Linuix Kernel Secure

Kernel developers have gracefully accepted suggestions concerning release signing process

A policy and process overview of the Linux kernel has identified some “potential pain points” in the handling and signing process of the security keys for the Linux kernel.

The review of the kernel teams’ processes for signing releases and for the policies and procedures for the handling of the signing keys was sought by the Linux Foundation and conducted by cybersecurity experts at the Open Source Technology Improvement Fund (OSTIF) and Trail of Bits.