aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README.rst70
-rw-r--r--allowed-signers3
-rw-r--r--revoked-keys2
3 files changed, 75 insertions, 0 deletions
diff --git a/README.rst b/README.rst
new file mode 100644
index 0000000..9064ff1
--- /dev/null
+++ b/README.rst
@@ -0,0 +1,70 @@
+Keyring instructions
+--------------------
+This is the keyring for the CTI project. Any new contributors with
+access to CTI repositories should have an entry in the allowed-signers
+file before they can be granted access to any of the CTI repositories.
+
+Overview
+~~~~~~~~
+This repository contains two files, other than the README:
+
+- an "allowed-signers" file in the format dictated by the ssh-keygen(1)
+ "ALLOWED SIGNERS" section
+- a "revoked-keys" file in the format dictated by ssh-keygen(1)
+ "KEY REVOCATION LIST" section
+
+The only people allowed to push to this repository are the trusted
+introducers from the CTI project whose keys and identities were verified
+on a video call between members of LF IT and CTI TAC.
+
+Adding keys to the repository
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+1. New members who need to get access to CTI managed repositories will first
+ submit their keys to the trusted introducers (procedure to be
+ established; please edit this file once that is documented and
+ available).
+
+2. Once the key is validated with the trusted introducers, one of them will
+ add that key to the allowed-signers file and commit that change to the
+ keyring repository. The commit should:
+
+ - describe how the identity was verified and by whom
+ - provide the link to the key submission message in the archives
+ (if relevant and available)
+ - carry a cryptographic signature on the commit itself (via git commit -S)
+
+3. The new member will then send a request to the LF helpdesk to request
+ access to gitolite (the exact template to be established, and will include
+ username selection and gitolite group membership details; please edit
+ this file once this procedure is documented).
+
+4. Members of LF IT will use the allowed-signers file in this repository
+ for the source of the public key data. The signature on the commit
+ will not be checked (it's there for repository integrity verification
+ purposes) -- being able to push to the repository provides sufficient
+ verification of introducer's identity.
+
+Revoking keys from the project
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+A trusted introducer will remove the key from the allowed-signers file and add
+an entry to the revoked-keys file, then follow with a request to the LF
+helpdesk to remove repository access.
+
+Using this keyring for git commit verification
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Files in this repository can be used for git commit verification. It is
+sufficient to add the following entries to the .git/config file of any
+repository used for commit verification::
+
+ [user]
+ signingKey = "ssh-rsa AAAAYOUR_FULL_SSH_PUBKEY..."
+
+ [commit]
+ gpgSign = true
+
+ [gpg]
+ format = ssh
+
+ [gpg "ssh"]
+ allowedSignersFile = ~/path/to/keyring/allowed-signers
+ revocationFile = ~/path/to/keyring/revoked-keys
diff --git a/allowed-signers b/allowed-signers
new file mode 100644
index 0000000..652b893
--- /dev/null
+++ b/allowed-signers
@@ -0,0 +1,3 @@
+konstantin@linuxfoundation.org namespaces="git" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVEO8c+jnB3vaZcHXO0EI32M8Ku2XBcZFvA38p1vAA1331fgK2vmb3AowrnTvxluPwLZivp7j7W/HNeoFLMpZmiGzCk89ULkH3pE2ZCsuMnlXz9MtTtyQjgy0LD7YrTeL2XWyvDHBfDxznqTiOOaTzw+UxVNyv+6uPHm6dgfW4c3dKTefWABsQ5NGus9lZpm+LKF4Qd7zqedAoOwG7fKJX0F6kjFiRjFmbywjuopCXOmDAdq501/6so+LNr0Pp3ymCx3/muXMpOKe0RyA33HvgAcmpoWPkcDGPKD/CBOud01xZ4HcS7sbydkaMN9H66lI2OY/x6+59PoDzDh3y3N1/ cardno:000F_4B2C73CA
+siddhesh@gotplt.org namespaces="git" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQC+G9IIstq0RqX9FijCU3w+CUuY/FU60sqUUd3kUVq2cm8iQBSCkphlMww5PYeTvZu5hPo0zxMlt5E26X27cmosmpKDd77ZKYm+4H9hVX7zfjgOh/2cw1FpfKTa82P6NMma0YN0BR7CE5pUhhIJN0/hjTifLcT/6BBih6dcLT1GCXgfulspMuQVjurlemWJsyswgpXJfLmaN5VR69OxpW93KbHtGkYSrGQjADmJmirAsfmaAAm2SgcQt191rIouFF7hrEI9Y1xD2AO/fSxyoqG6s3P3uQ0/bHx7TlEJkHvCvqqibtvP5U5V6V9LzJNVyYVv9w6zwmhDES7mMGGGxUhgwqjnJAjB0LeuDXcJNCYSdOIqy4F1fIt9fXSMGB2FAFbAtuuIF2Sg55I16ti+yLYfJ3yKH5MS9bTlrl9Lc910VUjRr4pOJAT28WOet7h7zHQGmVAJKALQP1e6Z/X1b8VueC83Z/BeKbxuLXgpKMvo6JWz3vB9dilWfAWJUrnabMmMJhRBjtH0NBEzEW0HdcKRFN8nLI9GtIHhEkkheR37Nm9fWV4Nj5MqgldenxeAipOLN8A2ulddFGQ3cy4RhjLybt1YNRSjZXnQnUXMvhntMe9YXxeVzSpAUsCeQ5L6T0KJ3A4kfb4oX2lR6X5n2k2LQYWjYArzA7VsWLuoFb0cAqsj/jec/adJodXIXI5IYySIJOTfW6s2aXJYJdjG30WNWclBE6O4gUCOT4DkYNAur1YZ/L1IhSWKP/d7HHk83DZkAjz3oEnEf+G5gcQnSpwLrLTIu3atMwX6EHb2VKHcHpufJ+x+inGKQ7XTkXXxZ7iHiqlcSTwXApRl2UqcZarABvgjeyDlzRTTfiCdunaKEWPpj+BusLhyEjhhOqTer5vGkp2Eu+F45qEA6hxQB5CvpEtkdRNhV8UoFNchDGWMlhdN3V01hi82CfeX/Xb6rQPsrGXM5F/p+z46syhrQ9cZszftD8MjrVD6zPNIm21JeKsqev1BzNPJ0QCSLrzfdEspowTK2rr/e1Ig3SxtJhWwBuiY+SnATfJDeuJ5N+HLDHVgI+SgK1aAOk31GVPvJk1KcWm9ELyHafC2qTaq7cTHOpuGOOKnWhoSSreAbUmiGU+U6a6gJlAQqffdlvzFlKKb6NdpiTkITSKCG0B+j1oPYsGs1Vk4T/xs0IAhiEs3qh8CpvV7dTzK4HfBL2zDREiPAAIt/1v49BPtPggivFeuZnpx5HUt07z2CQgPWtYna2jlIHkfikpV+o6JqFWM10jz/Px7ASxUby11NwkMo8tT1jl8R5TEOVfV8MLdUk/vjKOsc/dKIoMXwBB4tPj6VEoOeSiZSiIqUfX/VsV2SHJR siddhesh@gotplt.org
+josmyers@redhat.com namespaces="git" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAqMVeupeIp+DfCS23ae2NJTOAY9jaDWRBuNBcbsgwdzcHBvkS9PRkSm5AuYL04eL/iKmY3wQDC08f8qhtUqJcOxbfKT+wQOuMbLFnMFkjQ6N+u6OZNco5ruMUfDAMOJPSObomq9P8+pW0RBKtDDvafjObc6HNY7uezOxXMy7UU+UHLdL2nkFO/iT3gVVWwhsCw086lUmHfiKQy1D7M+ZndjmEqer6olk6HJQReA+2w78x6TInDYXTHeO6weyEXeiMmp9gAo0GdEXWplLJ7ULgWFlGGLfSLPZPapgZfL8B/A/BnhHLs2QL0/3pqacXlI52x8v8BUVpofRR4cr6PKQmO79oHZwr8HACf/OTf8xktodDh+QEYizwlWmW98nbBMPn4k5xPPx+tnB4+LBTreq1dFuKPJ8DEx3/73mDqVqMsi/SDrhjLqjGZfTgKmLG2qQrlL/EnEPyWayxsRINZEdERciMFkauvDlJoRfz6BwnFhsWubw4W7Fypx5H0f9AEn9PPSoNnh3fRapiNK46sdQerLlzW+/CJvVD/2LRTY1hTdjvosgWAJk2KT//WOWDHr+pchdGLdtGsX1rnyxDyuWjvyg5SLWIAC9NXWbrKJql+KMxGh7JISgexVY4kf41fatyxaCVyQN+HFd3W6CZiRo11uZWe0y2BTVR+XbS6y9YDZs= jsm28@cam.ac.uk
diff --git a/revoked-keys b/revoked-keys
new file mode 100644
index 0000000..948b1a6
--- /dev/null
+++ b/revoked-keys
@@ -0,0 +1,2 @@
+# This file should contain fingerprints of revoked keys, e.g.:
+# SHA256:cUUr/dCcTe9sJwpJXdbGB1EhNshu0o/7M0XHgMc4mZ0