On 05/23/2015 08:57 AM, intrigeri wrote: > sajolida wrote (22 May 2015 18:16:40 GMT) :
>> Can you have a look at doc/openpgp-signing-key and tell me if it's fine
>> with you. Then I'll merge it.
>
> I agree the new wording is much clearer. Yay! full ack! ;)
> I'm not 100% convinced by s/removable storage/flash media/, though:
> note that this section is a security policy we're committing to
> follow, so making its practical requirements more precise should IMO
> be backed by security reasons, or at least it must not put limits on
> the security precautions we may want to take. This specific wording
> change seems add a requirement that has no security benefit (quite the
> contrary actually: flash media is harder to securely erase that other
> kinds of removable storage). Is there another wording that improves
> clarity the way we want, without having the aforementioned drawback? i don't think that 'flash media' is a good expression.
i was thinking that 'removable media' was a bit more clear, but then i
thought about the use case and: one can also install updates from or
save keys to a harddisk that is integrated (not removeable) in the
system tails is running on.
so the question for me is: what is the clarity the way we want? are
built in harddisks being used in that scenario? are CDs or DVDs used?
maybe it gets more clear, if we also state the considerations, the
policy is based on?
