> > The linux kernel requires that code contributors be registered. I > think that contibutions must be cryptographically signed, but I'm not > sure. This helps but isn't air-tight. >
This is news to me. No, there is no registration to work on the kernel. There us no single authority who you could register with. I believe i know what your misunderstanding is. after the 2012 breach, Linus prefers your tags be signed (i recall there are still a few straggler maintainers out there). This doesn’t affect the average contributor because they don’t send pull requests to Linus. Now because we wanted signed tags and key distribution is a fun problem, one needed to get their keys signed. The protocol was - I know this person and have verified their identity, so i will sign their key. One of the things we did was check each others government issued ids. Of course we are no experts in spotting fake ids so that is a risk factor considered. But for most part we signed each others keys and “verified” their identity and I think you misremembered it as registering. Dhaval > > I don't see that static linking would help with this problem. > --- > Post to this mailing list talk@gtalug.org > Unsubscribe from this mailing list > https://gtalug.org/mailman/listinfo/talk >
--- Post to this mailing list talk@gtalug.org Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk