guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Signed archives


From: Nikita Karetnikov
Subject: Re: Signed archives
Date: Mon, 27 Jan 2014 19:36:59 +0400

Sorry, I’m failing to understand how the protocol works.  Is the spec
available somewhere?

Could you describe the entire process in a step-by-step way?  What does
happen when the client requests a substitute?  You mentioned that the
client attempts to fetch the corresponding .narinfo file.  What does
happen after that?

Why does the client need to cache the answer?  Does it check the cache
first?

‘guix authenticate’ accepts a ‘hash-file’ argument.  Does it come from
the .narinfo file?  If so, should ‘substitute-binary.scm’ check the
signature against the NarHash field?

Attachment: pgpYfJXrncnkF.pgp
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]