Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 3 Jul 2017 14:35:55 +0200
From: Kristian Fiskerstrand <>
To:, Anthony Liguori <>
Subject: Re: accepting new members to (linux-)distros lists

On 07/02/2017 10:58 PM, Anthony Liguori wrote:
> On Jul 2, 2017 1:38 PM, "Kristian Fiskerstrand"<> wrote:
>> The immediate thought that springs to mind is the [lack of OpenPGP
>> support in bugzilla] which makes it difficult to ensure confidentiality
>> unless disabling all email warnings.
> I would just assume all email is disabled.  I don't know of a tool that
> does this right so for security sensitive things, I think disabling email
> notification is a best practice.

It wouldn't take much to have a tool that does, mainly what I outline in
the previous post to ensure OpenPGP keyblock management for the
individual users, and as an extension of the scope for that perhaps a
[MemoryHole] implementation to ensure confidentiality / integrity
verification of the RFC822 headers such as Subject. Enigmail users
should already have such support read-only[Note:A]


[Note:A] to toggle it on encrypted subjects on sending you'd use

Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ