lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 17 Sep 2021 09:00:09 -0400
From:   James Bottomley <James.Bottomley@...senPartnership.com>
To:     Konstantin Ryabitsev <konstantin@...uxfoundation.org>
Cc:     Chris Mason <clm@...com>, Theodore Ts'o <tytso@....edu>,
        Johannes Weiner <hannes@...xchg.org>,
        Kent Overstreet <kent.overstreet@...il.com>,
        Matthew Wilcox <willy@...radead.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        "linux-mm@...ck.org" <linux-mm@...ck.org>,
        linux-fsdevel <linux-fsdevel@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        "Darrick J. Wong" <djwong@...nel.org>,
        Christoph Hellwig <hch@...radead.org>,
        David Howells <dhowells@...hat.com>,
        "ksummit@...ts.linux.dev" <ksummit@...ts.linux.dev>
Subject: Re: [MAINTAINER SUMMIT] Folios as a potential Kernel/Maintainers
 Summit topic?

On Fri, 2021-09-17 at 08:36 -0400, Konstantin Ryabitsev wrote:
> On Fri, Sep 17, 2021 at 07:14:11AM -0400, James Bottomley wrote:
> > > I would caution that Google docs aren't universally accessible.
> > > China blocks access to many Google resources, and now Russia
> > > purportedly does the same. Perhaps a similar effect can be
> > > reached with a git repository with limited commit access? At
> > > least then commits can be attested to individual authors.
> > 
> > In days of old, when knights were bold and cloud silos weren't
> > invented, we had an ancient magic handed down by the old gods who
> > spoke non type safe languages.  They called it wiki and etherpad
> > ... could we make use of such tools today without committing heresy
> > against our cloud overlords?
> 
> You mean, like https://pad.kernel.org ? :)
> 
> However, a large part of why I was suggesting a git repo is because
> it is automatically redistributable, clonable, and verifiable using
> builtin git tools. We have end-to-end attestation with git, but we
> don't have it with etherpad or a wiki. If the goal is to use a
> document that solicits acks and other input across subsystems, then
> having a tamper-evident backend may be important.

I think the goal is to have a living document that records who should
ack, what the design goals are who has what current concerns and how
they're being addressed and what the status of the patch set is. 
Actually collecting acks for the patches would be the job of the author
as it is today and verification would be via the public lists.

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ