Message ID | 20160803121721.3531-1-michael@niedermayer.cc |
---|---|
State | Withdrawn |
Headers | show |
On Wed, Aug 03, 2016 at 14:17:21 +0200, Michael Niedermayer wrote:
> +If you wish to use PGP/GnuPG you can use.
This sounds slightly strange.
->
"If you wish to use PGP/GnuPG please do so."
(Is this preferred by the list? Then that should be expressed.)
2016-08-03 14:58 GMT+02:00 Moritz Barsnick <barsnick@gmx.net>: > On Wed, Aug 03, 2016 at 14:17:21 +0200, Michael Niedermayer wrote: >> +If you wish to use PGP/GnuPG you can use. > > This sounds slightly strange. > -> > "If you wish to use PGP/GnuPG please do so." > > (Is this preferred by the list? Then that should be expressed.) It is about emails sent to ffmpeg-security.if the reporter needs it. Carl Eugen
On Wed, Aug 03, 2016 at 03:02:38PM +0200, Carl Eugen Hoyos wrote: > 2016-08-03 14:58 GMT+02:00 Moritz Barsnick <barsnick@gmx.net>: > > On Wed, Aug 03, 2016 at 14:17:21 +0200, Michael Niedermayer wrote: > >> +If you wish to use PGP/GnuPG you can use. > > > > This sounds slightly strange. > > -> > > "If you wish to use PGP/GnuPG please do so." > > > > (Is this preferred by the list? Then that should be expressed.) > > It is about emails sent to ffmpeg-security.if the reporter needs it. yep and i dont think everyone on security@ has a gpg key fingerprint in MAINTAINERs so using gpg has ATM a disadvantage of limiting recipients [...]
diff --git a/src/security b/src/security index ae89f9b..20c4d5d 100644 --- a/src/security +++ b/src/security @@ -1,4 +1,11 @@ -<p>Please report vulnerabilities to <a href="mailto:ffmpeg-security@ffmpeg.org">ffmpeg-security@ffmpeg.org</a></p> +<p>Please report vulnerabilities to <a href="mailto:ffmpeg-security@ffmpeg.org">ffmpeg-security@ffmpeg.org</a>. +If you wish to use PGP/GnuPG you can use. +<a href="https://pgp.mit.edu/pks/lookup?search=0x9FF2128B147EF6730BADF133611EC787040B0FAB&op=get">key1</a>, +<a href="https://pgp.mit.edu/pks/lookup?search=0x52D03A82D445F194DB8B2B1687EE2CB8F4B8FCF9&op=get">key2</a> and +<a href="https://pgp.mit.edu/pks/lookup?search=0xC61D16E59E2CD10C895838A40899A2B906D4D9C7&op=get">key3</a>. +Please use all keys if you encrypt. +PGP key fingerprints are also in the <a href="https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/HEAD:/MAINTAINERS">MAINTAINERS file</a>. +</p> <h2>FFmpeg 2.8</h2>