing of the past. |
53 |
|
54 |
[2] security > optional features in making such decisions |
55 |
-----BEGIN PGP SIGNATURE----- |
56 |
|
57 |
iQEcBAEBCgAGBQJVkktHAAoJECULev7WN52FSo8H/37L0VQJxK3POcURnQ4vObd3 |
58 |
lQuIIaviR8jez6LoRbu+Au7QLvQaiquASV2S9n0SU1AxFzss6UdgFIn4N9so+Rwb |
59 |
N7LNQ4Kka/T0+0MthUPEpZ7peGksVS0kLY0ZnmROOHkNgNfMSOBy2GS0qbCFWOLn |
60 |
BQlTZgtoeB0V89+s2DGSMpGVTE3gNIJU3pnyOeu5dQIYt6XwwkUTClfhtXKMSPRq |
61 |
0LstrpE+gKAeLDvdfKCK3rRvB04rUKw/Q5YCpOrks7cG7Kjm6JKiZwGwdjiZVUqn |
62 |
g4bQZGdL9uJGg+Pz4oKaIRdRQc+dcb1AXh8ZvDyDdahpVbDnY+0GqGh2NZpVm/4= |
63 |
=Z2C9 |
64 |
-----END PGP SIGNATURE----- |