From owner-freebsd-security@freebsd.org Thu Sep 17 20:41:05 2020 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A7B7A3ED74C for ; Thu, 17 Sep 2020 20:41:05 +0000 (UTC) (envelope-from gjb@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BsplP3zTLz4bG1; Thu, 17 Sep 2020 20:41:05 +0000 (UTC) (envelope-from gjb@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1600375265; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=N1HIGKWXRO2SkO3L5fXnLR6+lvBiboSSUZzbV80LG2A=; b=etk7qXmikWoDZLxj+YgApIbuwFhRVQ2dxzIQ/9igR2k9dqFTxltAaO2H4GJWuUDGtxJxgj mzSihK0q/PLVUOzhAMuhjM9YsMl04XTRb6Ocl+DQsK32F61rL6PgNateeWNUmG8IVz3A/M VH2dBftNr8D3WZnYD23bCHvQmgAnZpGapSSOYGfiey3VKqzgzPpyojVNF9HwEvqoyWgLJ5 GUhIdOxsUoScul4Xn0At8ds30Gd9vQ1KbIM4QOcK1b9+12z8dIAOXftvj8PD21ms5lSQyG jc01r2TqkxPFESB0uP+l1shFsw46iWxlHImpMIdpkxc3Fus+Dy2Ppk2JpWBwpQ== Received: from FreeBSD.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by freefall.freebsd.org (Postfix) with ESMTPS id 3B2EC102C6; Thu, 17 Sep 2020 20:41:05 +0000 (UTC) (envelope-from gjb@freebsd.org) Date: Thu, 17 Sep 2020 20:41:02 +0000 From: Glen Barber To: grarpamp Cc: freebsd-security@freebsd.org Subject: Re: 12.2R Sigs Message-ID: <20200917204102.GG26726@FreeBSD.org> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="O8XZ+2Hy8Kj8wLPZ" Content-Disposition: inline In-Reply-To: ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1600375265; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=N1HIGKWXRO2SkO3L5fXnLR6+lvBiboSSUZzbV80LG2A=; b=VYeQ/ih2dWW2jv6bnVgKDhu7kmySjbOxROu86821LvRb4nq7zBp8MvXqJP68G65cn86dhZ r2Y3rSS6TgD68520/PErAiwtzeCGWTjinl78dUnZERbmeCleK78E6u6TUEGrVBsSVMHVbH Q9OFaz/CJa3rTZypHARzB6/XMXV989fcju5ERfEmACgpxAjNw90QfUTOsbFWfT2+wobPRs KV+sp76GGx6FQdXSVc7HS6TzMYNSi8fkMZgj59W1ySLbN1J3sNWK/YXRh1+Em+iSLLhvCB 8xpuc6k3Zhw0sT1VnZ2FRp4MlT1flzI0+GOwcUNVy3mYINBzzjNikQay5YsnOw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1600375265; a=rsa-sha256; cv=none; b=yJRL7Sz1Hd95tQ3IdE8F0Oqu+szc5lavXU9/HGKuqU0gVtSoK4WDoj5sqK8jIXe/0ULjMy dRi59983WF309//9Z+9FqiWxRmQAniTpPEzZ7PHFl7wNgii4SQ+eLebCOLa96MXKLu7Y7n VSkwwO5aSoEBZTU7M/a2ufy+LLjVUQjcjc93aKTQ+BVUjrypHsuQ9gfdFos29JYim9J2PY dOZkxBTP4f5sbNtgcRyTdlSSHWhZvfqmyRUfE568wVHrpJBJ9WrvNImYL85U5c7CkALDEJ QDFiBmdIqa7wPoPpG35B/Fs2v4a7aa+pdP74TBF+qObGdLR9Mcw3XKahB7OOLQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Sep 2020 20:41:05 -0000 --O8XZ+2Hy8Kj8wLPZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Sep 17, 2020 at 03:41:22PM -0400, grarpamp wrote: > https://svnweb.freebsd.org/doc/head/en_US.ISO8859-1/htdocs/releases/12.2R= /signatures.xml >=20 > Is it plan that 12.x 13.x etc continue with > provision of sig files for BETA and RC? > If so, process can be added to releng todo docs, > and the sig asc files pushed out to website, > and to download areas (https, ftp, rsync, torrent, etc) > alongside with the image datasets themselves. > If not, the docs can make note of the labels > to which sigs apply. >=20 They will be added with the first RC build, after the doc tree is tagged for the final release. Since moving the release notes and other related documentation from base to doc, this introduced a bug in the order of operations I have not yet figured out how to solve the right way. In other words, adding the signed BETA* checksums to the doc tree for the 12.1-BETA* builds, turned out to be an error. (Also note, the signed checksums were not available for previous release BETA builds. And there is the PGP-signed email to stable@ that contains them.) Glen --O8XZ+2Hy8Kj8wLPZ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEjRJAPC5sqwhs9k2jAxRYpUeP4pMFAl9jyd4ACgkQAxRYpUeP 4pP3Rw//WF+cm1uTPPY9doEwAseAzRCTt/T06nHNrilnVZPFdF7/B9TYWiMhPi2e P97JX3m/8lRY2aAa35FJ1MuVgimVlSf9RScqW46w/tlPxBchlzFHz6+n0Zcl3XLF +aQ0ywwEDqgf2cdaqB9gwuXRGkWTFMFmpO+j5oxRdeBXMW3mAaBc7UxBVT5tmosA ef6Z63TKonqxZxMbp9QE04Nm49kOYcYmv/zuyt4zxSY4Bud98SEAPljAtDDDatKX geMp+5jeh9rSyLtsFoVtOERWoVoKriRMuc9n6v09LcgAk1froJhM/jZ0YA2ZvX82 +CuA+AWmA73wjLI9S2Oo2qhpMp4hBTsJJ1i2U4ftq4KHWgDSLh+KYHI230dg7a9C abTHvxNM7gsZbZg+zDo7yUaFrhTTeYci9OyjzJJLznHM0HvJyQqvxe/Vs0ubc7Et /jVfXhL5vCSXpcgKMGJzXopC6SSQBYVxzZSRiQ13ArTVazqKSowJQ91pELfuLh7w Q10p9c+auKphZDgWuoCn0Fu8wsug67z3ok3xMpVFMMSet++ra/pwwT0dR8Nf/CM5 KJK5gVBJh5h4Xz7ICqR2NMRzxUrBQbOpRvpkV+CbdOwidZPmM1iI6miKHR3ikesW l5/T0/JyBbS1/xrZNkERhVLrkAWf/qw7+V8P2TFwLpazlQZfMRk= =9Zy6 -----END PGP SIGNATURE----- --O8XZ+2Hy8Kj8wLPZ--