[Nix-dev] Signed git
Vladimír Čunát
vcunat at gmail.com
Fri Feb 26 09:50:59 CET 2016
On 02/26/2016 08:19 AM, S3 wrote:
> So, as far as I can tell, nothing is signed.
The binary caches are signed by the build farm, i.e. the mapping from
expressions to binaries is "safe". That's probably the only signing ATM.
For transporting nix expressions we offer https.
Disclaimer: I'm no security expert. And I dislike giving a false feeling
of security.
Note that we have >70 people with push access to nixpkgs. Those are
random people who contributed larger parts of useful stuff. Even if we
did sign by a single key that you presumably trust, that person really
wouldn't be able to guarantee that the contents hasn't been tampered with.
Getting everyone sign their commits would give us accountability in case
some of us did something malicious (or github). Would that be a
significant improvement? I'm not certain, but we might do it as the next
step.
--Vladimir
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3771 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160226/d5d299c0/attachment-0001.bin
More information about the nix-dev
mailing list