From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: Signed archive export/import
Date: Fri, 03 Jan 2014 23:15:40 +0100
Message-ID: <87zjnciuer.fsf@gnu.org>
References: <87bo0bqy7k.fsf@gnu.org> <8738lbpu9e.fsf@gnu.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:38032)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1VzD1w-0001Ps-5z
	for guix-devel@gnu.org; Fri, 03 Jan 2014 17:15:53 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1VzD1q-0001pC-Tm
	for guix-devel@gnu.org; Fri, 03 Jan 2014 17:15:48 -0500
Received: from mail3-relais-sop.national.inria.fr ([192.134.164.104]:41657)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1VzD1q-0001p1-Lw
	for guix-devel@gnu.org; Fri, 03 Jan 2014 17:15:42 -0500
In-Reply-To: <8738lbpu9e.fsf@gnu.org> ("Ludovic
	\=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\=
	\=\?utf-8\?Q\?s\?\= message of "Sun, 29 Dec 2013 16:11:09 +0100")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: guix-devel@gnu.org

ludo@gnu.org (Ludovic Court=C3=A8s) skribis:

> The good news is that, with a bit of work in (guix nar),
> =E2=80=98substitute-binary=E2=80=99 will be able to use that mechanism to=
o.  So we can
> change Hydra to always sign its archives (simple), and
> =E2=80=98substitute-binary=E2=80=99 to always check signatures and check =
the signer
> against the ACL.  The users can choose whether or not to add
> hydra.gnu.org=E2=80=99s public key to their ACL.

It turns out that changing Hydra to always sign is not as simple as I
initially thought, because it doesn=E2=80=99t export archives via the
=E2=80=98export-paths=E2=80=99 RPC (the one that knows how to sign them.)

So we=E2=80=99re back to discussing another approach with the (apparently
unmotivated) Hydra folks, probably adding a =E2=80=98Signature=E2=80=99 fie=
ld to the
.narinfo files (see
<http://lists.gnu.org/archive/html/bug-guix/2013-05/msg00087.html> and
<http://lists.science.uu.nl/pipermail/nix-dev/2013-May/011203.html>.)

Anyone knowledgeable with Perl, Nix, and diplomacy is welcome here.  :-)

We should also start thinking more about decentralized distribution.

Ludo=E2=80=99.