[Libre-soc-bugs] [Bug 1126] How to document new bugs/issues

bugzilla-daemon at libre-soc.org bugzilla-daemon at libre-soc.org
Tue Dec 5 19:44:06 GMT 2023


https://bugs.libre-soc.org/show_bug.cgi?id=1126

--- Comment #45 from Luke Kenneth Casson Leighton <lkcl at lkcl.net> ---
(In reply to Andrey Miroshnikov from comment #44)
> Started writing the RfP submission guide doc:
> https://libre-soc.org/HDL_workflow/rfp_submission_guide/
> 
> (This page is very much a in-progress, just wanted to commit what was
> already in my head)

really good progress, good practice to follow, using the bugtracker as
a memory-substitute maes life easier but also allows collaboration and
review.

> Luke, do you know if we're allowed to take a partial screenshot of the NLnet
> RfP submission system (removing any private information or URLs)?

i don't see why not, it's a good idea. to emphasise again (in writing
not a verbal un-audited private call) it is absolutely imperative that
the secret URLs be kept secret. under no circumstances must they go onto
publicly-archived libre-soc resources: not the bugtracker, not the mailing
list, not IRC.

in other words they must be treated as the PLAIN TEXT PASSWORDS that they are,
and appropriate measures taken to protect them from leakage onto the internet
at large.

i also require that a procedure for notifying NLnet and myself be written and
documented so that NLnet can immediately *FREEZE* the RFP system to prevent
fraudulent RFPs in the event of someone publishing the plaintext
passwords / URLs.

actually it would be good to have a "canary" button, which we can activate
ourselves rather than have to wait for NLnet. can you raise that as a bugreport
and link to this comment? i will then assign it to NLnet.

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the libre-soc-bugs mailing list