kubernetes/committee-security-response

Distributors application for Cisco

justaugustus opened this issue · 2 comments

Actively monitored security email alias for our project:

kubernetes-security@cisco.com

1. Be an actively maintained and CNCF certified distribution of Kubernetes components.

Cisco Intersight Kubernetes Service: https://www.cncf.io/certification/software-conformance/

2. Have a user base not limited to your own organization.

Yes, Intersight is a public distribution: https://www.cisco.com/c/en/us/products/cloud-systems-management/cloud-operations/intersight-kubernetes-service.html

3. Have a publicly verifiable track record up to present day of fixing security
issues.

Cisco Security Advisories: https://tools.cisco.com/security/center/publicationListing.x

4. Not be a downstream or rebuild of another distribution.

Correct.

5. Be a participant and active contributor in the community.

Correct.

6. Accept the Embargo Policy.

I accept the embargo policy on behalf of Cisco.

7. Be willing to contribute back.

Absolutely.

8. Have someone already on the list vouch for the person requesting membership on behalf of your distribution.

I am already a member of other community groups that uphold the embargo.
Adding @kubernetes/security-response-committee + @kubernetes/release-managers for validation.

Opened kubernetes/k8s.io#3644 to actuate this pending SRC approval.