Ah, if the set of trusted people is a relatively small group of people someone like Eelco has met in person, then I'm much happier. When I first saw the suggestion, I was imagining some sort of seti@home kind of thing.
Thanks, James On 21 January 2015 at 18:30, stewart mackenzie <setor...@gmail.com> wrote: > I also refer to the use of Content Centric Networking (CCN) or Named > Data Networking (NDN) to disseminate binaries. > Please note, CCN builds security into the TCP/IP overlay protocol. > > So a binary is automatically signed by a "trusted" NixOS maintainer > whom is also running a private hydra node. > > Typically in these types of situations when a web of trust is formed, > one attends meetings > bringing along some kind of official identification. > One shows the identification to other nixers and then hands over the public > key. > The list of trusted keys is then signed by a globally trusted member - > eelco comes to mind. > This key list can be disseminated via CCN to all other hydra nodes and > Nix/NixOS nodes. > > When a Nix node wants a package it asks its CCN library. > If the binary (which has been signed by a trusted maintainer) is not > in the CCN's local Least Recently Used buffer, > it floods the request to other Nix/NixOS + Hydra nodes. That binary is > then copied leaving a breadcrumb trail > through the graph. Any future close proximity requests for that > package will then find it quicker somewhere > an the breadcrumb trail. > > I believe this article gets to the root of my argument regarding > living on master: > homing-on-code.blogspot.hk/2015/01/code-rot-openbsd.html (read the > "OpenBSD" section) > > Kind regards > Stewart > > On Thu, Jan 22, 2015 at 9:51 AM, James Cook <james.c...@utoronto.ca> wrote: >> On 21 January 2015 at 17:25, stewart mackenzie <setor...@gmail.com> wrote: >>> James you execute code that wasn't written on your machine all the >>> time. What difference is there between not tursting the code writer vs >>> code compiler? >>> >>> Use a web of trust certificate system of course. >>> >>> Anyway if we could find away to live on master I think we'll get more >>> momentum. >> >> (Did you mean to reply-all? Feel free to include my response too if you did.) >> >> Using a web of trust or something like that partly mitigates the >> problem. I am still worried, though. >> >> Code committed to open source projects can be reviewed later. If >> someone submits a malicious binary, how will anyone ever know? So my >> bar for trusting binaries is much higher than my bar for trusting >> source from a popular open source project. >> >> I agree that it would be nice to live on master. I agree with >> Alexander that it would be nice to have a ballpark figure for what is >> needed. Maybe this can just be solved with donations of money. >> >> James _______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
