Re: Guix and remote trust - Pierre Neidhardt

unofficial mirror of help-guix@gnu.org 
 help / color / mirror / Atom feed

From: Pierre Neidhardt <mail@ambrevar.xyz>
To: zimoun <zimon.toutoune@gmail.com>
Cc: help-guix <help-guix@gnu.org>
Subject: Re: Guix and remote trust
Date: Fri, 13 Dec 2019 13:24:08 +0100	[thread overview]
Message-ID: <8736doct1z.fsf@ambrevar.xyz> (raw)
In-Reply-To: <CAJ3okZ0bfTPi60rjKL8mSNjr_Gp-FNd=1XJx22-FfwYe_R32mQ@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1142 bytes --]

zimoun <zimon.toutoune@gmail.com> writes:

> Your question is: how can Alice be sure that she runs the same
> binaries on aneto and balaitou? other said how can she detect baloitou
> has been compromised?
> Is it your use-case?

Yes, you got it right! :)

> If yes, Alice can :
>
>  1. check the integrity on the balaitou machine by running "guix gc --verify"

I'm not sure this works because if `guix' itself is compromised, 
`guix gc --verify' becomes irrelevant.  Or is there another way?

>  2. publish the store of aneto with "guix publish"

And then install packages from balaitou?  But if Balaitou's "guix" is
compromised, it does not matter that the substitute server is trusted.

Or did you mean something else?

>  3. challenge the store of balaitou against the store of aneto with
> "guix challenge"

This seems like a good option.  In particular, this should verify "guix"
itself, and thus everything else.

So I'd reverse your point.  By first challenging Balaitou, we can trust
the guix executable and from there we can run 1. and 2.

Thoughts?

-- 
Pierre Neidhardt
https://ambrevar.xyz/

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]

next prev parent reply	other threads:[~2019-12-13 12:24 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-12 14:23 Guix and remote trust Pierre Neidhardt
2019-12-12 16:55 ` Christopher Baines
2019-12-13  8:48   ` Pierre Neidhardt
2019-12-13 11:05     ` zimoun
2019-12-13 12:24       ` Pierre Neidhardt [this message]
2019-12-13 12:50         ` zimoun
2019-12-13 13:05           ` Josh Marshall
2019-12-13 13:22             ` Pierre Neidhardt
2019-12-13 13:18           ` Pierre Neidhardt
2019-12-13 13:38             ` Pierre Neidhardt
2019-12-13 15:26               ` zimoun

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=8736doct1z.fsf@ambrevar.xyz \
    --to=mail@ambrevar.xyz \
    --cc=help-guix@gnu.org \
    --cc=zimon.toutoune@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).