Thanks for the quick feedback. Considering PKI token will remain vulnerable, I suggest we subscribe ossg-coresec member so they can work on a security note.
Also if we go the OSSN way, then we can remove the privacy settings and patches could be submitted directly to gerrit.
Thanks for the quick feedback. Considering PKI token will remain vulnerable, I suggest we subscribe ossg-coresec member so they can work on a security note.
Also if we go the OSSN way, then we can remove the privacy settings and patches could be submitted directly to gerrit.