bug#30143: UX: print warning if substitute server is not authorized

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#30143: UX: print warning if substitute server is not authorized

From:	Ricardo Wurmus
Subject:	bug#30143: UX: print warning if substitute server is not authorized
Date:	Tue, 23 Jan 2018 07:50:02 +0100
User-agent:	mu4e 1.0-alpha3; emacs 25.3.1

Chris Marusich <address@hidden> writes:

> Ricardo Wurmus <address@hidden> writes:
>
>> Suppose I add example.com as a substitute server by passing
>> “--substitute-urls=https://example.com” to the daemon or the Guix
>> command line.  I haven’t authorized the signing key, so Guix won’t
>> accept any of the substitutes from example.com.
>>
>> Currently, Guix does not make it obvious to the user that a requested
>> substitute server is ignored because its key is not authorized.  We
>> should print a clear warning in this case.
>>
>> (guix scripts authenticate) already includes “validate-signature”, which
>> aborts with an error if the key is not authorized, but we don’t seem to
>> use it.
>
> What if example.com serves substitutes that are signed by another
> server, such as hydra.gnu.org?  No matter where a substitute comes from,
> if it was signed with an authorized key and its signature checks out,
> then it's OK to use, right?

Correct.

-- 
Ricardo

[Prev in Thread]

Current Thread

[Next in Thread]

bug#30143: UX: print warning if substitute server is not authorized, Ricardo Wurmus, 2018/01/17
- bug#30143: UX: print warning if substitute server is not authorized, Chris Marusich, 2018/01/22
  - bug#30143: UX: print warning if substitute server is not authorized, Ricardo Wurmus <=

Prev by Date: bug#30116: [PATCH] `substitute' crashes when file contains NUL characters (core-updates)
Next by Date: bug#30210: pandoc not reproducible
Previous by thread: bug#30143: UX: print warning if substitute server is not authorized
Next by thread: bug#28111: qemu testsuite fails
Index(es):
- Date
- Thread