[Nix-dev] Sidestepping the community builds trust issue?
Daniel Peebles
pumpkingod at gmail.com
Fri Dec 25 05:06:57 CET 2015
That would be great if we had deterministic build outputs, but we currently
have no easy way of determining whether a binary cache is corrupt or
whether a build was nondeterministic.
On Thu, Dec 24, 2015 at 10:30 PM, Tim Barbour <trb at categorical.net> wrote:
> On Thu, 24 Dec 2015 21:21:03 +0000,
> Anders Papitto wrote:
> > I've seen several conversations centered on how to enable private
> individuals and/or companies to contribute to
> > publicly available binary caches, without requiring end users to
> explicitly trust those private entities. The main
> > problem, for which I'm not aware of a complete solution, is that there
> is no way to verify a build output provided
> > by such a private entity is actually the result of an honest build.
> > [...]
>
> I have thought this way too, but perhaps it is wrong way around.
>
> Perhaps it would be better to encourage private entities to provide binary
> caches, regardless of their integrity, then check hashes between the
> caches.
> Given a sufficient number of caches, any compromised cache should be
> quickly
> detected by discrepancies in hashes (comparisons could be done by end
> users,
> among others).
>
> This reminds me of how a PGP-style web of trust is better than trusting a
> central certificate authority to guarantee integrity.
>
> Tim
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20151224/a0b30ce4/attachment.html
More information about the nix-dev
mailing list