If commit i adds a new signing key to the channel’s authorisations file and
commit i+1 is signed with that signing key, then commit i+1 can be used in
channel intro.

You can’t add a signing key to the authorisations in a commit and sign that
same commit with the new key.  Is that issue here?

Jake

On Fri, 29 Mar 2024 at 2:13 pm, <elaexuotee@wilsonb.com> wrote:

> > > from reading about guix authentication I think the new signing key
> > > must be first added to the .guix-authoriations file and that commit
> > > must signed with the current signing keys before the new signing
> > > key can be used.
> >
> > Yes, it’s likely the problem; the rest of the description you gave
> > elaexuotee looks fine to me.
> >
> > (No need to rewrite the history; changing the introduction is enough.)
> >
> > Ludo’.
>
> Well, the catch 22 is that I've lost the original key and so can only sign
> .guix-authorizations with the new one.
>
> > (No need to rewrite the history; changing the introduction is enough.)
>
> Without the old key, I'm gathering that a history rewrite is the only way
> right
> now. Seems like a fresh channel introduction should be enough, but our
> current
> authorization check appears to look at earlier commits even in that case,
> IIUC.
>
> Maybe forcing history rewrites on key loss is the desired behavior? I'm not
> sure. From a client perspective, the only difference is whether or not you
> have
> to specify --allow-downgrades on the next pull. In either case a channel
> intro
> update is necessary.
>
>