If commit i adds a new signing key to the channel’s authorisations file and commit i+1 is signed with that signing key, then commit i+1 can be used in channel intro. 

You can’t add a signing key to the authorisations in a commit and sign that same commit with the new key.  Is that issue here? 

Jake

On Fri, 29 Mar 2024 at 2:13 pm, <elaexuotee@wilsonb.com> wrote:
> > from reading about guix authentication I think the new signing key
> > must be first added to the .guix-authoriations file and that commit
> > must signed with the current signing keys before the new signing
> > key can be used.
>
> Yes, it’s likely the problem; the rest of the description you gave
> elaexuotee looks fine to me.
>
> (No need to rewrite the history; changing the introduction is enough.)
>
> Ludo’.

Well, the catch 22 is that I've lost the original key and so can only sign
.guix-authorizations with the new one.

> (No need to rewrite the history; changing the introduction is enough.)

Without the old key, I'm gathering that a history rewrite is the only way right
now. Seems like a fresh channel introduction should be enough, but our current
authorization check appears to look at earlier commits even in that case, IIUC.

Maybe forcing history rewrites on key loss is the desired behavior? I'm not
sure. From a client perspective, the only difference is whether or not you have
to specify --allow-downgrades on the next pull. In either case a channel intro
update is necessary.