Date: Wed, 09 Apr 2014 23:57:33 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Matt Wilson <msw@...zon.com>, Max Spevack <spevack@...zon.com>, Anthony Liguori <aliguori@...zon.com> Subject: Re: Request for linux-distros list membership -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/09/2014 09:13 PM, Anthony Liguori wrote: > On 04/09/14 19:04, Kurt Seifried wrote: >> On 04/09/2014 09:23 AM, Anthony Liguori wrote: >>> Hi, > >>> I would like to request membership to the closed linux-distros >>> mailing list on behalf of the Amazon Linux AMI distribution. >>> We do not currently have anyone on this list from Amazon but >>> we would like to change that. The Amazon Linux AMI >>> distribution is RPM based, optimized for EC2, and tracks a >>> number of packages (including the kernel) directly from >>> upstream. > >>> Here is my GPG fingerprint: > >>> pub 2048R/5682E5FF 2013-07-30 Key fingerprint = EF0F 60F4 >>> 390F A270 BC30 4A93 1AAD C710 5682 E5FF uid >>> Anthony Liguori <anthony@...emonkey.ws> sub 2048R/44FFA77F >>> 2013-07-30 > >>> I'm sending this from my personal account since this is the uid >>> associated with my GPG key but I would prefer to be subscribed >>> to my @amazon.com (CC'd here). > >>> If anyone has any questions, please don't hestitate to ask. >>> Thanks for your consideration! > >>> Regards, > >>> Anthony Liguori > >> I find it a bit odd you can't send this from your work email >> address. Would it be possible to add that email address to your >> key and then use your work email address? > > We use DKIM which doesn't work very well with all mailing lists. > You should receive this okay since you are on CC but I'm not sure > everyone will get this through the mailing list. If it doesn't > make it, I'll send this same (signed) message via the > @codemonkey.ws address. > > I also added this address as a uid to my key. Here it is again: > > pub 2048R/5682E5FF 2013-07-30 Key fingerprint = EF0F 60F4 390F > A270 BC30 4A93 1AAD C710 5682 E5FF uid Anthony > Liguori <aliguori@...zon.com> uid Anthony Liguori > <anthony@...emonkey.ws> sub 2048R/44FFA77F 2013-07-30 > >> I guess I'm wondering is this an official request on behalf of >> Amazon or some random Amazon (employee? contractor?) asking for >> access to distros@. > > Yes, this is an official request on behalf of Amazon. I am > requesting access on behalf of the Amazon Linux AMI team. > >  http://aws.amazon.com/amazon-linux-ami/ > > Regards, > > Anthony Liguori So first off I'm inclined to have Amazon on the distros list (same reasons as Oracle basically). My only concern is are you the correct person, I have no clue who is on the Amazon security team for their Linux distribution, I've never seen you post anything anywhere. Your search - site:aws.amazon.com Anthony Liguori - did not match any documents. Your search - site:aws.amazon.com aliguori@...zon.com - did not match any documents. Can we somehow get confirmation from Amazon that this is the right person to have on distros? Thanks. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTRjLNAAoJEBYNRVNeJnmTWdMQAMyhe8Y5+8mgOMNkFCAhe7ee u5dAkDGzCeywxNh7W10/9pgcB2raHCNahzEdNWTuc2SvE4Wjc7GLIlTdJ7MWPSYc xag1ZStqiO0LrxY1CZWe69MAMYDpNo0a5rodxoWRZtrAnQLh7gX3KLcPKdtBHOvI 7GXK9QX0kf6elCmSHumMTvz8nr+mHgD6t1y0YNuj/hzx+9Z5fZoeuCVQdDMp3tdR 8O/gIz7c4HPGGy7CtbF8CYc8cI6tz/OfrxLBbkBY7Xy1+QIqL5Av3dZkX81Oiy6D X2o8ne96NJ846TUgRavqDFJhJpTodA2i2jOuDp0n+cOCkhUI8L9cqkHyKBCBR5sU cqzTfl7o39y/CE+fmRI6EvORgoW3mRisUPhoyoz398vcSBzMJGhpUcnIvthCAYs1 LX7yebnRVjTvPwJ3FOYRL+eiutQcN2rMdVsTVoi6EfpIVq1RvU4aNPBM0xmNqIVl iZj1jQVEkI+7WOK0grjyNks7+uTW0ERD98B25ojehPxkoNyl+tdgsl1Dp1ddX59E p8YDB1B1/FKGlcP4tKQ0jRxFocgP3N1BY5a1xepVwGwJrYoOubQeg3XX+frzzE4i rLBtEjgBr6lgLdBt9uG5bAH1vH9WeS/yCDKYwSR0moZxI2TFF1i4J9/oDcqlIOnn ew+c5LXc8fx2zWChjJsY =KMGp -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ