[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

11/66: ccs-2021: Complete introductions.

From: Ludovic Courtès
Subject: 11/66: ccs-2021: Complete introductions.
Date: Wed, 29 Jun 2022 11:31:58 -0400 (EDT)

civodul pushed a commit to branch master
in repository maintenance.

commit de546ac7220c62b12870b2ed20da39e7fd552b82
Author: Ludovic Courtès <>
AuthorDate: Mon May 3 13:49:35 2021 +0200

    ccs-2021: Complete introductions.
 doc/ccs-2021/supply-chain.skb | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/doc/ccs-2021/supply-chain.skb b/doc/ccs-2021/supply-chain.skb
index d1c0b53..7e7174b 100644
--- a/doc/ccs-2021/supply-chain.skb
+++ b/doc/ccs-2021/supply-chain.skb
@@ -207,7 +207,18 @@ of its design.])
       (p [This paper describes the design and implementation of Guix’s
 secure update mechanism.  ,(numref :text [Section] :ident "background")
 gives background information necessary to understand the overall
-deployment model of Guix.  FIXME: complete]))
+deployment model of Guix.  ,(numref :text [Section] :ident "rationale")
+presents our goals and threat model for the design of secure updates.
+,(numref :text [Section] :ident "authenticating") describes our design
+of a Git checkout authentication mechanism and ,(numref :text [Section]
+:ident "bootstrapping") discusses trust establishment.  ,(numref :text
+[Section] :ident "downgrade") shows how we address downgrade attacks
+while ,(numref :text [Section] :ident "mirrors") focuses on the related
+risk of distributing stale revisions.  In ,(numref :text [Section]
+:ident "implementation") we provide key elements of the implementation
+and report on our early experience.  Last, ,(numref :text [Section]
+:ident "related") compares to related work and ,(numref :text [Section]
+:ident "conclusion") concludes.]))
    (chapter :title [Background] :ident "background"
@@ -659,6 +670,7 @@ satisfy the graph theorist or the Git geek in you, but if 
you are up for
 a quick tour of the implementation, the next section is for you!]))
    (chapter :title [Implementation]
+      :ident "implementation"
       (p [Channel authentication as described above is now used in
 production.  This section documents the reasoning behind some of the

reply via email to

[Prev in Thread] Current Thread [Next in Thread]