There's also some discussion on the scope of signatures here: https://github.com/NixOS/nix/issues/613
On Mon, Mar 28, 2016 at 9:15 AM, Thomas Hunger <[email protected]> wrote: > The manual has some info: > > https://nixos.org/nix/manual/#operation-generate-binary-cache-key > > It's a fairly straight forward private / public signing scheme. > > There's an example on how to verify integrity in the manual as well: > > https://nixos.org/nix/manual/#examples-23 > > ~ > > On 28 March 2016 at 13:17, Matthias Beyer <[email protected]> wrote: > >> Hi, >> >> How is package signing this done by nix and how does it work for >> nixpkgs/nixos? >> I'm searching for resources on this because of my bachelors thesis and >> I'm not >> quite sure nix already does signing and the like. >> >> So all the "big" package managers (apt, yum, pacman,...) do some gpg foo >> to sign >> packages. How does this work in a nix context? Do we sign packages? Does >> nix >> verify signatures? Do we sign expressions? >> >> Is there any literature out there? I'm starting reading Eelcos papers >> now, maybe >> I can find something in there... >> >> (The context I'm asking this in is for traceability and auditability, my >> thesis >> focuses on Agent based intrusion detection systems and how they do >> software >> installations.) >> >> -- >> Mit freundlichen Grüßen, >> Kind regards, >> Matthias Beyer >> >> Proudly sent with mutt. >> Happily signed with gnupg. >> >> _______________________________________________ >> nix-dev mailing list >> [email protected] >> http://lists.science.uu.nl/mailman/listinfo/nix-dev >> >> > > _______________________________________________ > nix-dev mailing list > [email protected] > http://lists.science.uu.nl/mailman/listinfo/nix-dev > >
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
