On Thu, Aug 15, 2019 at 11:25:05PM +0200, Greg Kroah-Hartman wrote: > +Contact > +------- > + > +The Linux kernel hardware security team is separate from the regular Linux > +kernel security team. > + > +The team only handles the coordination of embargoed hardware security > +issues. Reports of pure software security bugs in the Linux kernel are not > +handled by this team and the reporter will be guided to contact the regular > +Linux kernel security team (:ref:`Documentation/admin-guide/ > +<securitybugs>`) instead. > + > +The team can be contacted by email at <hardware-security@xxxxxxxxxx>. This > +is a private list of security officers who will help you to coordinate an > +issue according to our documented process. > + > +The list is encrypted and email to the list can be sent by either PGP or > +S/MIME encrypted and must be signed with the reporter's PGP key or S/MIME > +certificate. The list's PGP key and S/MIME certificate are available from > +https://www.kernel.org/.... This link needs to be filled in? > +Encrypted mailing-lists > +----------------------- > + > +We use encrypted mailing-lists for communication. The operating principle > +of these lists is that email sent to the list is encrypted either with the > +list's PGP key or with the list's S/MIME certificate. The mailing-list > +software decrypts the email and re-encrypts it individually for each > +subscriber with the subscriber's PGP key or S/MIME certificate. Details > +about the mailing-list software and the setup which is used to ensure the > +security of the lists and protection of the data can be found here: > +https://www.kernel.org/.... Ditto? -- Josh
