blob: 9064ff1c415e3bf51e499ad700acf8411ead70db (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
Keyring instructions
--------------------
This is the keyring for the CTI project. Any new contributors with
access to CTI repositories should have an entry in the allowed-signers
file before they can be granted access to any of the CTI repositories.
Overview
~~~~~~~~
This repository contains two files, other than the README:
- an "allowed-signers" file in the format dictated by the ssh-keygen(1)
"ALLOWED SIGNERS" section
- a "revoked-keys" file in the format dictated by ssh-keygen(1)
"KEY REVOCATION LIST" section
The only people allowed to push to this repository are the trusted
introducers from the CTI project whose keys and identities were verified
on a video call between members of LF IT and CTI TAC.
Adding keys to the repository
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1. New members who need to get access to CTI managed repositories will first
submit their keys to the trusted introducers (procedure to be
established; please edit this file once that is documented and
available).
2. Once the key is validated with the trusted introducers, one of them will
add that key to the allowed-signers file and commit that change to the
keyring repository. The commit should:
- describe how the identity was verified and by whom
- provide the link to the key submission message in the archives
(if relevant and available)
- carry a cryptographic signature on the commit itself (via git commit -S)
3. The new member will then send a request to the LF helpdesk to request
access to gitolite (the exact template to be established, and will include
username selection and gitolite group membership details; please edit
this file once this procedure is documented).
4. Members of LF IT will use the allowed-signers file in this repository
for the source of the public key data. The signature on the commit
will not be checked (it's there for repository integrity verification
purposes) -- being able to push to the repository provides sufficient
verification of introducer's identity.
Revoking keys from the project
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A trusted introducer will remove the key from the allowed-signers file and add
an entry to the revoked-keys file, then follow with a request to the LF
helpdesk to remove repository access.
Using this keyring for git commit verification
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Files in this repository can be used for git commit verification. It is
sufficient to add the following entries to the .git/config file of any
repository used for commit verification::
[user]
signingKey = "ssh-rsa AAAAYOUR_FULL_SSH_PUBKEY..."
[commit]
gpgSign = true
[gpg]
format = ssh
[gpg "ssh"]
allowedSignersFile = ~/path/to/keyring/allowed-signers
revocationFile = ~/path/to/keyring/revoked-keys
|