#1961: build.geoserver.org code signing permission
---------------------------+-------------------
Reporter: jive | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Keywords:
---------------------------+-------------------
This is a request for the SAC to use the osgeo code signing certificate on
a new machine - build.geoserver.org.
Larry Shaffer is in posession of this certificate and currently signs QGIS
and GeoServer builds on his own machine. Now that build.geoserver.org is
operational he requests permission to use this code signing certificate on
build.geoserver.org.
Larry is very security aware and would like permission, formally, from
OSGeo System Administration Committee before configuring
build.geoserver.org with this certificate.
Access to this machine is limited to one boundless system administrator
and members of the GeoServer PSC.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1961>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1961: build.geoserver.org code signing permission
---------------------------+--------------------
Reporter: jive | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+--------------------
Comment (by warmerdam):
As an OSGeo Emeritus person I grant provisional permission to Larry to use
this certificate for signing things via build.geoserver.org.
I'd like to suggest that we maintain a wiki page within the SAC Trac wiki
to keep track of who has the certificate and for what purposes it is being
used. This would then be added to it.
(by way of clarification, I understand this allows signing of binaries
*as* OSGeo so caution in use and distribution of the certificate is
important). Some notes on cert in
https://wiki.osgeo.org/wiki/Board_Meeting_2015-10-15
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1961#comment:1>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1961: build.geoserver.org code signing permission
---------------------------+--------------------
Reporter: jive | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+--------------------
Comment (by jive):
This certificate was purchased by the board
https://wiki.osgeo.org/wiki/Board_Meeting_2015-10-15
Its management is given over to the system administrator committee;
currently only Michael Smith (osgeo treasurer) and Larry Shaffer (qgis
builds) is in possession of the certificate.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1961#comment:2>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1961: build.geoserver.org code signing permission
---------------------------+--------------------
Reporter: jive | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+--------------------
Comment (by warmerdam):
We (SAC) should also keep a copy of the certificate somewhere secure (like
/root on {ldap,secure}.osgeo.org)
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1961#comment:3>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1961: build.geoserver.org code signing permission
---------------------------+--------------------
Reporter: jive | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+--------------------
Comment (by jef):
And me. I signed the OSGeo4W installer with it.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1961#comment:4>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.