[bug#42048] [PATCH 0/6] Authenticated channels for everyone!

[zimoun]

Hi Ludo,

On Thu, 25 Jun 2020 at 23:04, Ludovic Courtès <ludo@gnu.org> wrote:

> The most visible effect is that channel introductions are now
> part of the API and shown by ‘guix describe’.  It becomes a long-term
> commitment because we want to be able to pass the output of
> ‘guix describe -C channels’ or /run/current-system/channels.scm
> to ‘guix pull’ and ‘guix time-machine’ in the future.

How could I test this machinery with "guix time-machine"?

> Contrary to what I initially proposed¹, channel introductions are
> stripped to the bare minimum: a commit/fingerprint pair (as is
> currently the case on master, internally).  I figured it doesn’t
> buy us much to have the commit/fingerprint pair signed; what
> matters is that users obtain the introduction from a trusted
> source, and the signature wouldn’t help with that.  I also got
> rid of the idea of rendering introductions are opaque base64 blobs.

What happens when traveling in time if the key used by the signature has
been compromised?

Today, everything is fine, I sign and I do in introduction.  Couple of
months (or even years) later, my key will be compromised and so I will
revoke it.  What happens if I do "guix time-machine -C"?

Well, the question even applies to %default-channel?  Maybe you already
answered and I missed it.


Cheers,
simon