From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id OKGHMKMU9V6sXwAA0tVLHw (envelope-from ) for ; Thu, 25 Jun 2020 21:18:27 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id QDFsLKMU9V5cdgAAB5/wlQ (envelope-from ) for ; Thu, 25 Jun 2020 21:18:27 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 793EF940224 for ; Thu, 25 Jun 2020 21:18:27 +0000 (UTC) Received: from localhost ([::1]:38900 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1joZGM-0007YE-FL for larch@yhetil.org; Thu, 25 Jun 2020 17:18:26 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:49094) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1joZF1-0006AJ-JT for guix-patches@gnu.org; Thu, 25 Jun 2020 17:17:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:58052) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1joZF1-0000lj-Aa for guix-patches@gnu.org; Thu, 25 Jun 2020 17:17:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1joZF1-0002WC-6f for guix-patches@gnu.org; Thu, 25 Jun 2020 17:17:03 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#42048] [PATCH 3/6] channels: Remove 'signature' from . Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 25 Jun 2020 21:17:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42048 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 42048@debbugs.gnu.org Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 42048-submit@debbugs.gnu.org id=B42048.15931197899568 (code B ref 42048); Thu, 25 Jun 2020 21:17:03 +0000 Received: (at 42048) by debbugs.gnu.org; 25 Jun 2020 21:16:29 +0000 Received: from localhost ([127.0.0.1]:41356 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1joZES-0002U7-P7 for submit@debbugs.gnu.org; Thu, 25 Jun 2020 17:16:29 -0400 Received: from eggs.gnu.org ([209.51.188.92]:34512) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1joZEP-0002TD-HH for 42048@debbugs.gnu.org; Thu, 25 Jun 2020 17:16:25 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:45251) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1joZEK-0000WI-Ay; Thu, 25 Jun 2020 17:16:20 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=59608 helo=gnu.org) by fencepost.gnu.org with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1joZEJ-0006HK-2z; Thu, 25 Jun 2020 17:16:19 -0400 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Date: Thu, 25 Jun 2020 23:16:02 +0200 Message-Id: <20200625211605.29316-3-ludo@gnu.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200625211605.29316-1-ludo@gnu.org> References: <20200625211605.29316-1-ludo@gnu.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: 3.99 X-TUID: RFuSIWUJvBry In the end signing the commit/key pair does not buy us much. Someone publishing a valid but different commit/key pair would effectively be publishing a different channel, which could be a fork (made by a former authorized developer) or simply a mirror. In the latter case, there's nothing to be gained by publishing a different commit/key pair. * guix/channels.scm ()[signature]: Remove. (make-channel-introduction): Adjust accordingly. --- guix/channels.scm | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/guix/channels.scm b/guix/channels.scm index 9859bfdda8..05b2661445 100644 --- a/guix/channels.scm +++ b/guix/channels.scm @@ -128,22 +128,19 @@ ;; Channel introductions. A "channel introduction" provides a commit/signer ;; pair that specifies the first commit of the authentication process as well -;; as its signer's fingerprint. The pair must be signed by the signer of that -;; commit so that only them may emit this introduction. Introductions are -;; used to bootstrap trust in a channel. +;; as its signer's fingerprint. Introductions are used to bootstrap trust in +;; a channel. (define-record-type - (%make-channel-introduction first-signed-commit first-commit-signer - signature) + (%make-channel-introduction first-signed-commit first-commit-signer) channel-introduction? - (first-signed-commit channel-introduction-first-signed-commit) ;hex string - (first-commit-signer channel-introduction-first-commit-signer) ;bytevector - (signature channel-introduction-signature)) ;string + (first-signed-commit channel-introduction-first-signed-commit) ;hex string + (first-commit-signer channel-introduction-first-commit-signer)) ;bytevector (define (make-channel-introduction commit signer) "Return a new channel introduction: COMMIT is the introductory where authentication starts, and SIGNER is the OpenPGP fingerprint (a bytevector) of the signer of that commit." - (%make-channel-introduction commit signer #f)) + (%make-channel-introduction commit signer)) (define (openpgp-fingerprint->bytevector str) "Convert STR, an OpenPGP fingerprint (hexadecimal string with whitespace), -- 2.26.2