Andrea Pappacoda
1e6e85aebb
protecting-code-integrity: fix typo in subtitle
...
cerification -> certification
Signed-off-by: Andrea Pappacoda <andrea@pappacoda.it>
2022-07-26 19:32:41 +02:00
Konstantin Ryabitsev
bc0503d8bf
Update the code integrity guide for 2021
...
- Remove traces of gnupg-1.4, as everything is finally gnupg-2.x
- Switch to using ECC cryptography for the subkeys
- Stop calling the certification subkey the "master key" as it's a
bad analogy and that terminology isn't used anywhere in GnuPG docs
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-05-13 12:41:52 -04:00
salah3x
f879c68248
Add a table of contents to each guide
...
Signed-off-by: salah3x <salah.loukili@gmail.com>
2021-05-13 10:33:07 -04:00
Alexey Kopytko
4ca8b99e0b
Update protecting-code-integrity.md
...
Reset code is not for resetting the card to defaults. It is used to unblock the card after to many attempts to enter a user PIN code without an admin PIN.
From the developer:
http://www.fsij.org/doc-gnuk/gnuk-passphrase-setting.html#set-up-of-reset-code-optional
2021-05-13 10:32:37 -04:00
Konstantin Ryabitsev
6ff6fdad73
Use -o instead of stdout redirect with paperkey
...
Using -o makes sure that the file is created with 0600 permissions
instead of whatever the default umask setting is.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2021-05-13 10:32:33 -04:00
Konstantin Ryabitsev
2158dc39b2
Rework free software/audience paragraph
...
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2018-01-25 16:50:44 -05:00
Konstantin Ryabitsev
6747fadc24
Finish up the kernel developer PGP guide
...
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2018-01-25 11:54:52 -05:00
Konstantin Ryabitsev
9ebcdf3b75
Minor tweaks and take out of BETA
...
Protecting code integrity is ready to go production.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2018-01-23 10:50:52 -05:00
Konstantin Ryabitsev
1d3b58d17a
Tweak some wording
...
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2018-01-18 16:41:38 -05:00
Konstantin Ryabitsev
7c7477f20c
What is git PGP integration trying to solve?
...
Per question in #28 , explain why git and pgp integration are useful.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2018-01-18 16:32:31 -05:00
Konstantin Ryabitsev
126e4f0b5d
Add a note that cp on sockets will fail, but is ok
...
Per issue #25 .
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2017-12-18 08:32:17 -05:00
Konstantin Ryabitsev
8a9d547d3e
Explain why master key is 4096 bits
...
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2017-12-18 08:28:38 -05:00
Hideki Yamane
f302bf3478
Add GPG4Win installation for Windows Platform
2017-12-17 13:22:56 +09:00
Frank Theile
1c36837f07
Use --homedir
consistently
2017-12-15 18:16:41 +01:00
Konstantin Ryabitsev
304cd46a38
Merge pull request #23 from ftheile/patch-2
...
Master key backup: use consistent mount point in all examples
2017-12-15 09:20:28 -05:00
Frank Theile
3162817e7c
Master key backup: use consistent mount point in all examples
2017-12-15 08:53:25 +01:00
Frank Theile
6c208d9583
Always use ~
instead of $HOME
for consistency
2017-12-15 08:15:11 +01:00
Konstantin Ryabitsev
790759787e
Typo and wording fixes
...
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2017-12-14 15:08:16 -05:00
Konstantin Ryabitsev
1501d8869d
Set status CURRENT/BETA/OUTDATED
...
Need to mark that the protecting-code-integrity document is not quite
ready to be called final product.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2017-12-13 16:44:35 -05:00
Konstantin Ryabitsev
eafaf6ccc1
Tweak verbiage
...
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2017-12-13 16:37:41 -05:00
Konstantin Ryabitsev
3148a35dda
Add U2F section and tweak wks-security doc
...
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2017-12-13 16:16:44 -05:00
Konstantin Ryabitsev
34233e9d81
Move to protecting-coide-integrity
...
Largely finishes the document -- will work on updated content in
"trusted team communication" and by reviewing the workstation security
guide.
We need at least a basic workstation security guide for the Mac systems.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2017-12-12 16:54:03 -05:00