From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id oB20LmCy/F7aJwAA0tVLHw (envelope-from ) for ; Wed, 01 Jul 2020 15:57:20 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id gMaOKmCy/F6MSgAAbx9fmQ (envelope-from ) for ; Wed, 01 Jul 2020 15:57:20 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 02113940215 for ; Wed, 1 Jul 2020 15:57:19 +0000 (UTC) Received: from localhost ([::1]:42986 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jqf6r-0001gz-8I for larch@yhetil.org; Wed, 01 Jul 2020 11:57:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34918) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jqf4g-000684-0t for guix-patches@gnu.org; Wed, 01 Jul 2020 11:55:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:42060) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jqf4f-0002nk-NG for guix-patches@gnu.org; Wed, 01 Jul 2020 11:55:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jqf4f-0005MZ-Lq for guix-patches@gnu.org; Wed, 01 Jul 2020 11:55:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#42048] [PATCH 0/6] Authenticated channels for everyone! Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 01 Jul 2020 15:55:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42048 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: zimoun Cc: 42048@debbugs.gnu.org Received: via spool by 42048-submit@debbugs.gnu.org id=B42048.159361886320566 (code B ref 42048); Wed, 01 Jul 2020 15:55:01 +0000 Received: (at 42048) by debbugs.gnu.org; 1 Jul 2020 15:54:23 +0000 Received: from localhost ([127.0.0.1]:53606 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jqf42-0005Le-Rb for submit@debbugs.gnu.org; Wed, 01 Jul 2020 11:54:23 -0400 Received: from eggs.gnu.org ([209.51.188.92]:48438) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jqf3y-0005LK-Ow for 42048@debbugs.gnu.org; Wed, 01 Jul 2020 11:54:20 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:41268) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jqf3s-0002We-5I; Wed, 01 Jul 2020 11:54:12 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=56002 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jqf3r-0004oy-CT; Wed, 01 Jul 2020 11:54:11 -0400 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= References: <20200625210400.29033-1-ludo@gnu.org> <86ftaba874.fsf@gmail.com> <87a70jzaxd.fsf@gnu.org> <86a70j9ybi.fsf@gmail.com> Date: Wed, 01 Jul 2020 17:54:08 +0200 In-Reply-To: <86a70j9ybi.fsf@gmail.com> (zimoun's message of "Wed, 01 Jul 2020 15:09:21 +0200") Message-ID: <874kqrz0wv.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: ZDo4Lfi+MXfM zimoun skribis: > On Wed, 01 Jul 2020 at 14:17, Ludovic Court=C3=A8s wrote: > >> But of course, the new =E2=80=98introduction=E2=80=99 field of = won=E2=80=99t be >> recognized by older Guix versions. In that case, you should use the >> output of =E2=80=98guix describe -f channels-sans-intro=E2=80=99 as I wr= ote in the >> manual. > > Older Guix versions means the Scheme lib and not Inferiors, right? > > I mean, if I run using a Guix post-'introduction' "guix describe -f > channels", then I can run with another Guix post-'introduction' "guix > time-machine -C channels.scm", everything is fine. > > However, I cannot use this post-'introduction' channels.scm file with a > pre-'introduction' Guix and "guix time-machine -C channels.scm" fails, > right?=20 Yup! > Well, if now Eve has the control of an authorized key (for example the > Brett's one) then you cannot distinguish between past valid signatures > to current malicious ones, even if the key is revoked, right? Revocation in the OpenPGP sense doesn=E2=80=99t not matter at all. What ma= tters is whether the key is in =E2=80=98.guix-authorizations=E2=80=99. If we rem= ove if from there in commit X, then any commit descending from X that is signed by that key will be rejected. Past commits (ancestors of X) signed by that key are still considered authentic. Ludo=E2=80=99.