TL,DR: If you are in MAINTAINERS (or have a @kernel.org email address), you can get a free Nitrokey Start to help secure your PGP private keys. https://kernel.org/nitrokey-digital-tokens-for-kernel-developers.html
Hello, all: We've been promoting the use of PGP signatures with git repositories. Linus relies on signed tags when pulling directly from maintainers, and if you host your repositories publicly, others can benefit from PGP signatures in your git repository when they cherry-pick commits for out-of-tree projects like Android or various SoCs not maintained in mainline. With that in mind, we would like to help safeguard your private PGP keys from being exposed should the contents of your home directory become available to attackers either via malware or some result of human error. If you are a subsystem maintainer and your email address is in the MAINTAINERS file (prefixed with M:), then you qualify for a new program announced today by The Linux Foundation and Nitrokey. For the details, please read the full announcement here: https://kernel.org/nitrokey-digital-tokens-for-kernel-developers.html I'll be happy to answer any questions you may have. Best regards, -- Konstantin Ryabitsev Director, IT Infrastructure Security The Linux Foundation
signature.asc
Description: OpenPGP digital signature