Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-04-11 02:49:09 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update Security page

Browse Source 
- Add Qubes Security Team (QST) description
- Add Simon as QST member
- Add "(emeritus, canaries only)" with link next to Joanna's name;
  move to bottom
This commit is contained in:
Andrew David Wong 2018-11-05 20:21:43 -06:00
parent 6f8849d12d
commit c1e404457c
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
1 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
security-info/security.md
View File

@ -37,6 +37,17 @@ We promise to treat any reported issue seriously and, if the investigation confi
The Qubes Security Team
-----------------------
The Qubes Security Team (QST) is the subset of the [Qubes Team] that is responsible for ensuring the security of Qubes OS and the Qubes OS Project.
In particular, the QST is responsible for:
- Responding to [reported security issues]
- Evaluating whether [XSAs][Xen Security Advisory (XSA) Tracker] affect the security of Qubes OS
- Writing, applying, and/or distributing security patches to fix vulnerabilities in Qubes OS
- Writing, signing, and publishing [Security Bulletins]
- Writing, signing, and publishing [Canaries]
- Generating, safeguarding, and using the project's [PGP Keys]
As a security-oriented operating system, the QST is fundamentally important to Qubes, and every Qubes user implicitly trusts the members of the QST by virtue of the actions listed above.
The Qubes Security Team can be contacted via email at the following address:
security at qubes-os dot org
@ -50,8 +61,9 @@ Please see [Why and How to Verify Signatures] for information about how to verif
### Members of the Security Team ###
- [Joanna Rutkowska]
- [Marek Marczykowski-Górecki]
- [Simon Gaiser (aka HW42)]
- [Joanna Rutkowska] ([emeritus, canaries only])
[Security FAQ]: /faq/#general--security
@ -62,8 +74,12 @@ Please see [Why and How to Verify Signatures] for information about how to verif
[Xen Security Advisory (XSA) Tracker]: /security/xsa/
[Why and How to Verify Signatures]: /security/verifying-signatures/
[PGP Keys]: https://keys.qubes-os.org/keys/
[Qubes Team]: /team/
[reported security issues]: #reporting-security-issues-in-qubes-os
[Security Team PGP Key]: https://keys.qubes-os.org/keys/qubes-os-security-team-key.asc
[Qubes Master Signing Key]: https://keys.qubes-os.org/keys/qubes-master-signing-key.asc
[Joanna Rutkowska]: /team/#joanna-rutkowska
[Marek Marczykowski-Górecki]: /team/#marek-marczykowski-górecki
[Simon Gaiser (aka HW42)]: /team/#simon-gaiser-aka-hw42
[Joanna Rutkowska]: /team/#joanna-rutkowska
[emeritus, canaries only]: /news/2018/11/02/qubes-security-team-update/