[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian derivatives census: SELKS: welcome!

Hi Eric & Peter,

I would like to welcome yourself and SELKS to the Debian derivatives
census! Would you like to take this opportunity to introduce yourself
and SELKS to us all? 


It would be great if you could join our mailing list and IRC channel:


I would encourage you to look at Debian's guidelines for derivatives:


You may want to look at our census QA page, some of the mails from
there may apply to SELKS.


You don't appear to be subscribed to the SELKS census page,
I've made a few changes to the SELKS census page:


It would be great if you could clarify the "Distribution type" and
"Debian archive quantity" fields. If multiple options apply, replace
the pipe characters with commas.

The census page doesn't list Stamus Networks as the corporate sponsor
of SELKS and says the funding model is community driven but your
website gave me the opposite impression. Could you clarify this?

The apt repository for SELKS does not contain source packages,
including for packages licensed under the GNU GPL. This may or may not
be a copyright violation depending on whether our not you distribute
those elsewhere. In any case, please add source packages to your
repository so that Debian can automatically create patches to be
presented to Debian package maintainers.


Some of the Release files in the apt repository for SELKS are missing
the Valid-Until header, which allows clients to find out when active
network attackers are holding back newer Release files. At minimum,
rolling releases and suites containing security updates should have
this header. With reprepro you can use the ValidFor config option.


I think you can close this issue as you have an apt repository now at
the packages.stamus-networks.com domain listed in the census page.


I've added the SELKS blog to Planet Debian derivatives which helps the
Debian community find out the things that are happening in the world of
Debian derivatives.


Since SELKS originated in France according to Distrowatch you might be
interested in joining the Debian France group.


Next year the annual Debian conference is in Montreal, Canada.
It would be great if developers from SELKS could attend DebConf17.


I would encourage any attendees to volunteer to ensure the continued
the success of the annual Debian conference, here are some examples of
things that need helpers.


I note that SELKS is based on Debian stable. The Debian release team
recently released a timeline for the freeze for the next Debian stable
release. I would encourage you to review it and prepare your plans for
rebasing on the next Debian release (stretch).


A great way to help ensure that the next Debian release working well
for you is to install and run the how-can-i-help tool and try to work
on any issues that come up.


I note that SELKS uses debian-cd, live-build, reprepro and LXDE, I
would encourage you to provide feedback and fixes to the teams.


Please note that live-build is now orphaned, so you might want to join
the Debian Live team to make sure it is possible to use it for stretch.

Please note that LXDE is being replaced with LXQt.


You might want to consider adding DNSSEC and TLSA records to your
domains and SSL to some of your domains. SSL on the repository will
help SELKS users to obscure package names and version numbers from
global active adversaries. You might also want to add HSTS headers.

Please feel free to circulate this mail within the SELKS team.



Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: