Re: [gnu-prog-discuss] Introducing GNU Guix

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnu-prog-discuss] Introducing GNU Guix

From:	Niels Möller
Subject:	Re: [gnu-prog-discuss] Introducing GNU Guix
Date:	Fri, 23 Nov 2012 21:21:02 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/23.2 (usg-unix-v)

address@hidden (Ludovic Courtès) writes:

> The TODO item about signatures is to verify the OpenPGP signature that
> comes with GNU packages.

I see, then you don't have much choice on signature format. And I agree
it's a useful feature.

You might like expressing authorizations as sexps (and I guess its
possible to use the spki machinery even with alien input formats like
openpgp).

I was thinking of using spki delegations for things like "this key can
authorize installation of packages from these urls" or "this key is
authorized to install files in this subtree in the file system". But I
haven't thought carefully about how that should work.

Happy hacking,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [gnu-prog-discuss] Introducing GNU Guix, Niels Möller, 2012/11/23
- Re: [gnu-prog-discuss] Introducing GNU Guix, Ludovic Courtès, 2012/11/23
  - Re: [gnu-prog-discuss] Introducing GNU Guix, Niels Möller <=
    - Re: [gnu-prog-discuss] Introducing GNU Guix, Ludovic Courtès, 2012/11/23

Prev by Date: Re: [gnu-prog-discuss] Introducing GNU Guix
Next by Date: [PATCH] distro: Add GNU Gettext.
Previous by thread: Re: [gnu-prog-discuss] Introducing GNU Guix
Next by thread: Re: [gnu-prog-discuss] Introducing GNU Guix
Index(es):
- Date
- Thread