diff options
-rw-r--r-- | Makefile | 14 | ||||
-rw-r--r-- | licence-arithmetic.md | 4 | ||||
-rw-r--r-- | licence-arithmetic.subplot | 3 | ||||
-rw-r--r-- | sponsored-by.md | 69 | ||||
-rw-r--r-- | sshca.md | 100 | ||||
-rw-r--r-- | test.html | 10 |
6 files changed, 9 insertions, 191 deletions
@@ -1,15 +1,13 @@ -sources = $(wildcard *.md) -htmls = $(sources:.md=.html) -pdfs = $(sources:.md=.pdf) +sources = $(wildcard *.subplot) +htmls = $(sources:.subplot=.html) +pdfs = $(sources:.subplot=.pdf) -.SUFFIXES: .md .html .pdf +.SUFFIXES: .subplot .html .pdf -.md.html: +.subplot.html: subplot docgen --output $@ $< -.md.pdf: +.subplot.pdf: subplot docgen --output $@ $< all: $(htmls) $(pdfs) - -rethinking-email.pdf rethinking-email.html: rethinking-email.md email.bib diff --git a/licence-arithmetic.md b/licence-arithmetic.md index 05bd9a7..887c34b 100644 --- a/licence-arithmetic.md +++ b/licence-arithmetic.md @@ -1,7 +1,3 @@ ---- -title: Licence arithmetic -... - Combining code from different sources in a free or open source software project requires making sure that the licences of each component are compatible. As an example, the GNU General Public diff --git a/licence-arithmetic.subplot b/licence-arithmetic.subplot new file mode 100644 index 0000000..7cc774f --- /dev/null +++ b/licence-arithmetic.subplot @@ -0,0 +1,3 @@ +title: Licence arithmetic +markdowns: + - licence-arithmetic.md diff --git a/sponsored-by.md b/sponsored-by.md deleted file mode 100644 index 1b96572..0000000 --- a/sponsored-by.md +++ /dev/null @@ -1,69 +0,0 @@ -# Executive summary - -To make sponsorship of free and open source software more visible, add -a `Sponsored-by` pseudo-header to git commit messages. - -# The problem - -Free and open source software is sometimes funded by its authors: they -work on it in their free time. Sometimes development is funded by a -company who employs people to develop the software. Sometimes it's -fully or partially funded by donations or gifts: some party gives -money to the developers so they can work on the software, but not as -employment; we call this sponsorship. - -Overall, for any particular project, it's unclear how it's funded. -Sometimes the project makes it clear, but often it's not clear. In a -large project, with different parties funding parts of the work such as the -Linux kernel, it's hard to keep track of who funds the work. Currently -it is done by heuristics based on author commit email addresses. - -One of the problems is that employment and sponsorship tends to be -scarce, and difficult to get, and even many important, popular -software projects do not have people who can work on it full time. -This hurts the quality of the software, and slows down its development -significantly. - -# A partial solution - -We propose that it would help to make sponsorship more obvious. Apart -from the project's web site, each commit could label the work as -sponsored using a pseudo-header: - -~~~ -Sponsored-by: Example Corp. -~~~ - -Any commits done as part of sponsored work would have this. This would -raise the visibility of sponsorship, thereby hopefully making it more -interesting to sponsor. - -# Specification - -We suggest the following specification as a base of discussion: - -* sponsorship of work to produce a commit is marked by one or more - `Sponsored-by` pseudo-headers in the commit message -* lack of such a header does not say anything about whether the work - was sponsored; use of the header is optional -* a header only applies to the commit it appears in -* all headers referring to the same sponsor should try to use the same - value so it's easier to collect statistics -* the value has the same format as a git commit author field; it can - be a bare email address, or lack an email address -* the special value `author` means the work was done without - sponsorship - -Examples: - -* `Sponsored-by: author` -* `Sponsored-by: Lars Wirzenius <liw@liw.fi>` -* `Sponsored-by: Wikimedia Foundation` -* `Sponsored-by: IBM <https://www.ibm.com/>` - - ---- -title: Sponsored-by in git commit messages -author: L.W. and D.S. -documentclass: report -... diff --git a/sshca.md b/sshca.md deleted file mode 100644 index 85a981c..0000000 --- a/sshca.md +++ /dev/null @@ -1,100 +0,0 @@ -# Abstract - -This is a sketch of an idea for a little command line tool for -managing SSH CA keys and making certificates. - -# SSH CA - -An SSH CA is an SSH key used to certify host and user keys. When a -host key is certificate, each user can configure their SSH client to -trust a host certificated made with a known CA key. They then only -ever need to verify that the CA key is valid, rather than every new -host key. The host certificate can specify the host name that it's -valid for. - -Similarly, a sysadmin can configure their SSH server to trust user -certificate made with a CA key. The user certificate specifies which -user account on the server it's valid for. This means the user doesn't -need to have a password so they can log in once to add their SSH -public key to their `authorized_keys` file on the server. - - -# `sshca` the command line tool - -`sshca` is a command line tool for managing SSH CA keys and making -certificates. It's a wrapper around the `ssh-keygen` tool that aims to -be easier to use and harder to misuse. - -Each certificate has an automatically chosen serial number. `sshca` -keeps track of the serial numbers that have been used. - -Certificates can optionally have a validity period (valid from a time, -and until a time). The period may be open ended. - - - - -## Generate an SSH CA key - -To generate a new SSH CA key pair and give is a short name: - -```sh -$ sshca generate NAME -``` - -The key pair will be stored in `~/.ssh/sshca` and will by default be -of type `ed25519` (elliptic curve), for higher security and smaller -key size. The type can be specified with an option. - - -## List existing SSH CA keys - -To list SSH CA keys: - -```sh -$ sshca list -default ed25519 .... -``` - -This lists all the keys in the `~/.ssh/sshca` directory. - - -## Removing an SSH CA key - -To remove an SSH CA key: - -```sh -$ sshca remove-key NAME -``` - -This removes the named key from the `~/.ssh/sshca` directory. - - -## Create a host certificate - -To create a host certificate: - -```sh -$ sshca cert-host KEYNAME HOSTPUB HOSTNAME > FILENAME -``` - -This create a host certificate using a named SSH CA key, for a given -host public key, and ties it a given host name. The certificate is -written to the standard output, and can be redirected to a file as -usual on the command line. - - -## Create a user certificate - -To create a user certificate: - -```sh -$ ssh ca cert-user KEYNAME USERPUB USERNAME > FILENAME -``` - -Similar to a host certificate, but for a user. - - ---- -title: SSH CA helper -... diff --git a/test.html b/test.html deleted file mode 100644 index 554098f..0000000 --- a/test.html +++ /dev/null @@ -1,10 +0,0 @@ -<doctype html> -<html> - <head> - <title>Test</title> - </head> - <body> - <h1>Title</h1> - <p>This is a test.</p> - </body> -</html> |