From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-science-bounces+larch=yhetil.org@gnu.org>
Received: from mp12.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms5.migadu.com with LMTPS
	id uI03D8F/LWPCQwAAbAwnHQ
	(envelope-from <guix-science-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Fri, 23 Sep 2022 11:43:29 +0200
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp12.migadu.com with LMTPS
	id QOsBD8F/LWNjAQEAauVa8A
	(envelope-from <guix-science-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Fri, 23 Sep 2022 11:43:29 +0200
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id D708C2ECB5
	for <larch@yhetil.org>; Fri, 23 Sep 2022 11:43:28 +0200 (CEST)
Received: from localhost ([::1]:51152 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-science-bounces+larch=yhetil.org@gnu.org>)
	id 1obfDT-0005hr-Lm
	for larch@yhetil.org; Fri, 23 Sep 2022 05:43:27 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:40546)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <zimon.toutoune@gmail.com>)
 id 1obew4-0002OI-6Z
 for guix-science@gnu.org; Fri, 23 Sep 2022 05:25:29 -0400
Received: from mail-wm1-x332.google.com ([2a00:1450:4864:20::332]:50728)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <zimon.toutoune@gmail.com>)
 id 1obew2-0008F9-Cp
 for guix-science@gnu.org; Fri, 23 Sep 2022 05:25:27 -0400
Received: by mail-wm1-x332.google.com with SMTP id ay36so8371504wmb.0
 for <guix-science@gnu.org>; Fri, 23 Sep 2022 02:25:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:from:to:cc:subject:date;
 bh=3x6pg6eaQL+u/LF+VGyKEBKlhC3bb7Jh5LQbutyWHWA=;
 b=n+DGSIrOkv0xKddax40B+JBPgI6arIi38tE6Sm+OIev2fvsk/X4yjwqKGMbtZFIjo5
 N6M21hrC79746BfvaJphIU5LAjYoJy8a8aVDEO17wbA5TfPal0On6OTfTwfQdayogL35
 9tMUQPoaAD7N7HtLNjlCwrLzPp0Q6pNt0x+H92ZliEzI94uTj5p0NGw6KCPtTJdiflq7
 Hxw56ufq4IhAoj916IzoharXb0UbDyrl5zKbNUaRboLdaxlUWFmIcZydCBz0hOJt8abW
 /d7WXQ9MP58qr0MS5sprCXzXhTdu34L2wWLEtTuRUem/5lO548rZ1bMquBXil8lZf1Dk
 lrcA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date;
 bh=3x6pg6eaQL+u/LF+VGyKEBKlhC3bb7Jh5LQbutyWHWA=;
 b=NYGaRaW3EzNYgOrzZcpYfNqBtgLPypCRp4JIsc1mLri9JIPlA78jQel3lfNZEF7B/C
 UsAMOcKQiuyaDh2HfMYJolWEpAAhHnCJCqHYdGW6oUS67sNKMerhzbiefw4OP364EwJG
 vTH4f4dvLaFf/vblmBkCMknyZREOQkLfqmiKwgk86vUBWtu+Rcc6eV1CJlGK3DaflhHu
 6dQiM8o+uiCKavqyR2QJOVTmUd8czPL5AkjkZ8JFAju/N+YwuxZGcEPlUy5NU/cXI2rr
 IgxCcqzC+ysqpcFi7fKKU96D1szVap8deV8Ejhk9q4O+fy+z5vH5YpwAN9/cQeQ27JGq
 rksg==
X-Gm-Message-State: ACrzQf1AMsYgmdyXsochuYbN0catXJ7VTnyg1VhnsJJZwS5FPZ0DEJm5
 lqtHz8ayXC8ziAE1j9hU6Nj4vLbtmaA=
X-Google-Smtp-Source: AMsMyM449h6YORtePBljVVRrlJmxfjBCeKWKSsUHjqbHizufrVT3OUGkfZC7JVXpUmKukuHB/mBNlg==
X-Received: by 2002:a7b:c303:0:b0:3b4:6e89:e5d5 with SMTP id
 k3-20020a7bc303000000b003b46e89e5d5mr5227988wmj.111.1663925124213; 
 Fri, 23 Sep 2022 02:25:24 -0700 (PDT)
Received: from pfiuh07 ([193.48.40.241]) by smtp.gmail.com with ESMTPSA id
 n13-20020adfe34d000000b002285f73f11dsm8460197wrj.81.2022.09.23.02.25.23
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 23 Sep 2022 02:25:23 -0700 (PDT)
From: zimoun <zimon.toutoune@gmail.com>
To: Ricardo Wurmus <rekado@elephly.net>
Cc: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludovic.courtes@inria.fr>, Konrad Hinsen
 <konrad.hinsen@fastmail.net>, guix-science@gnu.org
Subject: Re: Help! I messed up guix-past
In-Reply-To: <87edwjmgvz.fsf@elephly.net>
References: <m1mtb87f3r.fsf@fastmail.net>
 <CAJ3okZ0hohrWoLfLcXi2VrAiyK2xH6=cwwB9i=S6PbAfqdh+dw@mail.gmail.com>
 <m1k06c7cky.fsf@fastmail.net> <86v8pwo39x.fsf@gmail.com>
 <m1edwj7k5c.fsf@fastmail.net> <87y1ur34np.fsf@gnu.org>
 <86v8pv5x70.fsf@gmail.com> <87edwjmgvz.fsf@elephly.net>
Date: Mon, 12 Sep 2022 18:00:36 +0200
Message-ID: <877d28eg63.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=2a00:1450:4864:20::332;
 envelope-from=zimon.toutoune@gmail.com; helo=mail-wm1-x332.google.com
X-Spam_score_int: 13
X-Spam_score: 1.3
X-Spam_bar: +
X-Spam_report: (1.3 / 5.0 requ) BAYES_00=-1.9, DATE_IN_PAST_96_XX=3.405,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: guix-science@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <guix-science.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-science>,
 <mailto:guix-science-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-science>
List-Post: <mailto:guix-science@gnu.org>
List-Help: <mailto:guix-science-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-science>,
 <mailto:guix-science-request@gnu.org?subject=subscribe>
Errors-To: guix-science-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-Science" <guix-science-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
X-Migadu-To: larch@yhetil.org
X-Migadu-Country: US
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1663926208;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post:dkim-signature;
	bh=3x6pg6eaQL+u/LF+VGyKEBKlhC3bb7Jh5LQbutyWHWA=;
	b=pcaJTvxieeIDi7iPBUj+w968VLvjMH+uZjMsYjrhYMFNtK6YLJU/BmgS91netzPndDwTys
	rWGPLB4rgtO9ze7jOcTnhkwYC1vf+RBnbsCgeSuMF7MuF9oegQAXUGR9dHGaay55et8v+F
	xcBE7vmp/pIo5VvZcdxEOJ4VJJC6qwMvAwBVwrzOkuGtsPoaWF97KaTnqEJhWx+cv8sRlG
	aXgSOU7Q439lq0lP0EvBoRwh8QW4LOa2na01Yt8mtpTQx3itW9xBn8lCWtUgUug+AyEb1S
	1XJTBs/SVxVNDqf8QiRe1bMlOj41345DCKSjtgThqRcXe+Xd2lyVWe9ooZCJsg==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1663926208; a=rsa-sha256; cv=none;
	b=uVhqg0dMGwwOx2KapKYl53iPTcfCFU1Kn/I8fk0fl/OLGWp259x3mzEWllua13ICQeNe4m
	wi2CSCo53h54gzWKJlZs8c0SPBdPjXUsPO59uT7UA0u5Dn79XoSWTj5q6RRvpP4Cf1g79z
	vMHLhN5SsE7m50Yn2hFKmJK+mQ8b9MjsI4+fwTs0KxMjbfpTqCKFAfICS9/C2jkscgs4r1
	eQeCUF9Uh5gxS/1Q9Kf1GO/qqksWhGnV9IxoL5sFuct1tSrz4zCCGO+di3PhYgXHFHzcuA
	6g7ncTVTU2JcnFphNCQY8I/yjuhOahm4B9tPITSXog2/6qL+tlwjcyJooF/c/g==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=n+DGSIrO;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (aspmx1.migadu.com: domain of "guix-science-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-science-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Spam-Score: -1.35
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=n+DGSIrO;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (aspmx1.migadu.com: domain of "guix-science-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-science-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Queue-Id: D708C2ECB5
X-Spam-Score: -1.35
X-Migadu-Scanner: scn1.migadu.com
X-TUID: rQgR57Pozvo2

Hi,

On sam., 10 sept. 2022 at 16:39, Ricardo Wurmus <rekado@elephly.net> wrote:

>> From my point of view, authentication of guix-past adds more burden than
>> it solves concrete issues of real problem.
>>
>> I suggest to just drop the authentication for this channel.
>
> I disagree.

Well, if we disagree here then it is rare enough to be notified.  Or
maybe we miscommunicate. :-)


> Channels are an easy way to get a lot of people to run hostile code.
> Authentication ensures that the authors of Guix Past don=E2=80=99t sneak =
in bad
> code that is then evaluated by Guix =E2=80=94 no matter if you install pa=
ckages
> from Guix Past or not.

I was meaning =E2=80=99signed commit=E2=80=99 as authentication.

I do not see how signed commits prevent hostile code; because this
hostile code must be pushed to the Gitlab instance in the first place.

Signed commit acts as =E2=80=9Cdouble-authentication=E2=80=9D for authentic=
ating the
person responsible of the commit.  The attacker needs to control two
=E2=80=9Cchannels=E2=80=9C of =E2=80=9Ccommunication=E2=80=9D: the remote G=
it server and the local GPG
thing.

I agree signed commits is necessary for Guix itself or else but I am not
convinced of its interest for guix-past.

As shown elsewhere in the thread, just a channel configuration where the
introduction is not noticed and then =E2=80=9Cguix pull=E2=80=9D is happy.

And I am not convinced that the regular scientists really take care
about these subtleties of GPG.  Obviously, that=E2=80=99s not an argument. =
;-)

I restate that signed commits (authentication) add more burden for the
channel guix-past than it solves concrete issues.

Maybe we do not share the same point of view of this topic. :-)

Cheers,
simon