Re: [PATCH] Documentation/process: kernel maintainer PGP guide
From: Jani Nikula
Date: Wed Jan 31 2018 - 02:18:22 EST
On Tue, 30 Jan 2018, Konstantin Ryabitsev <konstantin@xxxxxxxxxxxxxxxxxxx> wrote:
> This guide is an adapted version of the more general "Protecting Code
> Integrity" guide written and maintained by The Linux Foundation IT for
> use with open-source projects. It provides the oft-lacking guidance on
> the following topics:
>
> - how to properly protect one's PGP keys to minimize the risks of them
> being stolen and used maliciously to impersonate a kernel developer
> - how to configure Git to properly use GnuPG
> - when and how to use PGP with Git
> - how to verify fellow Linux Kernel developer identities
>
> I believe this document should live with the rest of the documentation
> describing proper processes one should follow when participating in
> kernel development. Placing it in a wiki on some place like kernel.org
> would be insufficient for a number of reasons -- primarily, because only
> a relatively small subset of maintainers have accounts on kernel.org,
> but also because even those who do rarely remember that such wiki
> exists. Keeping it with the rest of in-kernel docs should hopefully give
> it more visibility, but also help keep it up-to-date as tools and
> processes evolve.
FWIW, agreed on having this with the kernel documentation.
I can't say I reviewed it, but glancing through I didn't spot any errors
either. Lots of good stuff.
Just one nit, I think it would be better to move the Maintainer: bit
from the end near the top as a reStructuredText field list. See 'git
grep :Author:' under Documentation for examples. Could even add a
MAINTAINERS entry to improve your chances of being Cc'd on changes.
BR,
Jani.
--
Jani Nikula, Intel Open Source Technology Center