GNU bug report logs -
#30143
UX: print warning if substitute server is not authorized
Previous Next
Full log
View this message in rfc822 format
Chris Marusich <cmmarusich <at> gmail.com> writes:
> Ricardo Wurmus <ricardo.wurmus <at> mdc-berlin.de> writes:
>
>> Suppose I add example.com as a substitute server by passing
>> “--substitute-urls=https://example.com” to the daemon or the Guix
>> command line. I haven’t authorized the signing key, so Guix won’t
>> accept any of the substitutes from example.com.
>>
>> Currently, Guix does not make it obvious to the user that a requested
>> substitute server is ignored because its key is not authorized. We
>> should print a clear warning in this case.
>>
>> (guix scripts authenticate) already includes “validate-signature”, which
>> aborts with an error if the key is not authorized, but we don’t seem to
>> use it.
>
> What if example.com serves substitutes that are signed by another
> server, such as hydra.gnu.org? No matter where a substitute comes from,
> if it was signed with an authorized key and its signature checks out,
> then it's OK to use, right?
Correct.
--
Ricardo
This bug report was last modified 7 years and 186 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.