[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Signed archives
From: |
Nikita Karetnikov |
Subject: |
Re: Signed archives |
Date: |
Mon, 27 Jan 2014 19:36:59 +0400 |
Sorry, I’m failing to understand how the protocol works. Is the spec
available somewhere?
Could you describe the entire process in a step-by-step way? What does
happen when the client requests a substitute? You mentioned that the
client attempts to fetch the corresponding .narinfo file. What does
happen after that?
Why does the client need to cache the answer? Does it check the cache
first?
‘guix authenticate’ accepts a ‘hash-file’ argument. Does it come from
the .narinfo file? If so, should ‘substitute-binary.scm’ check the
signature against the NarHash field?
pgpYfJXrncnkF.pgp
Description: PGP signature