| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA512 |
| 3 |
|
| 4 |
Dear all, |
| 5 |
|
| 6 |
The following is my manifest for the Gentoo council election: |
| 7 |
|
| 8 |
I live in Oslo, Norway where I'm working in Finance. I have a wide |
| 9 |
variety of hobbies, most notably a number related to computers, in |
| 10 |
particular a strong interest in computer security; most focused on |
| 11 |
OpenPGP, in which I run the sks-keyservers.net pool of keyservers, and |
| 12 |
am one of the upstream developers of the synchronizing keyserver (SKS). |
| 13 |
|
| 14 |
Although having been a Gentoo user for more than a decade, I didn't take |
| 15 |
the step to become a gentoo developer until 2014, when I realized it was |
| 16 |
easier than doing everything through proxy maintainers and decided to |
| 17 |
dedicate even more of my time to the project. |
| 18 |
|
| 19 |
For Gentoo I'm focusing on improving security; both when it comes to |
| 20 |
our distributed packages (through participating in the Security team) |
| 21 |
and overall infrastructure and method of distribution (helping out gkeys |
| 22 |
with OpenPGP matters). Given my focus I naturally also contribute to the |
| 23 |
crypto team for the related packages (gnupg, libgcrypt &c)[1] |
| 24 |
|
| 25 |
As I'm running a decent number of Gentoo instances (spanning across both |
| 26 |
desktop and server environments) I also like to see upgrade paths and |
| 27 |
the overall user experience for the stable tree being in a good state, |
| 28 |
including large scale rollouts on servers, i.e. if possible sane |
| 29 |
defaults should be selected by the package maintainers[2] and the need |
| 30 |
for sporadic manual interaction should be reduced to a minimum. |
| 31 |
|
| 32 |
In terms of philosophy I prefer the modular approach of the UNIX |
| 33 |
philosophy, in particular since this makes auditing the behavior of the |
| 34 |
components more straight-forward. |
| 35 |
|
| 36 |
Please don't hesitate to ask any question or opinions. |
| 37 |
|
| 38 |
Best regards, |
| 39 |
Kristian (K_F) |
| 40 |
|
| 41 |
Current projects and herds: |
| 42 |
Gentoo Linux Security Audit Project (Member) |
| 43 |
Gentoo Keys (Member) |
| 44 |
Gentoo Public Relations Project (GMN) |
| 45 |
Gentoo Security Project (GLSA Coordinator) |
| 46 |
|
| 47 |
Notes: |
| 48 |
[1] short term I would very much like to see libgcrypt 1.6 going stable |
| 49 |
to ensure that we don't end up with (EC)DSA leakage of private keys |
| 50 |
through an improperly seeded entropy for the k variable (solved through |
| 51 |
deterministic k as described in RFC6979) as well as a few side-channel |
| 52 |
attacks being a thing of the past. |
| 53 |
|
| 54 |
[2] security > optional features in making such decisions |
| 55 |
-----BEGIN PGP SIGNATURE----- |
| 56 |
|
| 57 |
iQEcBAEBCgAGBQJVkktHAAoJECULev7WN52FSo8H/37L0VQJxK3POcURnQ4vObd3 |
| 58 |
lQuIIaviR8jez6LoRbu+Au7QLvQaiquASV2S9n0SU1AxFzss6UdgFIn4N9so+Rwb |
| 59 |
N7LNQ4Kka/T0+0MthUPEpZ7peGksVS0kLY0ZnmROOHkNgNfMSOBy2GS0qbCFWOLn |
| 60 |
BQlTZgtoeB0V89+s2DGSMpGVTE3gNIJU3pnyOeu5dQIYt6XwwkUTClfhtXKMSPRq |
| 61 |
0LstrpE+gKAeLDvdfKCK3rRvB04rUKw/Q5YCpOrks7cG7Kjm6JKiZwGwdjiZVUqn |
| 62 |
g4bQZGdL9uJGg+Pz4oKaIRdRQc+dcb1AXh8ZvDyDdahpVbDnY+0GqGh2NZpVm/4= |
| 63 |
=Z2C9 |
| 64 |
-----END PGP SIGNATURE----- |
Archives