deeplow

I am planning on taking a peek at integrations tests with my [Qubes-updater integration PR](https://github.com/freedomofpress/securedrop-workstation/pulls). What I am thinking is expanding tests to create some extra VMs as needed and...

We've been playing around with OpenQA and we've almost got [a full SecureDrop Workstation installation test](https://openqa.qubes-os.org/tests/112805#step/install/76) ([respective PR here](https://github.com/QubesOS/openqa-tests-qubesos/pull/25)). Thanks to the Qubes team for letting up use their infrastructure....

That is pretty interesting. Thanks for bringing it up. We should definitely explore that.

The cadence of Fedora release makes this a twice-a-year effort. Has there been discussion on having having debian templates as default for sys-*?

Yep. I'm aware. This is one of the things that stood out to me while redoing the updater. However, I kept it the same way structurally because we do not...

This is very much in line with what we talked. I'm sure it had been discussed somewhere :slightly_smiling_face:. Thanks for finding it!

I've been exploring this option a bit. We'd need work with the [Qubes Builder V2](https://github.com/QubesOS/qubes-builderv2/), which is not trivial at all and the documentation is a bit lacking at the...

I have attempted to build a Qubes ISO myself and ran into a few challenges. Here are some of my learnings and some open questions. Hopefully they're useful if we...

Update per feedback from Marek: > * **Boot security challenges**, if we either go the SecureBoot or the Heads way we'd need our signing key somehow fused into the roots...

Transcribing relevant gitter chat: > **deeplow**: I was just trying to think of ways that the opening of dispVMs could be improved for the particular situation of securedrop. Have there...