[Nix-dev] Sidestepping the community builds trust issue?
Tim Barbour
trb at categorical.net
Fri Dec 25 04:30:19 CET 2015
On Thu, 24 Dec 2015 21:21:03 +0000,
Anders Papitto wrote:
> I've seen several conversations centered on how to enable private individuals and/or companies to contribute to
> publicly available binary caches, without requiring end users to explicitly trust those private entities. The main
> problem, for which I'm not aware of a complete solution, is that there is no way to verify a build output provided
> by such a private entity is actually the result of an honest build.
> [...]
I have thought this way too, but perhaps it is wrong way around.
Perhaps it would be better to encourage private entities to provide binary
caches, regardless of their integrity, then check hashes between the caches.
Given a sufficient number of caches, any compromised cache should be quickly
detected by discrepancies in hashes (comparisons could be done by end users,
among others).
This reminds me of how a PGP-style web of trust is better than trusting a
central certificate authority to guarantee integrity.
Tim
More information about the nix-dev
mailing list