If web-of-trust is the best solution, and the only blocker is build reproducability, how about trying to classify build differences?
Each of the differences will have a reason, and either we can fix the build to be deterministic (e.g. timestamps, build paths), or we can classify a class of changes as equivalent (e.g. optimalizations resulting in equivalent code, prelinking). It could very well be that we cannot automatically determine if a set of builds is equivalent, and then the build will simply have to be done locally instead of downloaded. On Fri, Dec 25, 2015, 9:48 PM Tim Barbour <[email protected]> wrote: > I agree there is no conflict between your proposal and my suggestion. > The reason I mentioned it is that I do not like the idea of relying on > a single trusted party for security (to whic your proposal makes no > difference, because the trusted party will control all build > machines). If someone (use your imagination) wanted to be able to gain > access to any nixos machine, they would be tempted to compromise the > centrally controlled builds. > > Therefore I think we should encourage people to run build systems, > whether centrally controlled or not. > > Tim > _______________________________________________ > nix-dev mailing list > [email protected] > http://lists.science.uu.nl/mailman/listinfo/nix-dev > -- Wout. (typed on mobile, excuse terseness)
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
