update readme with code signing policy and project integrity

DC-analysis · Jan 8, 2025 · edffb33 · edffb33
1 parent 09cb0f6
commit edffb33
Showing 1 changed file with 23 additions and 2 deletions.
diff --git a/README.rst b/README.rst
@@ -15,8 +15,29 @@ to install a Python distribution:
 
 Installation
 ------------
-At the `release page <https://github.com/DC-analysis/DC-tools-for-Windows/releases/latest>`_,
-you can download an installer.
+You can download the installer from the
+`release page <https://github.com/DC-analysis/DC-tools-for-Windows/releases/latest>`_.
+
+Code Signing Policy
+...................
+The DC tools for Windows use free code signing provided by `SignPath.io <https://about.signpath.io/>`_,
+certificate by `SignPath Foundation <https://signpath.org/>`_.
+
+Project Integrity
+-----------------
+To verify the integrity of the DC tools for Windows, we manage access this
+repository via GitHub Team roles:
+
+- **Triage**: The `Members team of DC-Analysis <https://github.com/orgs/DC-analysis/teams/triage>`_
+  has permission to triage (e.g. modify issues).
+- **Core**: The `Core team of DC-Analysis <https://github.com/orgs/DC-analysis/teams/core>`_
+  consists of people who are trusted to modify the source code in the project's
+  version control system without additional reviews.
+- There is no special role for *Commiters*. External contributors or members
+  of the *Triage* team must create a pull request which is reviewed by a
+  *Core* team member.
+- Furthermore, we enforce 2FA for every member of the DCOR-dev GitHub
+  organization.
 
 
 For developers