all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* [bug#42048] [PATCH 0/6] Authenticated channels for everyone!
@ 2020-06-25 21:04 Ludovic Courtès
  2020-06-25 21:16 ` [bug#42048] [PATCH 1/6] channels: Add 'openpgp-fingerprint->bytevector' Ludovic Courtès
  2020-07-01  9:35 ` [bug#42048] [PATCH 0/6] Authenticated channels for everyone! zimoun
  0 siblings, 2 replies; 24+ messages in thread
From: Ludovic Courtès @ 2020-06-25 21:04 UTC (permalink / raw)
  To: 42048; +Cc: Ludovic Courtès

Hello Guix!

This patch series follows up on channel authentication support:

  https://issues.guix.gnu.org/41767

This time the goal is to expose and document the authentication
mechanism so that third-party channel authors can use it.  This
should be the last series on this theme in the foreseeable
future.  :-)

The most visible effect is that channel introductions are now
part of the API and shown by ‘guix describe’.  It becomes a long-term
commitment because we want to be able to pass the output of
‘guix describe -C channels’ or /run/current-system/channels.scm
to ‘guix pull’ and ‘guix time-machine’ in the future.

Contrary to what I initially proposed¹, channel introductions are
stripped to the bare minimum: a commit/fingerprint pair (as is
currently the case on master, internally).  I figured it doesn’t
buy us much to have the commit/fingerprint pair signed; what
matters is that users obtain the introduction from a trusted
source, and the signature wouldn’t help with that.  I also got
rid of the idea of rendering introductions are opaque base64 blobs.

In the manual I tried to distinguish instructions for users
(“what do I need to put in my channels.scm file?”) from
instructions for channel authors (“how do I allow users of my
channel to authenticate it?”).

If people have a channel that they’d like to make “authenticable”,
please do try and report back!  You can even test with master,
you only need to add ‘@@’ to access (guix channels) internals
to create the introduction.

Feedback welcome!

Thanks,
Ludo’.

¹ https://issues.guix.gnu.org/issue/22883#69



Ludovic Courtès (6):
  channels: Add 'openpgp-fingerprint->bytevector'.
  channels: Make channel introductions public.
  channels: Remove 'signature' from <channel-introduction>.
  channels: Save and interpret 'introduction' field in provenance data.
  guix describe: Display channel introductions and add
    'channels-sans-intro'.
  services: provenance: Save channel introductions.

 doc/guix.texi             | 130 +++++++++++++++++++++++++++++++++++++-
 gnu/services.scm          |  26 ++++++--
 guix/channels.scm         |  86 +++++++++++++++++++------
 guix/scripts/describe.scm |  56 +++++++++++++---
 guix/scripts/system.scm   |   4 +-
 tests/channels.scm        |  10 ++-
 6 files changed, 269 insertions(+), 43 deletions(-)

-- 
2.26.2





^ permalink raw reply	[flat|nested] 24+ messages in thread

end of thread, other threads:[~2020-07-01 21:51 UTC | newest]

Thread overview: 24+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-06-25 21:04 [bug#42048] [PATCH 0/6] Authenticated channels for everyone! Ludovic Courtès
2020-06-25 21:16 ` [bug#42048] [PATCH 1/6] channels: Add 'openpgp-fingerprint->bytevector' Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 2/6] channels: Make channel introductions public Ludovic Courtès
2020-06-25 22:32     ` Kyle Meyer
2020-06-26  8:17       ` Ludovic Courtès
2020-06-27 17:07       ` Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 3/6] channels: Remove 'signature' from <channel-introduction> Ludovic Courtès
2020-06-30 14:35     ` Ricardo Wurmus
2020-06-30 15:15       ` Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 4/6] channels: Save and interpret 'introduction' field in provenance data Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 5/6] guix describe: Display channel introductions and add 'channels-sans-intro' Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 6/6] services: provenance: Save channel introductions Ludovic Courtès
2020-06-30 15:53     ` Ricardo Wurmus
2020-06-30 20:28       ` Ludovic Courtès
2020-07-01  8:51         ` zimoun
2020-07-01 12:12           ` Ludovic Courtès
2020-07-01 12:49             ` zimoun
2020-07-01 17:05               ` Ludovic Courtès
2020-07-01 12:25         ` Ricardo Wurmus
2020-07-01 21:50           ` bug#42048: " Ludovic Courtès
2020-07-01  9:35 ` [bug#42048] [PATCH 0/6] Authenticated channels for everyone! zimoun
2020-07-01 12:17   ` Ludovic Courtès
2020-07-01 13:09     ` zimoun
2020-07-01 15:54       ` Ludovic Courtès

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.