[Secure-testing-commits] r25577 - doc/public

[Luciano Bello]

Author: luciano
Date: 2014-02-07 20:14:08 +0000 (Fri, 07 Feb 2014)
New Revision: 25577

Added:
   doc/public/contact
   doc/public/index
Modified:
   doc/public/Makefile
   doc/public/security_tracker
Log:
index aka todo list 

Modified: doc/public/Makefile
===================================================================
--- doc/public/Makefile	2014-02-07 20:01:52 UTC (rev 25576)
+++ doc/public/Makefile	2014-02-07 20:14:08 UTC (rev 25577)
@@ -1,7 +1,7 @@
 MD=/usr/bin/markdown_py
-SOURCES=security_tracker glossary
+SOURCES=security_tracker glossary index contact
 HTMLS=$(patsubst %,%.html,$(SOURCES))
-EXTENSIONS=tables def_list
+EXTENSIONS=tables def_list toc
 
 all: $(HTMLS)
 

Added: doc/public/contact
===================================================================
--- doc/public/contact	                        (rev 0)
+++ doc/public/contact	2014-02-07 20:14:08 UTC (rev 25577)
@@ -0,0 +1,22 @@
+Mail
+----
+- Specify public/private
+
+What each list is for:
+---------------------
+- debian-security at lists.debian.org
+- debian-security at do seems to be redirected to debian-private at ldo
+- debian-security-tracker at lists.debian.org
+- team at security.d.o
+- (and more)
+- consolidate lists? (which are needed?; explicit names, e.g. -public/-private)
+- RT? (incoming queue for non encrypted mails)
+
+IRC Channel
+-----------
+
+We hang-out on #debian-security on OFTC, stop by the IRC channel if
+you'd like, also we can add you to the alioth project so you have svn 
+write permission and you can test drive it on the testing issues for 
+however long you like to get an idea or feel comfortable (and hey it
+helps!)

Added: doc/public/index
===================================================================
--- doc/public/index	                        (rev 0)
+++ doc/public/index	2014-02-07 20:14:08 UTC (rev 25577)
@@ -0,0 +1,39 @@
+# Security team documentation
+
+This is more a TODO list than an index. For now.
+
+* Organization
+    - Contributors: Members of the security-testing alioth project, the "tracker"
+    - Assistants: Members of the private list, no access to private key 
+    - Members: "core" members
+    - How to become a member.
+    - What kind of work you can do with each grant
+* Workflow Overview
+    - some sort of introduction?
+* [How to interact with the security team](contact.html)
+    - As a vulnerability reporter
+        - public issues
+        - private issues (embargo)
+    - As a package maintainer
+        - DSA vulnerability
+        - SPU vulnerability
+        - Just unstable
+    - As an upstream? (embargo issues? backporting patches?)
+* How to contribute with the security team
+* [How to interact with the Security Tracker](security_tracker.html)
+    - How to contribute to the security tracker code and install a test instance (Florian)
+* Member's tasks
+    - DSA release: A more structured version of the current wiki pages
+    - embargo issues: Private queue in RT
+    - proposed-updates
+    - Take care of the "Special" packages (e.g. kernel iceweasel)
+    - Front desk
+    - Managing CVE ids pool: how to ask more ids
+    - Access to private key
+    - Access to upstream bug trackers
+* Debugging situations:
+    - what happens after an upload of a package to chopin
+    - where to find logs
+    - reject uploads
+* [Glossary](glossary.html)
+    - DSA, SPU, embargo, etc...

Modified: doc/public/security_tracker
===================================================================
--- doc/public/security_tracker	2014-02-07 20:01:52 UTC (rev 25576)
+++ doc/public/security_tracker	2014-02-07 20:14:08 UTC (rev 25577)
@@ -1,5 +1,7 @@
-#   A Narrative Introduction to the Debian Security Tracker  #
+[TOC]
 
+# Debian Security Tracker 
+
 About
 -----
 
@@ -565,12 +567,3 @@
 
     user debian-security at lists.debian.org
     usertag $BUGNUM + tracked
-
-IRC Channel
------------
-
-We hang-out on #debian-security on OFTC, stop by the IRC channel if
-you'd like, also we can add you to the alioth project so you have svn
-write permission and you can test drive it on the testing issues for
-however long you like to get an idea or feel comfortable (and hey it
-helps!)