blob: 69540fc7c5920a839672b5022443a96091e09f60 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
Date: 2021-11-23, 1300 CEST
Meet: https://meet.sigsum.org/sigsum
Chair: rgdd
Agenda
* Hello
* Status round
* Discuss
* Next steps
Hello
* rgdd
* ln5
Status round
* [rgdd] half-baked idea that is related to signing format
* https://git.sigsum.org/sigsum/tree/archive/2021-11-23-idea-related-to-ssh-format
* [rgdd] sketched on updated meet structure
* https://git.sigsum.org/sigsum/tree/archive/2021-11-23-meet-structure-notes
* [ln5] continued work on ssh signing format proposal
* as discussed in irc we are also considering to move:
* shard hint into namespace (leaf)
* key hash into namespace (tree head)
* pros, especially for leaves:
* simplifies tooling
* cleaner separation of data and context
* can get the "remove arbitrary bytes" proposal for free, see above idea
Discuss
* Decision: update meeting structure to s/Discuss/Decision
* Decision: start using open-ended shard-interval
* https://git.sigsum.org/sigsum/tree/doc/proposals/2021-11-open-ended-shard-interval.md
* start next shard when the open-ended shard-interval is tagged in sigsum-log-go
* let our current ("completed") shard continue running until the above is fixed
Next steps
* [ln5] continue on ssh singing format proposal and deploy next shard when possible
* [rgdd] implement open-ended shard interval, if time start defining work packages
Other useful links
* [rgdd] additional links from kpcyrd about pacman-bintrans
* (Recall: https://github.com/kpcyrd/pacman-bintrans)
* Signature index
* List that allows mapping signature -> package name after discovery in log
* https://pacman-bintrans.vulns.xyz/sigs/
* Package index
* https://archive.archlinux.org/packages/
|
