all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: zimoun <zimon.toutoune@gmail.com>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: 42048@debbugs.gnu.org
Subject: [bug#42048] [PATCH 0/6] Authenticated channels for everyone!
Date: Wed, 01 Jul 2020 15:09:21 +0200	[thread overview]
Message-ID: <86a70j9ybi.fsf@gmail.com> (raw)
In-Reply-To: <87a70jzaxd.fsf@gnu.org>

On Wed, 01 Jul 2020 at 14:17, Ludovic Courtès <ludo@gnu.org> wrote:

> But of course, the new ‘introduction’ field of <channel> won’t be
> recognized by older Guix versions.  In that case, you should use the
> output of ‘guix describe -f channels-sans-intro’ as I wrote in the
> manual.

Older Guix versions means the Scheme lib and not Inferiors, right?

I mean, if I run using a Guix post-'introduction' "guix describe -f
channels", then I can run with another Guix post-'introduction' "guix
time-machine -C channels.scm", everything is fine.

However, I cannot use this post-'introduction' channels.scm file with a
pre-'introduction' Guix and "guix time-machine -C channels.scm" fails,
right? 


> In general, when a developer loses control over their key, another
> committer should remove it right away form ‘.guix-authorizations’.  (I
> did that today following Brett’s message, for example.)
>
> Signatures on past commits can still be verified and everything is fine.
> The (guix openpgp) code ignores key expiration and revocation; it “just”
> verifies signatures.
>
>> Today, everything is fine, I sign and I do in introduction.  Couple of
>> months (or even years) later, my key will be compromised and so I will
>> revoke it.  What happens if I do "guix time-machine -C"?
>
> That’s OK.  The keyring is distributed along with the channel still
> contains your key, with or without a revocation certificate, but that
> doesn’t prevent us from verifying signatures on past commits.  (This is
> different from what gpg does.)

It answers to my question about time-machine.  Thank you.
Now I have another one. :-)

Well, if now Eve has the control of an authorized key (for example the
Brett's one) then you cannot distinguish between past valid signatures
to current malicious ones, even if the key is revoked, right?

(It is not a practical issue but it is a possible scenario.)

Cheers,
simon




  reply	other threads:[~2020-07-01 13:10 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-06-25 21:04 [bug#42048] [PATCH 0/6] Authenticated channels for everyone! Ludovic Courtès
2020-06-25 21:16 ` [bug#42048] [PATCH 1/6] channels: Add 'openpgp-fingerprint->bytevector' Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 2/6] channels: Make channel introductions public Ludovic Courtès
2020-06-25 22:32     ` Kyle Meyer
2020-06-26  8:17       ` Ludovic Courtès
2020-06-27 17:07       ` Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 3/6] channels: Remove 'signature' from <channel-introduction> Ludovic Courtès
2020-06-30 14:35     ` Ricardo Wurmus
2020-06-30 15:15       ` Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 4/6] channels: Save and interpret 'introduction' field in provenance data Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 5/6] guix describe: Display channel introductions and add 'channels-sans-intro' Ludovic Courtès
2020-06-25 21:16   ` [bug#42048] [PATCH 6/6] services: provenance: Save channel introductions Ludovic Courtès
2020-06-30 15:53     ` Ricardo Wurmus
2020-06-30 20:28       ` Ludovic Courtès
2020-07-01  8:51         ` zimoun
2020-07-01 12:12           ` Ludovic Courtès
2020-07-01 12:49             ` zimoun
2020-07-01 17:05               ` Ludovic Courtès
2020-07-01 12:25         ` Ricardo Wurmus
2020-07-01 21:50           ` bug#42048: " Ludovic Courtès
2020-07-01  9:35 ` [bug#42048] [PATCH 0/6] Authenticated channels for everyone! zimoun
2020-07-01 12:17   ` Ludovic Courtès
2020-07-01 13:09     ` zimoun [this message]
2020-07-01 15:54       ` Ludovic Courtès

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=86a70j9ybi.fsf@gmail.com \
    --to=zimon.toutoune@gmail.com \
    --cc=42048@debbugs.gnu.org \
    --cc=ludo@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.