This talk details my journey of getting my PGP key signed by the Linux kernel development community, getting a kernel.org account, and then helping other Taiwanese developers in getting theirs.
A Secure and Reliable Document Management System is Essential.docx
Putting Taiwan on the kernel.org Keysigning Map
1. Putting Taiwan on the
Kernel.org Keysigning Map
Tsai, Chen-Yu
<wens@csie.org>
2. Tsai, Chen-Yu
• Embedded Linux hobbyist since 2011
– Mainly focused on Allwinner SoC support
– Kernel support co-maintainer since 2015/10
– Kernel.org account holder since 2017/04
• Software engineer at CloudMosa, Inc.
– Based in Taipei, Taiwan
– Writes tools to manage Linux servers
2
5. Kernel.org Keysigning Map
• Public kernel.org account holders
– Very small subset of kernel developers
– Willing to sign other people’s PGP keys
• Sometimes w/ caveats
5
7. PGP Keys in Kernel Development
• Git tags are signed
– `git tag –s`
• Pull request tags are verified
– `git verify-tag`
– Web of trust
• Ref: Kernel Maintainer PGP guide
7
8. Web of Trust
• Decentralized trust model
– vs Centralized model for SSL CA
– Sign and trust each other
8
9. Do I need a signed PGP Key?
• Do you often contribute to the kernel?
• Do I need to send pull requests?
• Do I need write access to git.kernel.org?
9
10. Getting my PGP Key Signed
• Local key holders
– Keysigning map
• Attend Conferences
• Video Conference with people you
already know
10
15. Kernel.org Accounts
• For Linux kernel maintainers or high-
profile developers [1]
• Hosted git repository
• @kernel.org email address
• https://korg.wiki.kernel.org/userdoc/accounts
15
[1] https://www.kernel.org/category/faq.html
16. Helping Others
• Greentime Hu from Andes Tech.
– Upstreaming nds32 port
– Cross-signed key
– Helped with kernel.org account and typical
git repo workflow (fixes/next/PR)
16
17. Helping Others
• Helping new kernel developers adapt
– Patch submission process
– Unspoken rules and preferences
– Common feedback
• Helping Taiwanese IC design houses
– Upstreaming is different from in-house
development
17