From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: bug#25094: Add comments to archive keys and acls Date: Fri, 2 Dec 2016 13:13:51 -0500 Message-ID: <20161202181351.GA30572@jasmine> References: <5841B184.4050802@crazy-compilers.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:41268) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cCsLY-0007Ll-Jp for bug-guix@gnu.org; Fri, 02 Dec 2016 13:14:09 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cCsLT-0007nG-0D for bug-guix@gnu.org; Fri, 02 Dec 2016 13:14:08 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:35198) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cCsLS-0007mA-Mn for bug-guix@gnu.org; Fri, 02 Dec 2016 13:14:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1cCsLS-0003nv-AM for bug-guix@gnu.org; Fri, 02 Dec 2016 13:14:02 -0500 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <5841B184.4050802@crazy-compilers.com> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Hartmut Goebel Cc: 25094@debbugs.gnu.org On Fri, Dec 02, 2016 at 06:38:12PM +0100, Hartmut Goebel wrote: > Hi, > > the keys for authenticating an archive currently do not hold any > comment. This makes it hard to track acls and remove certain keys if > required. Indeed, this makes key management a little harder than it needs to be. > Please implement some way to add and change the comment on keys in > /etc/guix/ and in /etc/guix/acl. > > Proposed usage when generating the key: > guix archive --generate-key=… --comment "store.example.com" > > Proposed usage when importing the key and overwriting any existing comment > > guix archive --authorize --comment "store.example.com" > > For now, since we have no commands for key management, these would be > enough IMO. Existing commenty an easily be changed in the file, so for > now we do not need a tool for this. I think that the comment should either be signed somehow, or the field name should be "untrusted-comment". OpenBSD's signify tool (which we have a port of in Guix) does this: ------ $ cat foo.pub untrusted comment: Leo's example public key RWRrY3me0s1DYDBfpcUKZ+ul9m8FgdZfz5+cHjxBabEsvDrjL/ecTeUL ------ Minisign, which is a 3rd party tool compatible with signify, also has trusted comments: https://github.com/jedisct1/minisign/blob/master/src/manpage.md#notes