On 8/15/19 3:31 PM, Greg Kroah-Hartman wrote:
> On Thu, Aug 15, 2019 at 03:12:34PM -0700, Randy Dunlap wrote:
>> On 8/15/19 2:20 PM, Greg Kroah-Hartman wrote:
> +The hardware security team will provide a per incident specific encrypted
s/per incident specific/incident-specific/
>>> Fixed.
On Thu, Aug 15, 2019 at 03:12:34PM -0700, Randy Dunlap wrote:
> On 8/15/19 2:20 PM, Greg Kroah-Hartman wrote:
> >>> +The hardware security team will provide a per incident specific encrypted
> >> s/per incident specific/incident-specific/
> > Fixed. And changed /a/ to /an/
>
> eh? still should b
On 8/15/19 2:20 PM, Greg Kroah-Hartman wrote:
>>> +The hardware security team will provide a per incident specific encrypted
>> s/per incident specific/incident-specific/
> Fixed. And changed /a/ to /an/
eh? still should be /a per incident/
--
~Randy
On Thu, Jul 25, 2019 at 03:13:02PM -0600, Jonathan Corbet wrote:
> On Thu, 25 Jul 2019 15:01:13 +0200
> Greg Kroah-Hartman wrote:
>
> > From: Thomas Gleixner
> >
> > To address the requirements of embargoed hardware issues, like Meltdown,
> > Spectre, L1TF, etc. it is necessary to define and do
On Mon, Aug 05, 2019 at 05:12:44PM +0200, Greg Kroah-Hartman wrote:
> On Sun, Aug 04, 2019 at 02:17:00AM +0200, Jiri Kosina wrote:
> > On Thu, 25 Jul 2019, Greg Kroah-Hartman wrote:
> >
> > > To address the requirements of embargoed hardware issues, like Meltdown,
> > > Spectre, L1TF, etc. it is n
On Sun, Aug 04, 2019 at 02:17:00AM +0200, Jiri Kosina wrote:
> On Thu, 25 Jul 2019, Greg Kroah-Hartman wrote:
>
> > To address the requirements of embargoed hardware issues, like Meltdown,
> > Spectre, L1TF, etc. it is necessary to define and document a process for
> > handling embargoed hardware
On Mon, Aug 05, 2019 at 09:40:21AM -0500, Eric W. Biederman wrote:
>
> I skimmed this and a couple things jumped out at me.
>
> 1) PGP and S/MIME because of their use of long term keys do not provide
>forward secrecy. Which can makes it worth while to cryptographically
>factor a key or t
I skimmed this and a couple things jumped out at me.
1) PGP and S/MIME because of their use of long term keys do not provide
forward secrecy. Which can makes it worth while to cryptographically
factor a key or to obtain knowledge of a private key without the key
holders knowledge. As
On Sun, 4 Aug 2019, Jiri Kosina wrote:
> On Thu, 25 Jul 2019, Greg Kroah-Hartman wrote:
>
> > To address the requirements of embargoed hardware issues, like Meltdown,
> > Spectre, L1TF, etc. it is necessary to define and document a process for
> > handling embargoed hardware security issues.
>
>
but there is a much more up-to-date
version of that document (especially when it comes to vendor contacts),
which I sent around on Thu, 2 May 2019 20:23:48 +0200 (CEST) already.
Please find it below.
From: Jiri Kosina
Subject: [PATCH] Documentation/admin-guide: Embargoed hardware secur
On Fri, Aug 02, 2019 at 08:57:29AM +0200, Greg Kroah-Hartman wrote:
> On Fri, Aug 02, 2019 at 06:49:08AM +0200, Willy Tarreau wrote:
> > Hi Greg, Thomas,
> >
> > On Thu, Jul 25, 2019 at 03:01:13PM +0200, Greg Kroah-Hartman wrote:
> > > +The list is encrypted and email to the list can be sent by ei
On Fri, Aug 02, 2019 at 06:49:08AM +0200, Willy Tarreau wrote:
> Hi Greg, Thomas,
>
> On Thu, Jul 25, 2019 at 03:01:13PM +0200, Greg Kroah-Hartman wrote:
> > +The list is encrypted and email to the list can be sent by either PGP or
> > +S/MIME encrypted and must be signed with the reporter's PGP k
Hi Greg, Thomas,
On Thu, Jul 25, 2019 at 03:01:13PM +0200, Greg Kroah-Hartman wrote:
> +The list is encrypted and email to the list can be sent by either PGP or
> +S/MIME encrypted and must be signed with the reporter's PGP key or S/MIME
> +certificate. The list's PGP key and S/MIME certificate ar
On Thu, 25 Jul 2019, Jonathan Corbet wrote:
> > Note, this document has gone through numerous reviews by a number of
> > kernel developers, developers at some of the Linux distros, as well as
> > all of the lawyers from almost all open source-related companies. It's
> > been sitting on my local dr
On Thu, 25 Jul 2019 15:01:13 +0200
Greg Kroah-Hartman wrote:
> From: Thomas Gleixner
>
> To address the requirements of embargoed hardware issues, like Meltdown,
> Spectre, L1TF, etc. it is necessary to define and document a process for
> handling embargoed hardware security issues.
>
> Follow
From: Thomas Gleixner
To address the requirements of embargoed hardware issues, like Meltdown,
Spectre, L1TF, etc. it is necessary to define and document a process for
handling embargoed hardware security issues.
Following the discussion at the maintainer summit 2018 in Edinburgh
(https://lwn.ne
16 matches
Mail list logo
