[Nix-dev] Authenticating binary substitutes
Eelco Dolstra
eelco.dolstra at logicblox.com
Wed May 22 23:22:40 CEST 2013
Hi,
On 22/05/13 15:19, Lluís Batlle i Rossell wrote:
>> How about: rather than relying on nix-cache-info, nix.conf should specify a list
>> of fingerprints of trusted OpenPGP signing keys. Then when we fetch a .narinfo,
>> we check whether it is signed by a trusted key. This way you don't have the
>> problem Lluís described.
>
> Well, if we use gpg, gpg has its own system of trust, too. Or it's about not
> using gpg?
Now that you mention it, it would probably be better to use OpenSSL than GnuPG,
given that we already have a (optional) dependency on OpenSSL, while GnuPG would
be a fairly big new dependency.
--
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
More information about the nix-dev
mailing list