CodeMirror/itpol
1
0
Fork 0
mirror of synced 2024-04-28 01:22:52 +12:00
Code Issues Projects Releases Wiki Activity
91 commits 1 branch 0 tags 314 KiB
Commit graph

22 commits

Author SHA1 Message Date
Andrea Pappacoda 1e6e85aebb
protecting-code-integrity: fix typo in subtitle 
cerification -> certification

Signed-off-by: Andrea Pappacoda <andrea@pappacoda.it>
 2022-07-26 19:32:41 +02:00
Konstantin Ryabitsev bc0503d8bf
Update the code integrity guide for 2021 
- Remove traces of gnupg-1.4, as everything is finally gnupg-2.x
- Switch to using ECC cryptography for the subkeys
- Stop calling the certification subkey the "master key" as it's a
  bad analogy and that terminology isn't used anywhere in GnuPG docs

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2021-05-13 12:41:52 -04:00
salah3x f879c68248 Add a table of contents to each guide 
Signed-off-by: salah3x <salah.loukili@gmail.com>
 2021-05-13 10:33:07 -04:00
Alexey Kopytko 4ca8b99e0b Update protecting-code-integrity.md 
Reset code is not for resetting the card to defaults. It is used to unblock the card after to many attempts to enter a user PIN code without an admin PIN.

From the developer:

http://www.fsij.org/doc-gnuk/gnuk-passphrase-setting.html#set-up-of-reset-code-optional
 2021-05-13 10:32:37 -04:00
Konstantin Ryabitsev 6ff6fdad73 Use -o instead of stdout redirect with paperkey 
Using -o makes sure that the file is created with 0600 permissions
instead of whatever the default umask setting is.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2021-05-13 10:32:33 -04:00
Konstantin Ryabitsev 2158dc39b2
Rework free software/audience paragraph 
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2018-01-25 16:50:44 -05:00
Konstantin Ryabitsev 6747fadc24
Finish up the kernel developer PGP guide 
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2018-01-25 11:54:52 -05:00
Konstantin Ryabitsev 9ebcdf3b75
Minor tweaks and take out of BETA 
Protecting code integrity is ready to go production.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2018-01-23 10:50:52 -05:00
Konstantin Ryabitsev 1d3b58d17a
Tweak some wording 
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2018-01-18 16:41:38 -05:00
Konstantin Ryabitsev 7c7477f20c
What is git PGP integration trying to solve? 
Per question in #28, explain why git and pgp integration are useful.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2018-01-18 16:32:31 -05:00
Konstantin Ryabitsev 126e4f0b5d
Add a note that cp on sockets will fail, but is ok 
Per issue #25.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2017-12-18 08:32:17 -05:00
Konstantin Ryabitsev 8a9d547d3e
Explain why master key is 4096 bits 
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2017-12-18 08:28:38 -05:00
Hideki Yamane f302bf3478
Add GPG4Win installation for Windows Platform 2017-12-17 13:22:56 +09:00
Frank Theile 1c36837f07
Use --homedir consistently 2017-12-15 18:16:41 +01:00
Konstantin Ryabitsev 304cd46a38
Merge pull request #23 from ftheile/patch-2 
Master key backup: use consistent mount point in all examples
 2017-12-15 09:20:28 -05:00
Frank Theile 3162817e7c
Master key backup: use consistent mount point in all examples 2017-12-15 08:53:25 +01:00
Frank Theile 6c208d9583
Always use ~ instead of $HOME for consistency 2017-12-15 08:15:11 +01:00
Konstantin Ryabitsev 790759787e
Typo and wording fixes 
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2017-12-14 15:08:16 -05:00
Konstantin Ryabitsev 1501d8869d
Set status CURRENT/BETA/OUTDATED 
Need to mark that the protecting-code-integrity document is not quite
ready to be called final product.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2017-12-13 16:44:35 -05:00
Konstantin Ryabitsev eafaf6ccc1
Tweak verbiage 
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2017-12-13 16:37:41 -05:00
Konstantin Ryabitsev 3148a35dda
Add U2F section and tweak wks-security doc 
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2017-12-13 16:16:44 -05:00
Konstantin Ryabitsev 34233e9d81
Move to protecting-coide-integrity 
Largely finishes the document -- will work on updated content in
"trusted team communication" and by reviewing the workstation security
guide.

We need at least a basic workstation security guide for the Mac systems.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
 2017-12-12 16:54:03 -05:00
Renamed from developer-security-hygiene.md (Browse further)