[openssl/general-policies] 3bb52d: Add release artifacts signing policy
1 view
Skip to first unread message
Dmitry Misharov
May 11, 2026, 4:20:02 PMMay 11
to openssl...@openssl.org
Branch: refs/heads/master
Home: https://github.com/openssl/general-policies
Commit: 3bb52dd6b42154e8c3fe87fbe46399ae08b93f40
https://github.com/openssl/general-policies/commit/3bb52dd6b42154e8c3fe87fbe46399ae08b93f40
Author: Dmitry Misharov <dmi...@openssl.org>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
A policies/artifact-signing-policy.md
M policies/glossary.md
Log Message:
-----------
Add release artifacts signing policy
Define the OpenPGP and Authenticode signing requirements for OpenSSL
Library release artifacts, including key structure, algorithms, validity,
HSM storage, quorum controls, publication, rotation, compromise response,
and custodianship.
Add glossary entries for Authenticode, EV, HSM, and OpenPGP that point to
the new policy.
Reviewed-by: Matt Caswell <ma...@openssl.foundation>
Reviewed-by: Tim Hudson <t...@openssl.org>
Reviewed-by: Anton Arapov <an...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.foundation>
MergeDate: Mon May 11 20:19:29 2026
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/general-policies/settings/notifications
Home: https://github.com/openssl/general-policies
Commit: 3bb52dd6b42154e8c3fe87fbe46399ae08b93f40
https://github.com/openssl/general-policies/commit/3bb52dd6b42154e8c3fe87fbe46399ae08b93f40
Author: Dmitry Misharov <dmi...@openssl.org>
Date: 2026-05-11 (Mon, 11 May 2026)
Changed paths:
A policies/artifact-signing-policy.md
M policies/glossary.md
Log Message:
-----------
Add release artifacts signing policy
Define the OpenPGP and Authenticode signing requirements for OpenSSL
Library release artifacts, including key structure, algorithms, validity,
HSM storage, quorum controls, publication, rotation, compromise response,
and custodianship.
Add glossary entries for Authenticode, EV, HSM, and OpenPGP that point to
the new policy.
Reviewed-by: Matt Caswell <ma...@openssl.foundation>
Reviewed-by: Tim Hudson <t...@openssl.org>
Reviewed-by: Anton Arapov <an...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.foundation>
MergeDate: Mon May 11 20:19:29 2026
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/general-policies/settings/notifications
Reply all
Reply to author
Forward
0 new messages