unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed
From: ludo@gnu.org (Ludovic Courtès)
To: Pierre-Antoine Rault <par@rigelk.eu>
Cc: guix-devel <guix-devel@gnu.org>,
	gnunet-developers@gnu.org,
	Sree Harsha Totakura <sreeharsha@totakura.in>
Subject: Re: Guix - GNUnet binary ditribution roadmap
Date: Tue, 18 Mar 2014 21:59:51 +0100	[thread overview]
Message-ID: <87y507cjeg.fsf@gnu.org> (raw)
In-Reply-To: <5328A306.6080306@rigelk.eu> (Pierre-Antoine Rault's message of "Tue, 18 Mar 2014 20:48:22 +0100")

Hi,

Thanks for sharing your tentative roadmap.

Pierre-Antoine Rault <par@rigelk.eu> skribis:

> Roadmap:
> #1 work on the GNUnet service: handling of requests from users
>   (tuple(s) answers[see below for structure]). tests with static database.
>   * work on a client-side binary list request

This is so abstract that I’m not sure what is meant here.  I’d like to
see clearer connections to the Guix and GNUnet code.

For instance, “requests from users” and “client-side binary list
request” are very abstract (and slightly misleading, because every
client is likely to be also a server, that’s p2p.)

Could you instead specify the underlying mechanisms involved?

I’d like to see something like:

  Publication of build products works like this:

    1. users runs the new ‘guix publish’ command, which inserts in the
       GNUnet DHT a key/tuple pair, where the tuple contains [list the
       fields etc.].

    2. ‘guix publish’ opens a GNUnet MESH channel to serve these files
       [explain how it’s used, possibly using the ‘gnunet-mesh’ command
       to illustrate, showing the kind of “channel identifier” that you
       get, describing how this interacts with the GNUnet peer
       identity, etc.]

       Files are served as Guix archives signed by the daemon’s key (?).

  Lookup of build products works like this:

    1. users look up the store file name, such as
       /gnu/store/...-emacs-24.3 in the GNUnet DHT.  This lookup is
       implemented as a substituter (akin to ‘guix substitute-binary’
       except that it uses GNUnet instead of direct HTTP connections.)
       Thus it’s completely transparent for the user: ‘guix build’,
       ‘guix package’ etc. magically get to use GNUnet to look for
       binaries.

    2. upon the list of matching answers, the substituter selects the
       first one offered by a peer whose trusted key is in the guix
       archive ACL.

    3. substituter connects to remote peer’s MESH channel specified in
       the tuple, retrieves the archive, checks their signature like
       ‘guix archive --import’ does.

There are a number of dots to be filled in here.  I think it’s important
to understand the mechanisms involved, and from there to fill in the
dots.

Then we can devise the milestones and a general roadmap.

WDYT?

> #3 work on the GNS SDSI/SPKI signing of user builds.
>   ['spki-sign' command developped]
>   [see signing below]
>   * work on key generation.
>   * work on key storage in a keyring.
>   * work on signature via key on a build.

Is there something to implement at all?  What about using what Guix or
what GNUnet provides?  This needs to be clarified.

> #4 work on the client-side checking of binary signature.
>   [update of the download process to include checks at the end]

Likewise.

> #5 work on the trust of signatures and filtering of tuples.
>   ['--dht' command option updated]

Likewise.

Ludo’.

_______________________________________________
GNUnet-developers mailing list
GNUnet-developers@gnu.org
https://lists.gnu.org/mailman/listinfo/gnunet-developers

      reply	other threads:[~2014-03-18 20:59 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <531F607F.7080208@rigelk.eu>
2014-03-12 18:57 ` Guix - GNUnet binary ditribution roadmap Sree Harsha Totakura
2014-03-12 20:56   ` Ludovic Courtès
2014-03-12 22:53     ` [GNUnet-developers] " Sree Harsha Totakura
2014-03-12 23:15       ` Ludovic Courtès
2014-03-13  8:23         ` Sree Harsha Totakura
2014-03-13  9:46     ` Christian Grothoff
2014-03-13 23:08       ` Ludovic Courtès
2014-03-13 23:58         ` Christian Grothoff
2014-03-14 13:27           ` Ludovic Courtès
2014-03-14 14:31             ` Christian Grothoff
2014-03-14 16:13               ` Ludovic Courtès
2014-03-18 11:00                 ` Ludovic Courtès
2014-03-13 14:06     ` Mark H Weaver
2014-03-13 14:14       ` Ludovic Courtès
2014-03-13 14:30         ` Mark H Weaver
2014-03-13 14:44           ` Christian Grothoff
2014-03-18 19:48   ` Pierre-Antoine Rault
2014-03-18 20:59     ` Ludovic Courtès [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87y507cjeg.fsf@gnu.org \
    --to=ludo@gnu.org \
    --cc=gnunet-developers@gnu.org \
    --cc=guix-devel@gnu.org \
    --cc=par@rigelk.eu \
    --cc=sreeharsha@totakura.in \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).