sjvnFeb 27
Linux explores new way of authenticating developers and their code - here's how it works https://zdnet.com/article/linux-kernel-maintainers-new-way-of-authenticating-developers-and-code/ via @ZDNet & @sjvn

#Linux kernel maintainers propose a less painful process for identifying developers and their code, making it safer than ever.
Linux explores new way of authenticating developers and their code - here's how it works

Linux kernel maintainers propose a less painful process for identifying developers. See how it can make Linux code safer than ever.

ZDNET
Show threadJames Bottomley

@sjvn @ZDNet A few observations:

* security technologies don't age well: at our original 2011 keysigning, sha1 was the usual signature hash, so that's the hash we use for most of the kernel web of trust.

* Introducing a new mechanism for kernel developers at a conference none of them go to isn't guaranteed to be influential

* short expiration isn't that popular and it often doesn't interact well with required historical use: https://lore.kernel.org/ksummit/CAHk-=[email protected]/

Re: Web of Trust work [Was: kernel.org tooling update] - Linus Torvalds

Mar 2 at 2:32pmWeb
Show threadsjvnMar 2
@jejb I see we need to talk sometime soon.
Show threadJames BottomleyMar 2
@sjvn Sure, I'll be at #scale23x if you're going?
Show threadsjvnMar 3
@jejb Alas, no. I'm trying to finagle my way to the Linux developer together in Zagreb in May. You?
Show threadJames BottomleyMar 4
@sjvn possibly if I get an invite.
Show threadsjvnMar 4
@jejb Who's in charge of that event?
Show threadJames BottomleyMar 4

@sjvn It's somewhat like @linuxplumbersconf technically a LF event but tightly controlled by its planning committee. The LSF/MM committee were in the CFP

https://lore.kernel.org/all/20260110-lsfmm-2026-cfp-ae970765d60e@brauner/

You can use the PC email they advertise to contact them

LSF/MM/BPF: 2026: Call for Proposals - Christian Brauner

Show threadsjvnMar 4
@jejb @linuxplumbersconf Thanks.